Checkmarx Review

We can create custom rules for code checks. You have to do a lot of customization.

How has it helped my organization?

During the trial period, we tried to build automated security development lifecycles with this product and with other products. We have achieved partial success with this.

What is most valuable?

The solution allows us to create custom rules for code checks. Without custom rules, the system couldn’t find anything serious in the custom code and libraries.

What needs improvement?

The main issue was the supported Windows OS for the installation. Windows is not appropriate for a big internet company’s infrastructure. Supporting a Windows machine, especially for this software, is inconvenient.

This product requires you to create your own rulesets. You have to do a lot of customization. The default rules do not work very well. In addition, it is impossible to analyze code with dynamic dependencies.

What do I think about the stability of the solution?

There were no problems with stability. The application was stable in our test cases.

What do I think about the scalability of the solution?

There were no scalability issues, but keep in mind that our version can only scale on one server.

How are customer service and technical support?

There is very good technical support. We have the support of two onsite engineers.

Which solution did I use previously and why did I switch?

We are using other tools along with this solution.

How was the initial setup?

The setup was simple. It mostly involved clicking the “Next” button in the Windows installer.

What's my experience with pricing, setup cost, and licensing?

The pricing was not very good. This is just a framework which shouldn’t cost so much.

The product comes with very strange licensing options. They don’t let you exclude workplace licenses, which are useless for building automated systems.

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More Checkmarx reviews from users
...who work at a Computer Software Company
...who compared it with HCL AppScan
Add a Comment