• ConnectorX aims to resolve conflicts between security and developer teams, tackling what Cycode refers to as “AppSec Chaos.”
  • Through ConnectorX, organizations can seamlessly integrate any AppSec solution and achieve precise, real-time insight into their security posture within minutes.

ConnectorX, an open, click-and-consume application security posture connector capability that includes multiple cybersecurity solutions and improvements to its Risk Intelligence Graph for more intelligent, risk-based prioritization, was recently unveiled by DevOps security startup Cycode Ltd.

In addition to the more than 40 software development lifecycle integrations currently available, ConnectorX is now available with support for Wiz Inc. and Black Duck by Synopsys Inc. Businesses can choose to utilize Cycode’s native ASPM tools or make the most of their investments in their current AppSec tools. Businesses can quickly obtain precise, real-time visibility into their security posture by plugging in any AppSec solution with ConnectorX.

Creating what Cycode refers to as “AppSec Chaos,” ConnectorX aims to resolve disputes between security and development teams.

Research Vice President of DevOps and DevSecOps at IDC, Jim Mercer, said, “Today, many organizations face hefty application security backlogs packed with mis-prioritized security findings and inadequate resources to address them while the application attack surface continues to expand. These organizations can improve visibility and agility across application security and the pipelines supporting those applications by using solutions such as the Cycode ASPM platform, which takes a multidimensional approach tracking the risk posture of the application.”

Improvements to Cycode’s RIG, which makes use of ConnectorX and Cycode’s native security solutions, automate vulnerability discovery, prioritization, remediation, and offer full code to cloud traceability. The RIG’s risk scoring capabilities, a vital part of its prioritization engine that supports its ability to focus on the 1% of critical vulnerabilities that matter most to the organization, have been improved with this release.

With the two latest announcements, Cycode highlights the potential for consolidation. Through the Cycode Complete ASPM, companies have the flexibility to leverage Cycode’s native scanning solutions, including Static Application Security Testing, Software Composition Analysis, Infrastructure as Code, and Secrets. Alternatively, they can continue using their current solutions. Businesses that have the freedom to select can handle the pressure, expense, inefficiencies, and decisions made by developers due to the abundance of separate, vendor-locked security tools ranging from cloud to code.

Co-founder and Chief Executive Officer of Cycode, Lior Levy, said ahead of the announcement, “We believe developer security is a team sport not just between security and development teams, but industry-wide. This belief fuels our research and development efforts and was core to our decision to create ConnectorX, which ensures companies can finally have the visibility always needed in a single platform.”

Founded in 2019, Cycode is a venture capital-backed startup that has raised USD 80.6 million in funding, including a USD 56 million round in November 2021. YL Ventures GP Ltd and Insight Partners Management LLC are among the investors.