{"id":98385,"date":"2024-10-21T09:13:35","date_gmt":"2024-10-21T09:13:35","guid":{"rendered":"https:\/\/staging.checkmarx.com\/?post_type=learn&#038;p=98385"},"modified":"2026-04-13T22:35:38","modified_gmt":"2026-04-13T20:35:38","slug":"the-misguided-pursuit-of-zero-vulnerability-applications","status":"publish","type":"learn","link":"https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/","title":{"rendered":"The Misguided Pursuit of Zero-vulnerability Applications\u00a0"},"content":{"rendered":"<p>Ever heard the expression, \u2018The perfect is the enemy of the good?\u2019<\/p>\n\n\n\n<p> This sentiment is certainly true when it comes to application security testing. <\/p>\n\n\n\n<p><a href=\"https:\/\/checkmarx.com\/blog\/devsecops-what-devops-needs-to-be-when-it-grows-up\/\">DevSecOps <\/a>teams can become so focused on removing every vulnerability, misconfiguration, or flawed line of code, that they can\u2019t get a product or a feature release out the door.&nbsp;<\/p>\n\n\n\n<p>According to a recent Gartner <a href=\"https:\/\/www.gartner.com\/en\/documents\/5768115\">report<\/a>, <em>\u201cPerfect application security isn\u2019t possible and, in the misguided pursuit of zero-vulnerability applications, heavyweight security testing becomes an obstacle to the speed of digital business.\u201d<\/em><\/p>\n\n\n\n<p>Let\u2019s dive into Gartner\u2019s thoughts more closely, and discuss how an application security platform can help businesses to better prioritize to ensure risk reduction without negatively impacting developer velocity.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-1\">What is Zero-vulnerability?<\/h2>\n\n\n\n<p>First, let\u2019s understand what we mean when we talk about zero vulnerability, not to be confused with <a href=\"https:\/\/checkmarx.com\/learn\/vulnerability-management\/what-is-vulnerability-management\/\">zero-day<\/a> vulnerability.<\/p>\n\n\n\n<p>While a zero-day vulnerability is a security flaw which is unknown to the software developer or vendor, and as a result has no known fix or patch available, when we use the term zero vulnerability, we mean exactly what the term suggests &#8211; no flaws or vulnerabilities. <\/p>\n\n\n\n<p>As such, an application which is zero-vulnerability has no risk at all.&nbsp;<\/p>\n\n\n\n<p>Anyone who has ever worked in a software development environment knows that this ask is pretty much impossible.<\/p>\n\n\n\n<p>No application can be truly zero vulnerability, due to a number of factors, including:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\n<strong>Software complexity:<\/strong> Modern applications may have millions of lines of code, and provenance over this code can change over time. The more complex the code, the more likely there will be errors or vulnerabilities due to connected components.&nbsp;<\/li>\n\n\n\n<li>\n<strong>Attack landscape: <\/strong>The way threat actors behave and their Tools, Tactics and Procedures are changing all the time. Even previously secure code may become vulnerable to new exploits over time.&nbsp;<\/li>\n\n\n\n<li>\n<strong>Dependencies:<\/strong> Applications may rely on third-party libraries, registries, frameworks or modules to simplify development or to add functionality with greater ease. If a third-party component is vulnerable, so is the application which leverages it.&nbsp;<\/li>\n\n\n\n<li>\n<strong>Developer expertise: <\/strong>Developers are not security experts, and nor should they have to be. Even if the company has an extensive testing and code review regimen, vulnerabilities can still occur.&nbsp;<\/li>\n\n\n\n<li>\n<strong>Unknown vulnerabilities:<\/strong> As well as zero-day vulnerabilities, applications may interact with an external system such as the operating system or hardware. When changes occur there, developers may not have considered the impact.&nbsp;<\/li>\n\n\n\n<li>\n<strong>Usability: <\/strong>Developers may prioritize the UI of the software, and fail to balance the need for security with performance and usability. Security leaders need to consider whether features built to be user-friendly may open the environment to risk.&nbsp;<\/li>\n<\/ul>\n\n\n\n<p>Despite the impossibility of a zero-vulnerability application, many organizations are still attempting to uncover this holy grail, and implement processes in their development environment which will allow apps to be totally risk-free. <\/p>\n\n\n\n<p>This cannot help but slow down the pace of development, and negatively impact developer velocity. No wonder Gartner calls this pursuit \u201cmisguided\u201d!&nbsp;<\/p>\n\n\n\n<p><strong>It\u2019s no surprise to see that Gartner have found 41% of security leaders say a top three blocker to achieving good security outcomes is that software engineers often deprioritize security tasks in favor of delivery speed.