We performed a comparison between Checkmarx One and Seeker based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST)."The most valuable feature for me is the Jenkins Plugin."
"One of the most valuable features is it is flexible."
"It allows for SAST scanning of uncompiled code. Further, it natively integrates with all key repos formats (Git, TFS, SVN, Perforce, etc)."
"The main thing we find valuable about Checkmarx is the ease of use. It's easy to initiate scans and triage defects."
"The user interface is excellent. It's very user friendly."
"The feature that I have found most valuable is that its number of false positives is less than the other security application platforms. Its ease of use is another good feature. It also supports most of the languages."
"The ability to track the vulnerabilities inside the code (origin and destination of weak variables or functions)."
"The features and technologies are very good. The flexibility and the roadmap have also been very good. They're at the forefront of delivering the additional capabilities that are required with cloud delivery, etc. Their ability to deliver what customers require and when they require is very important."
"A significant advantage of Seeker is that it is an interactive scanner, and we have found it to be much more effective in reducing the amount of false positives than dynamic scanners such as AppScan, Micro Focus Fortify, etc. Furthermore, with Seeker, we are finding more and more valid (i.e. "true") positives over time compared with the dynamic scanners."
"Checkmarx needs to be more scalable for large enterprise companies."
"It would be really helpful if the level of confidence was included, with respect to identified issues."
"The solution sometimes reports a false auditable code or false positive."
"Checkmarx reports many false positives that we need to manually segregate and mark “Not exploitable”."
"The cost per user is high and should be reduced."
"The lack of ability to review compiled source code. It would then be able to compete with other scanning tools, such as Veracode."
"Checkmarx being Windows only is a hindrance. Another problem is: why can't I choose PostgreSQL?"
"The pricing can get a bit expensive, depending on the company's size."
"One area that Seeker can improve is to make it more customizable. All security scanning tools have a defined set of rules that are based on certain criteria which they will use to detect issues. However, the criteria that you set initially is not something that all applications are going to need."
Checkmarx One is ranked 3rd in Static Application Security Testing (SAST) with 67 reviews while Seeker is ranked 24th in Static Application Security Testing (SAST) with 1 review. Checkmarx One is rated 7.6, while Seeker is rated 7.0. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Seeker writes "More effective than dynamic scanners, but is missing useful learning capabilities". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Seeker is most compared with Synopsys API Security Testing, Coverity, Contrast Security Assess, Polaris Software Integrity Platform and PortSwigger Burp Suite Professional.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.