We performed a comparison between Checkmarx One and NowSecure based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST)."The feature that I have found most valuable is that its number of false positives is less than the other security application platforms. Its ease of use is another good feature. It also supports most of the languages."
"It allows for SAST scanning of uncompiled code. Further, it natively integrates with all key repos formats (Git, TFS, SVN, Perforce, etc)."
"From my point of view, it is the best product on the market."
"The most valuable feature is the application tracking reporting."
"The report function is the solution's greatest asset."
"It's not an obstacle for developers. They can easily write their code and make it more secure with Checkmarx."
"The ability to track the vulnerabilities inside the code (origin and destination of weak variables or functions)."
"The SAST component was absolutely 100% stable."
"The most valuable feature is the ability to download an application without actually putting in the APK. It gives us an option to put the APK in if we want to but we can download it from the App Store and Play Store."
"If it is a very large code base then we have a problem where we cannot scan it."
"C, C++, VB and T-SQL are not supported by this product. Although, C and C++ were advertised as being supported."
"Micro-services need to be included in the next release."
"Integration into the SDLC (i.e. support for last version of SonarQube) could be added."
"I would like the product to include more debugging and developed tools. It needs to also add enhancements on the coding side."
"The pricing can get a bit expensive, depending on the company's size."
"We want to have a holistic view of the portfolio-level dashboard and not just an individual technical project level."
"The tool is currently quite static in terms of finding security vulnerabilities. It would be great if it was more dynamic and we had even more tools at our disposal to keep us safe. It would help if there was more scanning or if the process was more automated."
"In this solution, there are two kinds of testing, static analysis, and dynamic analysis. There needs some improvement in testing with dynamic analysis because I have found it is not accurate"
Earn 20 points
Checkmarx One is ranked 3rd in Static Application Security Testing (SAST) with 67 reviews while NowSecure is ranked 33rd in Static Application Security Testing (SAST). Checkmarx One is rated 7.6, while NowSecure is rated 7.0. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of NowSecure writes "Scalable and reliable, but dynamic analysis needs improvement". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas NowSecure is most compared with Veracode, Data Theorem API Secure , Acunetix and GitLab.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.