Checkmarx Joins Forces with ZAP to Supercharge Dynamic Application Security Testing (DAST) for the Enterprise and Enhance Community Growth

ZAP project leaders Simon Bennetts, Rick Mitchell and Ricardo Pereira will join Checkmarx as employees

PARAMUS, N.J.--()--Checkmarx, the industry leader in cloud-native application security, has expanded its support for open source solutions with the most widely used DAST tool in the world, the Zed Attack Proxy (ZAP). ZAP project leaders Simon Bennetts, Rick Mitchell and Ricardo Pereira will join Checkmarx as employees to build the next generation of Checkmarx’ enterprise-grade DAST offering while continuing to invest in the open source project and grow the ZAP community. ZAP has performed over 353,724,090 scans and has delivered more than 30,058,294,650 alerts since December 2021.

“I’m excited to welcome Simon, Rick and Ricardo to Checkmarx, where together we’ll fuel constant innovation for both ZAP and Checkmarx DAST,” said Ori Bendet, VP of Product Management at Checkmarx. “DAST is a core application security (AppSec) capability and the demand remains high across our customer base. With the team joining we’ll be able to drive even greater success for the ZAP and Checkmarx communities.”

Checkmarx’ new collaboration with ZAP leaders is yet another demonstration of the company’s commitment to driving value for developers by partnering with the open source community. For the past several years, Checkmarx has delivered successful open source projects with millions of active users and downloads, including KICS, 2MS, CxFlow, Vorpal, ImageX and many others. The addition of ZAP to the Checkmarx portfolio exemplifies the company’s strong commitment to the open source community and to providing enterprise development and security teams with the most comprehensive AppSec coverage available anywhere.

ZAP community members will benefit from:

  • Checkmarx’ extensive commitment to open source and the community, as evidenced by its various open source tools maintained by the company. ZAP project founders and Checkmarx open source experts will together help maintain and enhance ZAP.
  • The open source expertise of the Checkmarx research team, particularly in the areas of fidelity and finely-tuned engine accuracy. Working collaboratively with the ZAP core team will lead to more robust and reliable features.
  • Valuable insights from Checkmarx’ large and active enterprise customer base to help guide the future development of ZAP, ensuring that it meets real-world needs more effectively.
  • A wealth of resources to develop high-priority features requested by the community.

Checkmarx customers will gain:

  • Enhanced engine development, ensuring that customers benefit from the most secure, optimized and up-to-date solutions. The combined team will expand and enhance ZAP with innovative new features so that it can be leveraged both alone and within Checkmarx DAST, an integral solution within the Checkmarx One platform.
  • Expanded integration into the Checkmarx One platform, including enhanced correlation, an easier user experience and a more seamless developer experience.
  • Innovative new features made possible by the combination of the Checkmarx development team with ZAP’s core team, which contributed to nearly every part of the codebase and brings unmatched expertise to drive faster and more accurate enhancements.
  • Direct access to expertise from both Checkmarx experts and the ZAP core team.
  • Continuous improvement of the engine’s accuracy based on Checkmarx research and the integration of Checkmarx customer insights.

“Checkmarx is the leading enterprise application security platform and the pioneer in application security. We’re excited to be joining Checkmarx and to finally have a home for ZAP,” said Simon Bennetts, ZAP founder and project leader. “It’s a win for the open source community, for application security professionals and for Checkmarx customers.”

For more information about Checkmarx DAST, visit this page. To visit the ZAP community, follow this link.

About Checkmarx

Checkmarx is the leader in application security and ensures that enterprises worldwide can secure their application development from code to cloud. Our consolidated platform and services balance the dynamic needs of enterprises by improving security and reducing TCO, while simultaneously building trust between AppSec, developers, and CISOs. At Checkmarx, we believe it’s not just about finding risk but remediating it across the entire application footprint and software supply chain with one seamless process for all relevant stakeholders. We are honored to serve more than 1,800 customers, including 40 percent of all Fortune 100 companies.

About ZAP

The Zed Attack Proxy (ZAP) is the most widely used web application scanner and a GitHub 1000 project. With millions of monthly scans, ZAP has created and maintains one of the most active communities in the world of open source.

Follow Checkmarx on LinkedIn, YouTube and X. Follow ZAP on X.

Contacts

Media Contact
Katie Brookes
Merritt Group for Checkmarx
brookes@merrittgrp.com

Contacts

Media Contact
Katie Brookes
Merritt Group for Checkmarx
brookes@merrittgrp.com