&nbsp;<\/strong><\/p>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-2\">Finding a Balance: How to Prioritize to Enable a DevSecOps Culture that Works<\/h2>\n\n\n\n<p>Instead of attempting to find the route to create the mythical zero-vulnerability application, Gartner\u2019s advice is to <em>\u201cFocus developers first on known vulnerabilities with the greatest risk and confidence levels by using tools that push prioritization features such as risk metrics.\u201d<\/em><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/lh7-rt.googleusercontent.com\/docsz\/AD_4nXccbM7L3VuG76OPgaX-qiFrdsDJs5q59NYGVPETcgPaVoDz5wVSHK9zpuSn52SDfQhNHQ7eg6dpu6FkU590d3FiUXq9Z5M_e64f8qYlktfa8v5eea9QvfJTAYnvl-BUCLlhIS_drp0fVq1hjlZBw_8mCtlE?key=I82AB8ANySCVBw2t3OhWKQ\" alt=\"Risk-based Prioritization Gartner Report\"><figcaption class=\"wp-element-caption\">Source: Gartner &#8220;Streamline Your DevSecOps Profile&#8221; Report<\/figcaption><\/figure>\n\n\n\n<p>What do we mean by the greatest risk and confidence levels? In short, it means implementing risk-based prioritization that considers how likely it is that a security incident will occur, and maps that against the impact on the business. Items that fall in the top-right quadrant, as very impactful and very likely to occur should be prioritized for remediation.&nbsp;<\/p>\n\n\n\n<p>Gartner suggests using risk factors including known vulnerabilities, the probability of the exploit, the health and reputational analysis you have, your specific attack surface, the operational impact of an attack on this asset, and the extent to which the application or code will be used.<\/p>\n\n\n\n<p>One area to focus on according to Gartner is known vulnerabilities in third-party code. Developers often make heavy use of public repositories, registries and sources that provide them with pre-built components, libraries, containers and frameworks, and in the era of Generative AI, much more. Gartner notes that in this landscape, <em>\u201ccustom code can become a minority percentage of the code in a modern application.\u201d<\/em> With this in mind, an application security platform needs to go further than scanning custom code, and include tools for automatically scanning third-party OSS packages, libraries, and any other third-party components in use.<\/p>\n\n\n\n<p><strong>Gartner\u2019s checklist for assessing apps for known vulnerabilities include:&nbsp;<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The developers unit of work, including the VM, container and machine image.&nbsp;<\/li>\n\n\n\n<li>All source code for embedded OSS code that has known vulnerabilities<\/li>\n\n\n\n<li>All Operating System files, executables and dynamic link libraries and all platform files<\/li>\n\n\n\n<li>Third party commercial libraries and common applications<\/li>\n\n\n\n<li>Configuration vulnerabilities, including all processes and services running and ports open\/closed.&nbsp;<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-3\">Understanding how Checkmarx Uses Exploitability for Prioritization in Software Composition Analysis<\/h2>\n\n\n\n<p>At Checkmarx, we know that while the best practice may be to only use secure components and packages, in reality \u2014 not everything can be done at once, and there will always be a security backlog. We use the concept of exploitability to help developers with risk-based prioritization and the right metrics to recognize where efforts should be placed first. This means that crucial security efforts are far less likely to be deprioritized in favor of getting a release out the door, as teams are given the insight and vantage point to understand what\u2019s really important.&nbsp;<\/p>\n\n\n\n<p>First, we make sure to support metrics including Known Exploited Vulnerabilities (KEV) and Exploit Prediction Scoring System (EPSS). Similarly to the Gartner approach above, metrics like these weigh the likelihood of an exploit occurring based on risk factors such as vendor response and availability. A zero-day vulnerability would have an extremely high EPSS, while an exploit that has a known fix would be a lot lower, as just one example.&nbsp;<\/p>\n\n\n\n<p>Checkmarx One also offers you the ability to visualize the <a href=\"https:\/\/checkmarx.com\/blog\/software-composition-analysis-why-exploitable-path-is-imperative\/\">Exploitable Path<\/a>, uncovering exactly what\u2019s being used by each software package. If for example there is a vulnerable element but you\u2019re not using it in your configuration \u2014 you\u2019re safe to deprioritize remediation for now. While we may always recommend using secure software packages, you can make smart decisions around how to manage your own level of risk, with all the information at your fingertips.&nbsp;<\/p>\n\n\n\n<p>As well as scanning custom code using SAST, and implementing container security, IaC security and more, Checkmarx One is built to support DevSecOps teams with the evolving development landscape. As Gartner attest \u2014 the reliance on third-party software components is a large part of that. Checkmarx One\u2019s Software Composition Analysis is more than just a catalog of software packages and their vulnerabilities, it gives you the visibility into exploitability so that you can implement a thorough risk-based prioritization strategy in your organization.