Back to News

News  |  November 7, 2018

Checkmarx Acquires Custodela to Bring Enhanced Automation to DevSecOps Programs

Customers will benefit from expert services in software security deployment and automation to mitigate software exposure risk across the SDLC

RAMAT GAN, Israel–(BUSINESS WIRE)–Checkmarx, the Software Exposure Platform for the enterprise, today announced that it has acquired Custodela, an Ontario-based provider of software security program development and consulting services focused on DevSecOps.

The acquisition positions Checkmarx to uniquely empower CIOs and CISOs in accelerating the maturity of their DevSecOps programs with expert services for software security deployment and automation.

“While enabling organizations to develop software with more efficiency and speed, the DevOps process also dramatically expands risk through software exposure,” said Emmanuel Benzaquen, CEO, Checkmarx. “Custodela’s expertise in software security architecture and software development extends Checkmarx’s reach deeper into the DevSecOps program development and services space. The team’s methodologies will support and contribute towards Checkmarx’s mission to transform software security to help businesses fight software exposure and deliver secure software faster.”

According to Gartner, “DevSecOps, modern web application design and high-profile breaches are affecting the growing application security testing market. Security and risk management leaders will need to meet tighter deadlines and test more complex applications by integrating and automating AST in the software life cycle. … By 2019, more than 50% of enterprise DevOps initiatives will have incorporated application security testing (AST) for custom code, an increase from fewer than 10% today.”1

“Implementing automation into DevSecOps processes is a critical challenge for most organizations,” said Ken McDonald, CTO and co-founder, Custodela. “We are excited to join Checkmarx to help advance the automation capabilities in the Software Exposure Platform and deliver premium service offerings to help customers mature their software security programs.”

Only Checkmarx enables businesses to take a comprehensive, unified approach to managing software exposure at the speed of DevOps. Unlike siloed, gate-based application security approaches, Checkmarx gives organizations a more holistic, platform-centric approach where security is driven from a business context perspective and implemented effectively and continuously through automation. In turn, Checkmarx supports all stages of the software development lifecycle while bridging the gaps between senior management and business stakeholders, development, DevOps and operations.

Gartner, Magic Quadrant for Application Security Testing, 19 March 2018 ID: G00327353

About Custodela
Custodela is a provider of software security program development and consulting services focused on DevSecOps. Formed by a group of senior security professionals, Custodela helps organizations mature their DevOps programs by integrating application security platforms into the DevOps lifecycle with continuous automation and developer feedback. For more information, visit

About Checkmarx
Checkmarx is the Software Exposure Platform for the enterprise. Over 1,400 organizations around the globe rely on Checkmarx to measure and manage software risk at the speed of DevOps. Checkmarx serves five of the world’s top 10 software vendors, four of the top American banks, and many government organizations and Fortune 500 enterprises, including SAP, Samsung, and Learn more at