Checkmarx Unveils Developer Assist Agent for AI-Native IDEs, Enhancing Real-Time Code Security

Checkmarx has launched Checkmarx One Developer Assist, a security agent that delivers real-time prevention, remediation, and guidance to developers from AI-native Integrated Development Environments (IDEs) such as Windsurf, Cursor, and GitHub Copilot. The agent aims to ensure protection starts at the source, whether generated by humans or AI, and provides seamless access to autonomous, real-time prevention and instant remediation through the primary development environment.

Checkmarx has introduced Checkmarx One Developer Assist, an advanced security agent designed to provide real-time prevention, remediation, and guidance to developers working within AI-native Integrated Development Environments (IDEs) such as Windsurf, Cursor, and GitHub Copilot. The new agent aims to ensure that security measures start at the source, whether the code is generated by humans or AI, and offers seamless access to autonomous, real-time prevention and instant remediation through the primary development environment.

The growing use of AI in code generation has led to an increase in vulnerabilities that traditional security approaches struggle to keep pace with. Checkmarx One Developer Assist addresses this challenge by providing developers with the tools they need to identify and remediate security issues in real-time. The agent is part of the Checkmarx One platform, which scans over six trillion lines of code each year, making it a powerful tool for large-scale, hybrid human and AI-assisted development teams [1].

The initial plugins for Checkmarx One Developer Assist are built for popular AI-native coding tools, including Windsurf, Cursor, and GitHub Copilot. These plugins enable developers to access autonomous, real-time prevention and instant remediation directly from their IDEs. Early access to the Developer Assist agent has shown promising results, with enterprise customers in healthcare, financial services, and consumer products reporting easier access to accurate and complete threat alerts with faster remediation [1].

Contrast Security, another leading player in application security, has also expanded its offerings to include new integrations that enhance runtime security and faster remediation. Contrast ADR, the company's Application Detection and Response platform, has seen strong adoption, with 40% of its customers now using the service. The Northstar release of the platform introduced SmartFix, an agentic AI that auto-generates validated code fixes, and Deployment Hub with Flex Agent, which simplifies scaling ADR across complex enterprise environments [2].

The integration of GitHub Copilot with Contrast ADR allows developers to apply AI-generated fixes that are validated by live runtime evidence. This integration bridges the gap between detection and developer action, delivering ready-to-review pull requests that are both context-aware and safe for production [2]. Additionally, the integration of Sumo Logic with Contrast ADR enables Security Operations Center (SOC) teams to gain real-time visibility into exploit attempts and vulnerable code paths, enriching existing SIEM workflows with application-layer context [2].

Both Checkmarx and Contrast Security are positioning themselves to meet the growing demand for real-time application security solutions that can keep up with the speed of AI code generation. By providing developers with the tools they need to identify and remediate security issues in real-time, these companies aim to enhance the overall security posture of modern software development.

References:
[1] https://www.businesswire.com/news/home/20250805058536/en/Checkmarx-Enables-Real-Time-Code-Security-with-Launch-of-Developer-Assist-Agent-for-AI-Native-IDEs
[2] https://www.morningstar.com/news/business-wire/20250804738081/contrast-adr-marks-one-year-with-surging-growth-expands-reach-with-new-developer-and-secops-focused-integrations