We performed a comparison between Checkmarx One and GitLab based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It shows in-depth code of where actual vulnerabilities are."
"The most valuable features of Checkmarx are difficult to pinpoint because of the way the functionalities and the features are intertwined, it's difficult to say which part of them I prefer most. You initiate the scan, you have a scan, you have the review set, and reporting, they all work together as one whole process. It's not like accounting software, where you have the different features, et cetera."
"The most valuable feature for me is the Jenkins Plugin."
"The user interface is modern and nice to use."
"Apart from software scanning, software composition scanning is valuable."
"Overall, the ability to find vulnerabilities in the code is better than the tool that we were using before."
"The solution is scalable, but other solutions are better."
"It is very useful because it fits our requirements. It is also easy to use. It is not complex, and we are satisfied with the results."
"The solution's most valuable feature is that it is compatible with GitHub. The product's integration capabilities are sufficient for our small company of 35 people."
"The stability is good."
"Their CI/CD engine is very mature. It's very comprehensive and flexible, and compared to other projects, I believe that GitLab is number one right now from that perspective."
"GitLab's best features are continuous integration and fast deployment."
"GitLab is very useful for pipelines, continuous integration, and continuous deployment. It is also stable."
"It is a speedy platform compared to the others I have used. I have also enjoyed using the platform as this solution offers a good user experience."
"A user friendly solution."
"As a developer, this solution is useful as a repository holder because most of the POC projects that we have are on GitLab."
"Updating and debugging of queries is not very convenient."
"Checkmarx could improve the solution reports and false positives. The false positives could be reduced. For example, we have alerts that are tagged as vulnerabilities but when you drill down they are not."
"Meta data is always needed."
"We have received some feedback from our customers who are receiving a large number of false positives."
"The statistics module has a function that allows you to show some statistics, but I think it's limited. Maybe it needs more information."
"There is nothing particular that I don't like in this solution. It can have more integrations, but the integrations that we would like are in the roadmap anyway, and they just need to deliver the roadmap. What I like about the roadmap is that it is going where it needs to go. If I were to look at the roadmap, there is nothing that is jumping out there that says to me, "Yeah. I'd like something else on the roadmap." What they're looking to deliver is what I would expect and forecast them to deliver."
"The product can be improved by continuing to expand the application languages and frameworks that can be scanned for vulnerabilities. This includes expanded coverage for mobile applications as well as open-source development tools."
"We would like to be able to run scans from our local system, rather than having to always connect to the product server, which is a longer process."
"The solution could be faster."
"I would like configuration of a YML file to be done via UI rather than a code file."
"As a partner, sometimes it's difficult to get support. They have a really complicated procedure for their support."
"I've noticed an area for improvement in GitLab, particularly needing to go through many steps to push the code to the repository. Resolving that issue would make the product better. My team quickly fixed it by writing a small script, then double-clicking or enabling the script to take care of the issue. However, that quick fix was from my team and not the GitLab team, so in the next release, if an automatic deployment feature would be available in GitLab, then that would be good because, in Visual Studio, you can do that with just one click of a button."
"The tool should include a feature that helps to edit the code directly."
"We would like to generate document pages from the sources."
"Reporting could be improved."
"I'm new to GitLab, so I would appreciate more documentation about the code and commands."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while GitLab is ranked 7th in Application Security Tools with 70 reviews. Checkmarx One is rated 7.6, while GitLab is rated 8.6. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Fortify WebInspect, whereas GitLab is most compared with Microsoft Azure DevOps, Bamboo, SonarQube, AWS CodePipeline and Tekton. See our Checkmarx One vs. GitLab report.
See our list of best Application Security Tools vendors, best Static Application Security Testing (SAST) vendors, and best DevSecOps vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.