We performed a comparison between Checkmarx One and Polyspace Code Prover based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Vulnerability details is valuable."
"I like that you don't have to compile the code in order to execute static code analysis. So, it's very handy."
"The identification of verification-related security vulnerabilities is really important and one of the key things. It also identifies vulnerabilities for any kind of third-party tool coming into the system or any third-party tools that you are using, which is very useful for avoiding random hacking."
"Our static operation security has been able to identify more security issues since implementing this solution."
"The process of remediating software security vulnerabilities can now be performed (ongoing) as portions of the application are being built in advance of being compiled."
"The main benefit to using this solution is that we find vulnerabilities in our software before the development cycle is complete."
"Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%."
"It gives the proper code flow of vulnerabilities and the number of occurrences."
"The outputs are very reliable."
"Polyspace Code Prover has made me realize it differs from other static code analysis tools because it runs the code. So it's quite distinct in that aspect."
"When we work on safety modules, it is mandatory to fulfill ISO 26262 compliance. Using Prover helps fulfill the standard on top of many other quality checks, like division by zero, data type casts, and null pointer dereferences."
"The product detects memory corruptions."
"Polyspace Code Prover is a very user-friendly tool."
"They can support the remaining languages that are currently not supported. They can also create a different model that can identify zero-day attacks. They can work on different patterns to identify and detect zero-day vulnerability attacks."
"The solution sometimes reports a false auditable code or false positive."
"Checkmarx has a slightly difficult compilation with the CI/CD pipeline."
"They could work to improve the user interface. Right now, it really is lacking."
"The plugins for the development environment have room for improvements such as for Android Studio and X code."
"Checkmarx could improve the speed of the scans."
"Updating and debugging of queries is not very convenient."
"In terms of dashboarding, the solution could provide a little more flexibility in terms of creating more dashboards. It has some of its own dashboards that come out of the box. However, if I have to implement my own dashboards that are aligned to my organization's requirements, that dashboarding feature has limited capability right now."
"One of the main disadvantages is the time it takes to initiate the first run."
"Automation could be a challenge."
"Using Code Prover on large applications crashes sometimes."
"The tool has some stability issues."
"I'd like the data to be taken from any format."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Polyspace Code Prover is ranked 23rd in Application Security Tools with 5 reviews. Checkmarx One is rated 7.6, while Polyspace Code Prover is rated 7.6. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Polyspace Code Prover writes "A stable solution for developing software components". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Polyspace Code Prover is most compared with SonarQube, Coverity, Klocwork, CodeSonar and Parasoft SOAtest. See our Checkmarx One vs. Polyspace Code Prover report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.