Checkmarx Review

Security testing solution with vulnerability details and planned blackout times.

How has it helped my organization?

  • Put the vulnerability details area on the right side of the application or it may be changeable
  • Save and reset screen configuration

What is most valuable?

Vulnerability details part.

What needs improvement?

  • Vulnerability details: Reduce false positive results and improve it by providing more details how I can resolve the vulnerability.
  • Implementing a blackout time for any user or teams: Needs improvement. I need to place limits for some users or teams within a specific time frame. For example, between 02:00 to 06:00. They can't start any scanning during that time, even if they have scanner privileges.

What do I think about the stability of the solution?

In the latest version, the session logout doesn't work properly.

What do I think about the scalability of the solution?

We have two engine licenses, but we can't scan two projects at the same time.

How are customer service and technical support?

I would give technical support a rating of 9/10.

Which solution did I use previously and why did I switch?

We were using Fortify. Its software capability was limited in terms of mobile code scanning.

How was the initial setup?

The initial setup was very easy.

What's my experience with pricing, setup cost, and licensing?

We don't have any specific advice about these issues.

Which other solutions did I evaluate?

We evaluated Fortify and AppScan.

What other advice do I have?

I don't like the latest license update. I can't set a limit for the reviewer account.

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More Checkmarx reviews from users
...who work at a Computer Software Company
...who compared it with HCL AppScan
Add a Comment