&nbsp;<\/p>\n\n\n\n<p><em>Stop looking for zero-vulnerability applications, and start uncovering the <\/em><strong><em>relevant<\/em><\/strong><em>-vulnerability applications with a <\/em><a href=\"https:\/\/checkmarx.com\/request-a-demo\/\"><em>demo of Checkmarx One.&nbsp;<\/em><\/a><\/p>","protected":false},"author":92,"featured_media":98489,"parent":0,"menu_order":0,"template":"","meta":{"_acf_changed":false,"footnotes":""},"learn-cat":[861],"class_list":["post-98385","learn","type-learn","status-publish","has-post-thumbnail","hentry","learn-cat-developers"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.1.1 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>The Misguided Pursuit of Zero-vulnerability Applications\u00a0<\/title>\n<meta name=\"description\" content=\"Discover the misconceptions surrounding zero-vulnerability applications in DevSecOps. Learn how to build a robust security culture, prioritize practical risk mitigation, and achieve a balance between security and development efficiency.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The Misguided Pursuit of Zero-vulnerability Applications\u00a0\" \/>\n<meta property=\"og:description\" content=\"Discover the misconceptions surrounding zero-vulnerability applications in DevSecOps. Learn how to build a robust security culture, prioritize practical risk mitigation, and achieve a balance between security and development efficiency.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/\" \/>\n<meta property=\"og:site_name\" content=\"Checkmarx\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-13T20:35:38+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/10\/The-Misguided-Pursuit-of-Zero-vulnerability-Applications.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1792\" \/>\n\t<meta property=\"og:image:height\" content=\"1024\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@checkmarx\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/\"},\"author\":{\"name\":\"Jonathan Singer\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/person\/12874993aa841b57e429c631b192aa19\"},\"headline\":\"The Misguided Pursuit of Zero-vulnerability Applications\u00a0\",\"datePublished\":\"2024-10-21T09:13:35+00:00\",\"dateModified\":\"2026-04-13T20:35:38+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/\"},\"wordCount\":1232,\"publisher\":{\"@id\":\"https:\/\/checkmarx.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/10\/The-Misguided-Pursuit-of-Zero-vulnerability-Applications.jpg\",\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/\",\"url\":\"https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/\",\"name\":\"The Misguided Pursuit of Zero-vulnerability Applications\u00a0\",\"isPartOf\":{\"@id\":\"https:\/\/checkmarx.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/10\/The-Misguided-Pursuit-of-Zero-vulnerability-Applications.jpg\",\"datePublished\":\"2024-10-21T09:13:35+00:00\",\"dateModified\":\"2026-04-13T20:35:38+00:00\",\"description\":\"Discover the misconceptions surrounding zero-vulnerability applications in DevSecOps. Learn how to build a robust security culture, prioritize practical risk mitigation, and achieve a balance between security and development efficiency.\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/#primaryimage\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/10\/The-Misguided-Pursuit-of-Zero-vulnerability-Applications.jpg\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/10\/The-Misguided-Pursuit-of-Zero-vulnerability-Applications.jpg\",\"width\":1792,\"height\":1024,\"caption\":\"Developers hero image\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/checkmarx.com\/#website\",\"url\":\"https:\/\/checkmarx.com\/\",\"name\":\"Checkmarx\",\"description\":\"The world runs on code. We secure it.\",\"publisher\":{\"@id\":\"https:\/\/checkmarx.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/checkmarx.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/checkmarx.com\/#organization\",\"name\":\"Checkmarx\",\"url\":\"https:\/\/checkmarx.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg\",\"width\":1,\"height\":1,\"caption\":\"Checkmarx\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis\",\"https:\/\/x.com\/checkmarx\",\"https:\/\/www.youtube.com\/user\/CheckmarxResearchLab\",\"https:\/\/www.linkedin.com\/company\/checkmarx\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/person\/12874993aa841b57e429c631b192aa19\",\"name\":\"Jonathan Singer\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/06\/avatar_92.jpg\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/06\/avatar_92.jpg\",\"caption\":\"Jonathan Singer\"},\"url\":\"https:\/\/checkmarx.com\/author\/jonathansinger\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"The Misguided Pursuit of Zero-vulnerability Applications\u00a0","description":"Discover the misconceptions surrounding zero-vulnerability applications in DevSecOps. Learn how to build a robust security culture, prioritize practical risk mitigation, and achieve a balance between security and development efficiency.