Federal agencies now have access to a FedRAMP High cloud-native application security platform, setting a new standard for secure development
Checkmarx, the leader in agentic AI-powered application security testing that helps enterprise developers build trust at scale and speed, has officially achieved FedRAMP Ready at the High Impact Level for its Checkmarx One for Government application security platform, the most stringent baseline for FedRAMP cloud systems. This milestone reflects Checkmarx’s commitment to delivering secure-by-design solutions for public sector organizations and its investment in supporting the most mission-critical government workloads. It also makes Checkmarx the first AppSec platform to reach the Ready status at the High Impact Level that includes full coverage for the software development lifecycle (SDLC).
Checkmarx One for Government has achieved FedRAMP High Ready status — the first AppSec platform with full SDLC coverage to do so.
In addition to being recognized on the FedRAMP Marketplace as High Baseline Ready, Checkmarx has completed a comprehensive Security Assessment Report (SAR) through an accredited Third-Party Assessment Organization (3PAO), providing federal stakeholders with early validation of the platform’s security posture. While a sponsoring agency has not yet been named, the availability of a 3PAO-reviewed SAR places Checkmarx in a uniquely advantageous position to accelerate the path toward full FedRAMP authorization.
This designation signifies Checkmarx’s successful completion of the Readiness Assessment, making Checkmarx One for Government a candidate for full FedRAMP Authorization. The platform offers a comprehensive suite of security features, including Static Application Security Testing (SAST), Software Composition Analysis (SCA), Malicious Package Detection, Infrastructure as Code (IAC) Security, Container Security, and Application Security Posture Management (ASPM).
By pursuing the High Impact Level from the outset, which requires nearly 100 additional security controls over the Moderate Impact Level, Checkmarx One for Government aims to support the evolving compliance, Zero Trust, and cybersecurity resilience goals of U.S. federal agencies.
“The administration’s recent Executive Order on strengthening the nation’s cybersecurity doubles down on the implementation of secure software development practices, highlighting the importance of comprehensive application security,” said Checkmarx CEO Sandeep Johri. “Our pursuit of FedRAMP High underscores our alignment with the Executive Order and signals our long-term commitment to serving the most security-sensitive government workloads while also benefiting our private-sector customers. We’re proud to enable agencies to protect their most critical applications with the only FedRAMP High application security platform available to the federal government.”
Checkmarx One for Government also includes Application Security Posture Management (ASPM), which enables developers to prioritize all vulnerabilities identified by the platform. ASPM provides a unified view of application security risks, which facilitates proactive vulnerability management, ensures compliance, and enhances security throughout the application lifecycle.
Catch more CIO Insights: CIOs and the Inferencing Economy: Planning for a Future Where AI is Always On
[To share your insights with us, please write to psen@itechseries.com ]
