Software & Apps

Checkmarx Unveils Self-Employment Security for Family Help Agent

AI generates code faster than teams can review it. Checkmarx, the leader in agent-based application security, today addressed that gap by introducing self-sustaining application security: autonomous agents that detect, fix, and validate vulnerabilities as developer code does.

Key Takeaways

  • Developer Assist now implements a continuous loop of discovery and correction directly from AI coding tools with hooks, catching and fixing vulnerabilities as code is written with up to 70% manual correction effort.
  • Triage and Remediation agents automatically prioritize what’s already in the codebase and generate fixes that are ready for integration, cutting manual calibration and speeding up developer productivity.

Closing the Loop from Code to Backlog

According to Checkmarx’s 2026 Future of Application Security report, 96% of developers are now using AI coding tools, but only 18% are applying security continuously as they write code, a gap independent remediation is designed to close.

In a study Checkmarx released in independent researcher Weather Report, published in July 2026, boundary models produced working code 83% to 95% of the time, but only 24% to 36% of that code was both safe and functional. Even a post-mortem security review raised the safe and effective rate to only 47% to 56%, underscoring the gap that the standalone fix was designed to close.

“Security teams have spent a decade trying to keep up with how fast code is being written, and AI has just moved that pole again,” said Harshil Parikh, VP of Product Management at Checkmarx. “The only way to close that gap is to stop treating detection and correction as separate steps handled by different tools and let the system correct what it finds.”

“The goal is prevention — to create a continuous flow of clean code from scratch and independent fixes before the code reaches production,” said Jonathan Rende, chief product officer at Checkmarx. “With independent fixes, fixes are applied while developers are still writing the code, before it’s tested, and what’s in the pipeline is prioritized and accelerated without thinking about it.”

Developer Assist now works as a pre-commit for one maintenance loop. While an IDE, it works independently with hooks and MCP. Detects vulnerabilities, returns context to Checkmarx One, generates fixes and validates before code is deployed. Developers using IDEs like Cursor, Windsurf or Kiro or command line interface (CLI) and LLMs like Claude Code can get the same autonomous loop without changing tools.

Once the code reaches the backlog, the Test and Fix agents take over. They separate actionable risk from serious noise using real-world insights, what Checkmarx calls attacks, and create pull requests that are ready to merge for critical damage. Developers review and integrate each fix; AppSec maintains policy control and full traceability of all automated decisions.

Certified in Production at PatientPoint

PatientPoint, a long-time Checkmarx customer in the healthcare technology space, has been an early adopter of Remediation Assist. Faced with a growing vulnerability backlog as AI-assisted development accelerates the pace of code change, the company’s security team used an agent to translate large volumes of findings into a small number of pull requests ready to integrate for developers.

“Triage and Remediation Assist agents identified false positives and gave our developers a chance to review before integration; that’s exactly what we wanted,” said Femi Oyesanya, application security engineer at PatientPoint. “Our priority is protecting patient data, and this allows us to do that without reducing developer productivity or increasing token costs.”

Availability

Developer Assist standalone mode, as well as Triage Assist and Remediation Assist, are now generally available with Checkmarx One. To learn more, visit Checkmarx.com.

1 With dependency work and package development specifically, Safe Refactor’s developer power models reduce manual maintenance effort by nearly 70%, cutting a typical six-hour package development to 1.8 hours, which equates to $420 in developer time at $100 per hour.

SD Times Newswire

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button