Checkmarx’s new SAST engine isn’t about the LLM. It’s about what happens after.
7.7 relevance
Score Breakdown
technical depth 8
novelty 7
actionability 8
community 6
strategic 8
personal 9
Scored daily by a customisable AI persona to surface the most relevant engineering leadership news.
New SAST engine with LLM, relevant to DevSecOps and platform engineering.
Summary
Checkmarx's new SAST engine orchestrates a deterministic rules scanner, an LLM fine-tuned on security data, and a Findings Analysis Engine (FAE) that classifies true/false positives before results reach developers. The company claims an F1 score of 0.499 (vs 0.20 average) and found 327 true positives missed by a leading frontier model across four production codebases. The orchestration layer, not the LLM itself, is the differentiator, addressing noise from AI-generated code that has increased commit volume by 1-1.5x.