Checkmarx

Last updated
Checkmarx
Company typePrivate
Industry Software Security, Application security
Founded2006
FounderMaty Siman (CTO), Emmanuel Benzaquen (Former CEO)
HeadquartersAtlanta, Georgia, US
Key people
 Sandeep Johri (CEO)
Website checkmarx.com

Checkmarx is an enterprise application security company headquartered in Atlanta, Georgia in the United States. [1]

Contents

History

Checkmarx was founded in 2006 by Maty Siman, the company's CTO, and Emmanuel Benzaquen, former CEO (2006 – 2023), and has over 900 employees. [2] [1] Sandeep Johri has been serving as the CEO since February of 2023. The application security platform was designed for CISOs, AppSec managers, security advisors, and software developers.

On July 17, 2017, Checkmarx acquired Codebashing and started offering it as a service to help developers learn secure coding practices with gamified modules in their chosen programming language. [3] In 2018, it also acquired Custodela, a company that provides software security program development as well as consulting services. [4] [5]

Checkmarx was acquired in April 2020 by Hellman & Friedman, a private equity firm with headquarters in San Francisco.

In August 2021, Checkmarx acquired Dustico, a software that detects backdoors and malicious attacks in the software supply chain. [6]

In 2021, the company launched Checkmarx One, a cloud-native Enterprise Application Security platform, which became its most known product. It offers enterprises a full suite of application security testing tools to enable DevSecOps, including static application security testing (SAST), dynamic application security testing (DAST), Software Composition Analysis (SCA), supply chain security (SCS), API security, container security, infrastructure as code security (KICS), [7] as well as CheckMarx Codebashing. [1] [8]

Application Security Research

Checkmarx's research department is known for uncovering technical vulnerabilities in popular technologies, software, applications, and IoT devices. [2]

In November 2019, the company's security research team uncovered a number of vulnerabilities affecting Google and Samsung smartphones. The vulnerabilities allowed an attacker to take remote control of smartphone apps, giving them the ability to take photos, record video and conversations, and identify the phone's location. The research team submitted a report to the Android security team at Google and continued to provide feedback as the vulnerabilities were addressed. [9] [10]

In January 2020, Checkmarx detailed multiple security vulnerabilities with the Trifo Ironpie robot vacuum. [11] The company has also uncovered issues with Amazon Alexa, [12] [13] Meetup, [14] and Tinder, [15] [16] among others.

In August 2022, Checkmarx researchers found vulnerabilities in the Ring Android app, which could have allowed malicious applications to be installed on the user's phone to expose personal data, geolocation, and camera recordings. [17]

Funding

Checkmarx's early investors include Salesforce, which remains a partner as Checkmarx provides security reviews for the Salesforce AppExchange. [18] [19] [20] In 2015, U.S. private equity and venture capital firm Insight Partners acquired Checkmarx for $84 million. [20] [1] [2]

In April 2020, private equity firm Hellman & Friedman, alongside private investment firm TPG, [21] acquired Checkmarx for $1.15 billion. [1] [2] [22] After the acquisition, Insight Partners retained a minority interest in the company. [1] [23]

See also

Related Research Articles

<span class="mw-page-title-main">Trend Micro</span> Japanese multinational cyber security company

Trend Micro Inc. is an American-Japanese cyber security software company. The company has globally dispersed R&D in 16 locations across every continent excluding Antarctica. The company develops enterprise security software for servers, containers, & cloud computing environments, networks, and end points. Its cloud and virtualization security products provide automated security for customers of VMware, Amazon AWS, Microsoft Azure, and Google Cloud Platform.

<span class="mw-page-title-main">Avast</span> Czech security software company

Avast Software s.r.o. is a Czech multinational cybersecurity software company headquartered in Prague, Czech Republic, that researches and develops computer security software, machine learning, and artificial intelligence. Avast has more than 435 million monthly active users and the second largest market share among anti-malware application vendors worldwide as of April 2020. The company has approximately 1,700 employees across its 25 offices worldwide. In July 2021, NortonLifeLock, an American cybersecurity company, announced that it was in talks to merge with Avast Software. In August 2021, Avast's board of directors agreed to an offer of US$8 billion.

<span class="mw-page-title-main">Salesforce</span> American software company

Salesforce, Inc. is an American cloud-based software company headquartered in San Francisco, California. It provides customer relationship management (CRM) software and applications focused on sales, customer service, marketing automation, e-commerce, analytics, and application development.