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/","og_locale":"en_US","og_type":"article","og_title":"The Misguided Pursuit of Zero-vulnerability Applications\u00a0","og_description":"Discover the misconceptions surrounding zero-vulnerability applications in DevSecOps. Learn how to build a robust security culture, prioritize practical risk mitigation, and achieve a balance between security and development efficiency.","og_url":"https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/","og_site_name":"Checkmarx","article_publisher":"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis","article_modified_time":"2026-04-13T20:35:38+00:00","og_image":[{"width":1792,"height":1024,"url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/10\/The-Misguided-Pursuit-of-Zero-vulnerability-Applications.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_site":"@checkmarx","twitter_misc":{"Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/#article","isPartOf":{"@id":"https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/"},"author":{"name":"Jonathan Singer","@id":"https:\/\/checkmarx.com\/#\/schema\/person\/12874993aa841b57e429c631b192aa19"},"headline":"The Misguided Pursuit of Zero-vulnerability Applications\u00a0","datePublished":"2024-10-21T09:13:35+00:00","dateModified":"2026-04-13T20:35:38+00:00","mainEntityOfPage":{"@id":"https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/"},"wordCount":1232,"publisher":{"@id":"https:\/\/checkmarx.com\/#organization"},"image":{"@id":"https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/#primaryimage"},"thumbnailUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/10\/The-Misguided-Pursuit-of-Zero-vulnerability-Applications.jpg","inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/","url":"https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/","name":"The Misguided Pursuit of Zero-vulnerability Applications\u00a0","isPartOf":{"@id":"https:\/\/checkmarx.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/#primaryimage"},"image":{"@id":"https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/#primaryimage"},"thumbnailUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/10\/The-Misguided-Pursuit-of-Zero-vulnerability-Applications.jpg","datePublished":"2024-10-21T09:13:35+00:00","dateModified":"2026-04-13T20:35:38+00:00","description":"Discover the misconceptions surrounding zero-vulnerability applications in DevSecOps. Learn how to build a robust security culture, prioritize practical risk mitigation, and achieve a balance between security and development efficiency.","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/learn\/developers\/the-misguided-pursuit-of-zero-vulnerability-applications\/#primaryimage","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/10\/The-Misguided-Pursuit-of-Zero-vulnerability-Applications.jpg","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/10\/The-Misguided-Pursuit-of-Zero-vulnerability-Applications.jpg","width":1792,"height":1024,"caption":"Developers hero image"},{"@type":"WebSite","@id":"https:\/\/checkmarx.com\/#website","url":"https:\/\/checkmarx.com\/","name":"Checkmarx","description":"The world runs on code. We secure it.","publisher":{"@id":"https:\/\/checkmarx.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/checkmarx.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/checkmarx.com\/#organization","name":"Checkmarx","url":"https:\/\/checkmarx.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg","width":1,"height":1,"caption":"Checkmarx"},"image":{"@id":"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis","https:\/\/x.com\/checkmarx","https:\/\/www.youtube.com\/user\/CheckmarxResearchLab","https:\/\/www.linkedin.com\/company\/checkmarx"]},{"@type":"Person","@id":"https:\/\/checkmarx.com\/#\/schema\/person\/12874993aa841b57e429c631b192aa19","name":"Jonathan Singer","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/#\/schema\/person\/image\/","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/06\/avatar_92.jpg","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/06\/avatar_92.jpg","caption":"Jonathan Singer"},"url":"https:\/\/checkmarx.com\/author\/jonathansinger\/"}]}},"_links":{"self":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/learn\/98385","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/learn"}],"about":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/types\/learn"}],"author":[{"embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/users\/92"}],"version-history":[{"count":0,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/learn\/98385\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/media\/98489"}],"wp:attachment":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/media?parent=98385"}],"wp:term":[{"taxonomy":"learn-cat","embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/learn-cat?post=98385"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}