Checkmarx One Developer Assist

1. Developer writes code that concatenates user input directly into an SQL query.

2. Checkmarx One Developer Assist identifies the potential SQL injection vulnerability in real-time.

3. The tool provides a secure code suggestion to use parameterized queries instead of string concatenation.

4. Developer accepts the suggestion, and the vulnerability is remediated before the code is committed.

5. A report is generated, showing the resolved vulnerability.

1. Checkmarx One identifies a vulnerable version of Log4j in the project's dependencies using SCA.

2. Developer Assist alerts the developer to the vulnerability and its potential impact.

3. The tool suggests upgrading to a patched version of Log4j.

4. The developer updates the dependency, and Developer Assist verifies the update.

5. The integrated system validates the security status.

1. A developer writes an IaC template (e.g., Terraform, CloudFormation) with overly permissive security group rules.

2. Checkmarx One scans the IaC template and identifies the misconfiguration.

3. Developer Assist suggests hardening the security group rules to follow the principle of least privilege.

4. The developer applies the suggested changes.

5. Subsequent system deployment is more secure.

1. A developer writes code that renders user-supplied data without proper sanitization.

2. Checkmarx One detects the XSS vulnerability.

3. Developer Assist suggests using appropriate encoding or escaping functions.

4. The developer implements the suggested fix, and Developer Assist confirms the vulnerability is resolved.

5. System behavior is more secure.