<span class="mw-page-title-main">Insight Partners</span> American investment manager

Insight Partners is a global venture capital and private equity firm that invests in high-growth technology, software, and Internet businesses. The company is headquartered in New York City, with offices in London, Tel Aviv, and Palo Alto.

<span class="mw-page-title-main">Malwarebytes</span> Internet security company

Malwarebytes Inc. is an American Internet security company that specializes in protecting home computers, smartphones, and companies from malware and other threats. It has offices in Santa Clara, California; Clearwater, Florida; Tallinn, Estonia; Bastia Umbra, Italy; and Cork, Ireland.

Veracode is an application security company based in Burlington, Massachusetts. Founded in 2006, it provides SaaS application security that integrates application analysis into development pipelines.

Waze Mobile Ltd, doing business as Waze, formerly FreeMap Israel, is a subsidiary company of Google that provides satellite navigation software on smartphones and other computers that support the Global Positioning System (GPS). In addition to turn-by-turn navigation, it incorporates user-submitted travel times and route details while downloading location-dependent information over a cellular network. Waze describes its application as a community-driven initiative that is free to download and use.

Avira Operations GmbH & Co. KG is a German multinational computer security software company mainly known for its Avira Free Security antivirus software. Although founded in 2006, the Avira antivirus application has been under active development since 1986 through its predecessor company H+BEDV Datentechnik GmbH. Since 2021, Avira has been owned by American software company NortonLifeLock, which also operates Norton, Avast and AVG. It was previously owned by investment firm Investcorp.

New Relic, Inc. is an American web tracking and analytics company based in San Francisco. The company's cloud-based software allows websites and mobile apps to track user interactions and service operators' software and hardware performance.

MuleSoft, LLC. is a software company headquartered in San Francisco, California, that provides integration software for connecting applications, data and devices, founded in 2006. The company's Anypoint Platform of integration products is designed to integrate software as a service (SaaS), on-premises software, legacy systems and other platforms.

Zimperium, Inc. is a privately owned mobile security company based in the United States and headquartered in Dallas, Texas. Zimperium provides a mobile security platform purpose-built for enterprise environments.

<span class="mw-page-title-main">Dynatrace</span> American technology company

Dynatrace, Inc. is a global technology company that provides a software observability platform based on artificial intelligence (AI) and automation. Dynatrace technologies are used to monitor, analyze, and optimize application performance, software development and security practices, IT infrastructure, and user experience for businesses and government agencies throughout the world.

Perforce Software, Inc. is an American developer of software used for developing and running applications, including version control software, web-based repository management, developer collaboration, application lifecycle management, web application servers, debugging tools, platform automation, and agile planning software.

<span class="mw-page-title-main">Tricentis</span> Austrian software testing company

Tricentis is a software testing company founded in 2007 and headquartered in Austin, Texas. It provides software testing automation and software quality assurance products for enterprise software.

<span class="mw-page-title-main">Gili Raanan</span> Israeli inventor

Gili Raanan is an Israeli venture capitalist and one of the inventors of CAPTCHA, the WAF and many other inventions in the fields of Cybersecurity. Raanan started Sanctum in 1997, and rolled out the first Web application firewall AppShield and the first Web application penetration testing software AppScan. He later started NLayers which was acquired by EMC Corporation where he worked on the science of Application discovery and understanding. He was an investor and a General Partner at Sequoia Capital, the Founder of Cyberstarts, and is the first investor and board member at Wiz (company), Adallom, Armis Security, Onavo, Moovit, and Innovid (NYSE:CTV).

OneSpan Inc. is a publicly traded cybersecurity technology company based in Boston, Massachusetts, with offices in Montreal, Brussels and Zurich. The company offers a cloud-based and open-architected anti-fraud platform and is historically known for its multi-factor authentication and electronic signature software.

<span class="mw-page-title-main">Luma Home</span> American Wi-Fi hardware company

Luma was a Wi-Fi solutions company based in Atlanta, Georgia The company sells Wi-Fi routers using mesh networking to project a consistent Wi-Fi signal throughout private homes as well as a corresponding mobile app for added layers of security and parental controls.

AppSheet is an application that provides a no-code development platform for application software, which allows users to create mobile, tablet, and web applications using data sources like Google Drive, DropBox, Office 365, and other cloud-based spreadsheet and database platforms. The platform can be utilized for a broad set of business use cases including project management, customer relationship management, field inspections, and personalized reporting.

