We performed a comparison between Checkmarx One and GitHub based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The UI is user-friendly."
"The most valuable feature for me is the Jenkins Plugin."
"The reports are very good because they include details on the code level, and make suggestions about how to fix the problems."
"Our static operation security has been able to identify more security issues since implementing this solution."
"It gives the proper code flow of vulnerabilities and the number of occurrences."
"The report function is the solution's greatest asset."
"Overall, the ability to find vulnerabilities in the code is better than the tool that we were using before."
"The feature that I have found most valuable is that its number of false positives is less than the other security application platforms. Its ease of use is another good feature. It also supports most of the languages."
"The product has a good UI. It's simple and easy to access, and technical help is easily available. The two-factor authentication security is another valuable feature."
"The initial setup was easy."
"The best feature is the ability to track the history of all code changes, and it's easy to use. Additionally, as it's open source, anyone can use that feature resulting in distributed development. This opens the door to collaboration with different code and developer, feature, and master branches of development."
"Any complex banking can be handled very easily in GitHub. It allows us to integrate with tools like Grid, where we can merge and resolve conflicts without any hassle."
"The deployment is fast since we just have to run the script, and once it's done, it takes a few minutes."
"The code versioning is excellent, and having a detailed log, including every change made to the code by every developer, is invaluable. It makes it so that if there is a bug or problem in the product channel, we can find exactly where it happened and how to fix it."
"It has a lot of features from the code development perspective. You get a lot of features such as repo, commit, merge, and branch. You can play around and do things on the fly. It is easy and simple to deploy. It is also easier to use when working from home."
"This solution is very easy to use which I like about it. The capacity to own artifacts and share them with others is another good feature. You don't have to write all your code from scratch, you can use available templates and alter the code according to your needs."
"They can support the remaining languages that are currently not supported. They can also create a different model that can identify zero-day attacks. They can work on different patterns to identify and detect zero-day vulnerability attacks."
"Updating and debugging of queries is not very convenient."
"The lack of ability to review compiled source code. It would then be able to compete with other scanning tools, such as Veracode."
"The integration could improve by including, for example, DevSecOps."
"I expect application security vendors to cover all aspects of application security, including SAST, DAST, and even mobile application security testing. And it would be much better if they provided an on-premises and cloud option for all these main application security features."
"Checkmarx reports many false positives that we need to manually segregate and mark “Not exploitable”."
"Micro-services need to be included in the next release."
"Checkmarx needs to improve the false positives and provide more accuracy in identifying vulnerabilities. It misses important vulnerabilities."
"The UI is a little outdated, so that could be improved."
"GitHub could improve by being more user-friendly."
"There could be more integration into Azure."
"They're improving the work items to track the progress of the team, but in my experience, Azure DevOps is better in this functionality. GitHub needs to improve the form to track the progress of the work done by a team."
"GitHub needs to improve its UI."
"The solution needs some more controls for deleting code."
"Could be more user friendly."
"GitHub storage is one of the main requirements and it could improve."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while GitHub is ranked 13th in Application Security Tools with 64 reviews. Checkmarx One is rated 7.6, while GitHub is rated 8.6. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of GitHub writes "Beneficial version control and continuous integration, but guides would be helpful". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and GitLab, whereas GitHub is most compared with Snyk, AWS CodeCommit, Bitbucket, Atlassian SourceTree and IBM Rational ClearCase. See our Checkmarx One vs. GitHub report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.