DEVELOPER?
Secure your code universe

Application security is a vast galaxy. Checkmarx DevHub can
help you navigate through it.

For developers by developers

ChainAlert

Receive immediate notification if any of your npm packages are compromised by package hijacking!
- npm
- OSS
- SCA
- Supply Chain Security
Cool, I want it And I'll get it
JetBrains IDE

Identify vulnerable open-source dependencies and get remediation recommendations as you code in your favorite IDE
- Free download
- IDE plugin
- SCA
- Supply Chain Security
Cool, I want it And I'll get it
ChainJacking

Your Golang direct GitHub dependencies may be susceptible to ChainJacking attacks!
- Free download
- Supply Chain Security
Cool, I want it And I'll get it
KICS CLI

Integrate Infrastructure as Code (IaC) security into your SDLC
- CLI Tool
- Free download
- IaC
Cool, I want it And I'll get it
KICS SaaS

Is your Infrastructure as Code (IaC) vulnerable to attacks?
- IaC
Cool, I want it And I'll get it
KICS Auto Scanning VS Code Extension
- Free download
- IaC
- IDE plugin
Cool, I want it And I'll get it
DustiLock

Are your open-source dependencies susceptible to Dependency Confusion Attacks?
- OSS
- Supply Chain Security
Cool, I want it And I'll get it
OWASP ZAP

Zed Attack Proxy (ZAP) is a free flexible and extensible open-source penetration testing tool, designed specifically for testing web applications

Cool, I want it And I'll get it

Explore Advisory

Severity High Score 7.5/10

CVE-2022-37734

Uncontrolled Resource Consumption in com.graphql-java:graphql-java - CVE-2022-37734

Graphql-java prior to 17.4, 18.x prior to 18.3 and 0.0.0-2021-05-04T21-12-03-d3ac10b0 prior to 0.0.0-2022-07-26T05-45-04-226aabd9 is vulnerable to Denial of Service. An attacker can send a malicious GraphQL query that consumes CPU resources.
New blogpost

From Zero to AppSec Anti-Hero: How AI Brings More Security Issues Than It Fixes
Upcoming Event
Virtual Developer Workshops - NA/EMEA

Explore real-world source code and third-party library vulnerabilities and how Checkmarx empowers Developers to quickly and easily remediate them
- Date May 04 2023, 11:00
- Location Online
Check this Tool
ChainJacking

Your Golang direct GitHub dependencies may be susceptible to ChainJacking attacks!
- Free download
- Supply Chain Security
Upcoming Event
Virtual Developer Workshops APAC

Explore real-world source code and third-party library vulnerabilities and how Checkmarx empowers Developers to quickly and easily remediate them
- Date May 04 2023, 09:00
- Location Online