<span class="mw-page-title-main">Appery.io</span> App-building platform

Appery.io is a cloud-based HTML5, Ionic, jQuery Mobile, and hybrid app-building platform for developing mobile apps, web apps, and PWAs. Appery.io is a browser-based drag-and-drop visual builder tool that supports Android and iOS with integrated Apache Cordova/PhoneGap output. The platform is used by DIYers to create apps for their customers.

Snyk is a cybersecurity company specializing in cloud computing. It was founded in 2015 out of London and Tel Aviv with headquarters in Boston.

References

  1. 1 2 3 4 5 6 "Hellman & Friedman Acquires Checkmarx for $1.15B". Dark Reading. 16 March 2020. Retrieved 2024-05-06.
  2. 1 2 3 4 "Insight Partners sells security firm Checkmarx to Hellman & Friedman for $1.15B". TechCrunch. 16 March 2020. Retrieved 2020-09-01.
  3. Bridgwater, Adrian. "Playing Games To Learn Code, Checkmarx Acquires Codebashing". Forbes. Retrieved 2020-09-04.
  4. Wenkert, Amarelle (2018-11-08). "Cybersecurity Company Checkmarx Buys Ontario-based Custodela". CTECH - www.calcalistech.com. Retrieved 2020-09-09.
  5. "Checkmarx Acquires Custodela". Dark Reading. 8 November 2018. Retrieved 2020-09-09.
  6. "Checkmarx acquires open-source supply chain security startup Dustico". TechCrunch. 5 August 2021.
  7. "Checkmarx debuts new Keeping Infrastructure as Code Secure solution". SDTimes. 25 February 2021. Retrieved 2021-05-03.
  8. Columbus, Louis. "Why Security Needs To Be Integral To DevOps". Forbes. Retrieved 2020-09-01.
  9. Winder, Davey. "Google Confirms Android Camera Security Threat: 'Hundreds Of Millions' Of Users Affected". Forbes. Retrieved 2020-09-02.
  10. "Bugs From Big Tech Beg the Question: Should You Cover Your Smartphone Camera?". Fortune. Retrieved 2020-09-04.
  11. Hautala, Laura. "Hackers can peep through this smart vacuum's camera, research shows". CNET. Retrieved 2020-09-04.
  12. "Turning an Amazon Echo Into a Spy Device Only Took Some Clever Coding". Wired. Retrieved 2020-09-02.
  13. Ng, Alfred. "Amazon Alexa flaw would have let hackers listen in". CNET. Retrieved 2020-09-02.
  14. Winder, Davey. "Meetup Security Flaws Exposed 44 Million Members To Data Loss And Payment Threat". Forbes. Archived from the original on August 4, 2020. Retrieved 2020-09-04.
  15. "Tinder's Lack of Encryption Lets Strangers Spy on Your Swipes". Wired. Retrieved 2020-09-02.
  16. Murnane, Kevin. "Amazon's Alexa Hacked To Surreptitiously Record Everything It Hears". Forbes. Retrieved 2020-09-02.
  17. "Ring patched an Android bug that could have exposed video footage". arstechnica.com. KEVIN PURDY. 18 August 2022. Retrieved 18 August 2022.
  18. Scheer, Matt (2020-07-27). "Security Checks When Submitting Apps to the Salesforce ISV Team". crmscience. Retrieved 2020-11-13.
  19. "Checkmarx Raises Funding From Salesforce.com, Ofer Hi-Tech". TechCrunch. Retrieved 2020-09-04.[ permanent dead link ]
  20. 1 2 "Insight Venture Partners to buy Israeli co Checkmarx - Globes". en.globes.co.il (in Hebrew). 2015-06-17. Retrieved 2020-09-09.
  21. "In $1.15 Billion Deal, Hellman & Friedman Acquires DevOps Firm Checkmarx | Israel Defense". www.israeldefense.co.il. 17 April 2020. Retrieved 2020-10-21.
  22. "3 Israeli cybersecurity firms win Black Unicorn Awards". ISRAEL21c. 2019-08-22. Retrieved 2020-10-21.
  23. Novinson, Michael (2020-06-24). "The Biggest 10 Cybersecurity Acquisitions Of 2020 (So Far)". CRN. Retrieved 2020-09-04.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.