Archipelo and Checkmarx Announce Partnership Connecting AppSec Detection with DevSPM

Archipelo and Checkmarx today announced a technical partnership focused on correlating application vulnerability findings with development-origin context within modern software delivery workflows.

Application security platforms identify and prioritize vulnerabilities across repositories and pipelines. These systems indicate where risk exists but typically do not capture how a change entered the codebase or what development conditions contributed to its introduction.

Modern production software is created through a combination of human developers and AI-assisted coding workflows. During investigation and remediation, organizations increasingly need to determine which identity initiated a change, whether AI tooling participated, and what workflow conditions were present at the time of creation.

The partnership enables correlation between vulnerability findings and development-origin signals derived from software creation activity. These signals include developer identity association, workflow metadata, and code provenance information observable during the development process.

This approach introduces development-origin context into existing application security workflows, allowing investigation processes to incorporate recorded ...