Kristen Smith 
- Checkmarx has teamed with Carahsoft to bring an agentic application security platform to government buyers
- The AI-native platform consolidates security testing, open-source dependency checks, API protection and container scanning into one offering
- Checkmarx said the unified approach lets agencies drop fragmented tools and catch exploitable risks earlier
Checkmarx and Carahsoft Technology have entered into a distribution partnership that makes the agentic application security company’s platform available to government buyers through Carahsoft’s reseller network and contract vehicles.
Checkmarx said Wednesday public sector customers can access its offerings through the NASA Solutions for Enterprise-Wide Procurement V, E&I Cooperative Services and The Quilt contracts.
Jonathan Kozimor, Checkmarx’s vice president of channel Americas, said Carahsoft is an ideal partner to help agencies bake security into how they build software, citing its procurement know-how and reseller relationships.
What Does the Checkmarx Platform Offer Agencies?
Checkmarx offers an artificial intelligence-native platform that handles application security throughout the agentic development lifecycle. The product brings together capabilities for static and dynamic security testing, checking open-source dependencies, protecting application programming interfaces, scanning containers and infrastructure-as-code processes, and managing the overall security posture.
According to the company, the consolidated approach lets organizations retire fragmented tooling, concentrate on exploitable risks and resolve problems earlier, reducing rework as agencies contend with increasingly complex AI-driven and cloud-native environments. It added that the platform is built to integrate with existing DevOps workflows and real-time governance dashboards.
“As agencies continue to modernize their development environments, it is critical they have access to solutions that embed security throughout the software lifecycle,” said Brian O’Donnell, vice president of cybersecurity solutions at Carahsoft.
He noted that the partnership will help government organizations adopt a proactive posture that protects sensitive data while accelerating application delivery.
How Does the Deal Fit Carahsoft’s Cybersecurity Push?
Checkmarx is the latest in a string of security vendors Carahsoft has brought into its public sector catalog this year. The distributor signed on as Bugcrowd’s Master Government Aggregator in April, giving agencies a procurement path to the firm’s Federal Risk and Authorization Management Program Moderate-authorized crowdsourced security platform, which supports bug bounty programs, vulnerability disclosure, penetration testing and red teaming.
In March, Carahsoft agreed to distribute Lastwall’s quantum-resilient, zero trust identity tools as federal agencies face increasing pressure to meet zero trust compliance deadlines. Other recent additions to its roster include AccuKnox, Certes, ColorTokens, Zifino, RAD Security and Dataminr.
