Checkmarx Review

Good value with a very good CodeBashing platform and AppSec Awareness

What is our primary use case?

We're more evaluating the solution rather than using it right now. We're resellers and it's something we'd like to offer to our clients.

What is most valuable?

I am aware of Checkmarx's portfolio, however, we've been playing exclusively with the SAST and with the AppSec Awareness platform, they're Codebashing platform. It's been a very positive experience overall.

The value you can get out of the speedy production may be worth the price tag.

What needs improvement?

The reporting could be better on the product. The need to be much more customizable including being customizable for various roles.

The pricing can get a bit expensive, depending on the company's size.

For how long have I used the solution?

We've been working with this solution for some time. I have personally been working with the product for the last three or four months.

Which solution did I use previously and why did I switch?

We haven't really extensively worked with any other products.

What's my experience with pricing, setup cost, and licensing?

The cost might seem steep, however, it really depends on, first the size and requirements of your company. There are companies for which the speed of developing new features and developing them securely, is more valuable than for other organizations. 

This goes not only for Checkmarx. It goes for any automated desktop security platform in general. I definitely see the cases when the Checkmarx license is a reasonable expense. It just may not be for everyone.

Which other solutions did I evaluate?

We've been looking at SonarQube. We're looking into other options as we don't want exclusively to just offer Checkmarx to potential clients.

We looking for solutions more on the enterprise spectrum. Therefore, I would probably consider products such as Vericode. I would also consider the newer players, such as, for example, GitLab

What other advice do I have?

We're resellers, however, we don't have an exclusive relationship with this company. We're looking at other products we can use and offer to our clients as well.

In our company, we do not have the Checkmarx solution running on production. We do have it, however, we only have a learning license, which is non-commercial.

On a scale from one to ten, I would rate this product at an eight. Overall, it's been a positive experience so far.

**Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
More Checkmarx reviews from users
...who work at a Computer Software Company
...who compared it with SonarQube
Learn what your peers think about Checkmarx. Get advice and tips from experienced pros sharing their opinions. Updated: July 2021.
524,194 professionals have used our research since 2012.
Add a Comment
ITCS user