Checkmarx Container Security

Checkmarx Container Security provides security scanning and monitoring for containerized applications throughout the software development lifecycle. The product scans container images to identify vulnerabilities, outdated versions, insecure dependencies, legal issues, malware, misconfigurations, and compliance risks across base images, software dependencies, and application code layers. The solution correlates pre-production and runtime data to identify exploitable vulnerabilities in running container images, reducing alert noise by up to 95%. It enables vulnerability triage by allowing users to edit severity per project, update severity levels and statuses, and maintain detailed audit trails for remediation tracking. The product identifies container image vulnerabilities and recommends safer base images to help developers select more secure foundations for their applications. It breaks down container images into visible layers to enable developers to pinpoint vulnerabilities and take targeted remediation actions. Checkmarx Container Security provides detailed vulnerability distribution and runtime analysis through a Results View, along with Scan Risk Reports that summarize findings with severity details. Reports can be downloaded in various formats for risk management and compliance purposes. The solution integrates with CI/CD pipelines and includes a Docker Extension that scans images, provides feedback, and enables early vulnerability fixes during development.