The process of remediating software security vulnerabilities can now be performed (ongoing) as portions of the application are being built in advance of being compiled. Among other benefits, this reduces the cost to fix the problem(s) as the fix can occur earlier in the SDLC.
Checkmarx Review
It can scan precompiled (source) code, as well as compiled (binary) code.
How has it helped my organization?
What is most valuable?
The ability to identify a vulnerability, the optimal place for remediation and the correct syntax is very valuable. This feature helps ensure that the software fix is comprehensive and effective. The CxSuite is easy to use and because it provides the correct coding syntax to address a vulnerability, it helps improve the secure coding skill set among developers. The product can scan precompiled (source) code, as well as compiled (binary) code, delivering effectiveness and efficiency throughout the SDLC.
What needs improvement?
The product can be improved by continuing to expand the application languages and frameworks that can be scanned for vulnerabilities. This includes expanded coverage for mobile applications as well as open-source development tools.
The Checkmarx CxSuite covers a wide range of programming languages including many of the most popular languages used by developers today. As matter of general improvement, expanding coverage to languages (emerging, legacy) and open source frameworks will increase the overall effectiveness of product.
*2017 Update. A number of leading Open Source Frameworks are now supported.
What do I think about the stability of the solution?
The product is stable.
What do I think about the scalability of the solution?
The product scales well.
How are customer service and technical support?
The technical support is high quality. The support team is well versed in how best to configure, implement and operate the product.
Which solution did I use previously and why did I switch?
I did not previously use a different solution.
How was the initial setup?
The initial set up is straightforward. The product requires a fairly simple computing environment for operation.
What's my experience with pricing, setup cost, and licensing?
The product licensing offers the flexibility to cover a wide range of environments. The pricing is competitive and provides a lower TCO (total cost of ownership) for achieving application security.
Which other solutions did I evaluate?
We considered several other commercial-grade application security solutions. The Checkmarx solution offers an ideal combination of code coverage, functionality, usability and TCO.
What other advice do I have?
The Checkmarx CxSuite product works well, delivers efficiency to the SDLC, and most important of all, it effectively improves application security.
It works!
**Disclosure: My company has a business relationship with this vendor other than being a customer: My company is a Checkmarx Certified Partner.
Last updated: Feb 02 2017
More Checkmarx reviews from users...who work at a Computer Software Company
...at Large Enterprises
...who compared it with HCL AppScan
Learn what your peers think about Checkmarx. Get advice and tips from experienced pros sharing their opinions. Updated: January 2021.
455,301 professionals have used our research since 2012.
Add a Comment
1 Comment
NancyWilsonReal User
The software and application security should be the mandatory thing because most of the applications crash because of virus or harmful attacks. I was also getting the virus issue in my application then https://avastsupportnumber.co.uk/avast-customer-support avast customer service helped me a lot.
Author
Robert V. Jones
Founder at a tech company with 51-200 employees
Real User
Websitewww.presafetech.com
Highlights
Pros
The process of remediating software security vulnerabilities can now be performed (ongoing) as portions of the application are being built in advance of being compiled.
Cons
The product can be improved by continuing to expand the application languages and frameworks that can be scanned for vulnerabilities. This includes expanded coverage for mobile applications as well as open-source development tools.
Pricing Advice
The pricing is competitive and provides a lower TCO (total cost of ownership) for achieving application security.
Popular Comparisons
SonarQube
Veracode
Micro Focus Fortify on Demand
Coverity
HCL AppScan
WhiteSource
OWASP Zap
Sonatype Nexus Lifecycle
CAST Application Intelligence Platform
Rapid7 AppSpider
Qualys Web Application Scanning
Semmle QL
Klocwork
Tenable.io Web Application Scanning
Buyer's Guide
Download our free Checkmarx Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More:
- Scan
- Plugin
- Jenkins
- Analysis
- Integration
- Penetration Testing
- Code Analysis
- Server
- Java
- Azure
- Linux
- Bitbucket
- SQL Injection
- Languages
- Hotfix
- API
- Primary Use Case
- Valuable Features
- Room for Improvement
- What is the biggest difference between Veracode and Checkmarx?
- Checkmarx vs SonarQube; SonarQube interoperability with Checkmarx or Veracode
- What is the biggest difference between Checkmarx and SonarQube?
- When evaluating Application Security, what aspect do you think is the most important to look for?
- Which application security solutions include both vulnerability scans and quality checks?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- How was the 2020 Twitter Hack carried out? How could it have been prevented?
- Is SonarQube the best tool for static analysis?
- What are the OWASP top 10 in 2020?
- SAST vs. DAST: Which is better for application security testing?