Checkmarx Review

The Best Fix Location & Payments Features Can Save Time Mitigating Network Configurations

What is our primary use case?

We use Checkmarx to review the source code for the external applications that we expose to the cloud or other servers on the internet.

How has it helped my organization?

We received two main benefits from Checkmarx:

  1. Better Security
  2. Saving Time

I recommend Checkmarx to be sure that your development has robust security. For your team management, Checkmarx has a very nice feature to check out manual staff in the process.

What is most valuable?

The most valuable features of Checkmarx are the Best Fix Location and the Payments option because you can save a lot of time trying to mitigate the configuration. Using these tools can save you a lot of time.

What needs improvement?

Checkmarx could probably do something to improve their license model. If you have a small company, or if you have a small team with just one or two applications, the entry-level price is too high for such a company. 

You can find all the solutions offered by Checkmarx through other solutions providers. That is why this type of company needs to be more flexible. 

In this space, you have a security code and also you have a quality code. It is totally different in terms of investment. In terms of functionality, there are a lot of differences between the various competing products. 

With Checkmarx, normally you need to use one tool for quality and you need to use another tool for security. I understand that Checkmarx is not in the parity space because it's totally different, but they could include some free features or recommendations too.

The problem with Checkmarx lies with the pricing and licensing, not the product itself. The product is very good.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Checkmarx is a good product, certainly stable.

What do I think about the scalability of the solution?

The scalability is good. We haven't had any problems with it.

How are customer service and technical support?

Our experience with technical support is good. They have a lot of expert staff on their customer service lines. We have had no problems with their technical support services.

Which solution did I use previously and why did I switch?

We used Veracode for some time and it's also a good solution. Veracode fits better for small companies. It's more automatic.

Checkmarx is more complete and they have more features to support our development team and security team requirements.

In general, Checkmarx is a better solution, but it's more complicated, especially in terms of the price for a small company.

How was the initial setup?

Our deployment of Checkmarx took a couple of days, at max, a week. 

What about the implementation team?

The setup was a long time back, but I know that we did not use a reseller or consultant for the deployment.

Which other solutions did I evaluate?

We evaluated some products from a company in Spain. Checkmarx provided better functionality and options for us.

What other advice do I have?

We have a small team. It is about four people in total. We do not require that many staff for the deployment and maintenance of Checkmarx.

We are testing the solution in a small local company. Our idea is to expand the use of it to our clients in the West.

In this space, you can have different points of view and if only you are looking for a solution to do a check in your auditory report, then you can choose anyone. 

If you really are worried about your business, i.e. about your development sites or development environments, Checkmarx is a great solution.

I would rate Checkmarx a nine out of ten because of the price, but technically for me, it is a 10. 

I would rate Checkmarx with a nine because it would be perfect at a more functional level, and could be better at providing these features for parity. 

If you research what Checkmarx is offering in their package distribution, you get exactly what they promise up front, so they are not lying.

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More Checkmarx reviews from users
...who work at a Financial Services Firm
...who compared it with HCL AppScan
Add a Comment