First product of JetBrains’ partnership with Checkmarx enables developers to easily scan uncompiled code to identify and resolve hundreds of potential security vulnerabilities within their familiar IntelliJ IDEA workspace
Checkmarx, a creator of developer-centric application security testing (AST) solutions, and JetBrains, the company that created an extended family of integrated development environments (IDE) for various programming languages, have announced their strategic partnership and the general availability of a native integration.
Checkmarx’ software composition analysis (SCA) solution has been integrated directly into the JetBrains IntelliJ IDEA Ultimate through a free plug-in to provide the Software Composition Analysis to IntelliJ IDEA Ultimate users. SCA provides developers with security information about open source packages included directly or indirectly in their code, empowering them to address security concerns during development instead of in production. The integration:
- Is a free, easy-to-use, frictionless and secure plug-in
- Helps developers build more secure code without impacting the development cycle
- Focuses on the inclusion of open-source code (direct and indirect) in application software stacks
“Over five million developers around the world use IntelliJ IDEA Ultimate to rapidly create and deliver the applications their organizations need,” said Checkmarx chief product officer Razi Sharir. “The inclusion of powerful application security testing within their familiar development environment minimizes friction with modern application development workflows. The integration also makes it easier to secure those applications before they are compiled, rather than waiting for deployment to identify vulnerabilities. Checkmarx is proud to partner with JetBrains to bring our two market-leading solutions together to create a big win for the developer community.”
Dmitry Jemerov, head of product for IntelliJ IDEA, said: “The Java ecosystem has recently experienced several major vulnerabilities affecting extremely broadly used frameworks, including Log4J and Spring. We’re glad we can provide our users with tools that can highlight the use of vulnerable dependencies in their projects and update to a secure version with just a few keystrokes.”
The Checkmarx SCA integration is available in the IntelliJ IDEA 2022.1 GA release.