Archipelo and Checkmarx Unveil Key Partnership for AppSec Enhancement

Introduction

In a bid to strengthen security within software development, Archipelo and Checkmarx have forged a new partnership. This collaboration aims to link application security findings with key developer activity, offering enhanced insight into how vulnerabilities manifest in modern software delivery workflows.

Focus of the Partnership

The core of this partnership centers around merging application vulnerability detection with a robust understanding of the development environment. Often, application security platforms highlight risks and vulnerabilities across repositories and pipelines but lack the ability to provide insights into how those risks entered the codebase. With this partnership, both companies aim to change that paradigm. By introducing visibility into developer identity and the conditions surrounding code contributions, organizations can now address vulnerabilities with a clearer understanding of their origins.

Need for Context in Vulnerability Management

In today's landscape, software is increasingly built with a blend of human input and AI-assisted coding. This evolution necessitates a shift in how organizations investigate security incidents. When a vulnerability is detected, it’s vital to know who made changes, whether AI tools were involved, and what workflow conditions prevailed. This is where the synergy between Archipelo and Checkmarx comes into play. By correlating vulnerability data with information derived from the development process, security teams gain a comprehensive view of risk – one that goes beyond the superficial identification of issues.

Technological Innovations

Both Archipelo and Checkmarx bring unique technologies to the table. Archipelo focuses on Developer Security Posture Management (DevSPM), emphasizing the importance of observable actions taken by developers during software creation. Meanwhile, Checkmarx specializes in application security testing combined with Application Security Posture Management (ASPM), enabling organizations to pinpoint and manage software risks effectively. By merging these domains, the partnership allows for not only the identification of risks but also a deeper understanding of how and why they emerged within the software’s framework.

Insights from the Leadership

Matthew Wise, CEO of Archipelo, articulated the importance of this collaboration, stating, "Vulnerability detection establishes that risk exists. Development context shows how the change entered the system — including the identity, actions, and AI-assisted conditions present during creation." This perspective highlights the critical need for organizations to make remediation choices based on concrete evidence rather than retrospective analysis. Meanwhile, Ori Bendet, VP of Product Management at Checkmarx, emphasized the need for speed and confidence in remediation decisions, stating, "By combining Checkmarx's application risk insights with Archipelo's development-origin context, security teams gain a clearer understanding of how risk enters the software lifecycle."

Webinar Announcement

To further delve into the details of this partnership, Archipelo and Checkmarx will host a joint webinar on March 11, 2026. This webinar aims to outline their combined approach in detail and illustrate how organizations can leverage these new capabilities effectively. Interested participants can find registration details online at Archipelo's official website.

About Archipelo and Checkmarx

Archipelo stands out in the industry for its focus on Developer Security Posture Management, combining code changes with the actions of developers and their AI-assisted workflows. Similarly, Checkmarx occupies a pivotal role in application security, offering extensive tools for identifying and managing software risks across diverse development ecosystems. Their collective expertise promises to deliver unprecedented insights into software security, helping organizations navigate the complexities of modern development practices.

Concluding Thoughts

As the software development landscape continues to evolve, collaborations such as this one between Archipelo and Checkmarx highlight the importance of integrating security practices into every aspect of the development process. Organizations no longer need to settle for mere identification of vulnerabilities. Instead, with enhanced context, they can actively cultivate a secure development environment, thus safeguarding against future risks.