On March 3, 2026, Archipelo and Checkmarx announced a strategic collaboration aimed at enhancing application security processes by integrating development-origin insights with vulnerability data. The partnership was revealed in San Francisco, CA, at CyberNewswire, marking a significant advancement in software security.
Enhancing Vulnerability Insights
Traditional application security platforms are designed to detect and rank vulnerabilities within software repositories and pipelines. However, these systems often lack the ability to track the origins of changes or the conditions under which vulnerabilities were introduced. Understanding the development context, such as the identity of the developer and the involvement of AI tools, is increasingly vital for accurate remediation.
This collaboration focuses on bridging this gap by aligning vulnerability findings with development-origin signals derived from the software creation process. These signals encompass developer identities, workflow metadata, and code provenance, offering a comprehensive view of how vulnerabilities enter the system.
Integrating Development Context
The integration of development-origin context into application security workflows allows for a more nuanced approach to vulnerability management. By incorporating evidence from the creation phase, security teams can align remediation efforts with the precise conditions that led to vulnerabilities, rather than relying solely on post-incident analysis.
Archipelo’s Developer Security Posture Management (DevSPM) and Checkmarx’s Application Security Posture Management (ASPM) together create a robust framework for analyzing both the existence of risks and their introduction conditions. This synergy enables organizations to prioritize security measures based on empirical evidence rather than assumptions.
Future Outlook and Webinar
Matthew Wise, CEO of Archipelo, emphasized the importance of understanding how vulnerabilities enter the system, highlighting the partnership’s role in connecting vulnerability detection with development context. Ori Bendet, VP of Product Management at Checkmarx, noted that this integrated approach provides security teams with the necessary context to act decisively and efficiently.
The two companies will further elaborate on this innovative approach in a joint webinar scheduled for March 11, 2026. Interested parties can find registration details on their respective websites.
Archipelo specializes in associating code changes with developers and AI-assisted workflows across source control and CI/CD systems, while Checkmarx focuses on delivering comprehensive application security solutions. Together, they aim to enhance risk management capabilities for enterprises navigating the complexities of modern software development.
