Checkmarx Competitors and Alternatives

The top Checkmarx competitors are
  • SonarQube
  • Fortify on Demand
  • Veracode
  • IBM Security AppScan
  • Coverity
  • Kiuwan
  • OWASP Zap
  • WhiteSource
Read reviews of Checkmarx competitors and alternatives
Veracode Logo
CA Technologies
Informat2327
Real User
Information Security Lead Analyst at a Consumer Goods with 10,001+ employees
Mar 26 2018

What is most valuable?

Catching coding flaws before they go live. Regarding integrating Veracode into our software development lifecycle, we... more»

How has it helped my organization?

It has caught lots of flaws that could have been exploited, like SQL injection flaws. It has also improved developer... more»

What needs improvement?

It's a pretty dynamic product. It's changing all the time and improving.

What's my experience with pricing, setup cost, and licensing?

I'm not the pricing guy. Licensing is pretty flexible. It's a little bit weird, it's by the size of the binary, which... more»

Which other solutions did I evaluate?

Veracode is the first professional solution I've used. It was in place when I got to the company.

What other advice do I have?

I recommend it all the time. It's an important aspect of a complete security program. Not necessarily this product, but... more»
SonarQube Logo
SonarQube
Technicae22f
Real User
Technical Architect and Software Engineer at a tech services company
Sep 12 2017

What is most valuable?

SonarQube is not valuable because of the information it gives it. We can gather that same information from several other tools as well. It is the way the information is presented... more»

How has it helped my organization?

Individual developers are more concerned about the quality of their work when they see their results in the big picture.

What's my experience with pricing, setup cost, and licensing?

Price is high and only worth it if your organization has hundreds of developers.

Which other solutions did I evaluate?

We used the same tests, but with every developer running them individually. Now management can also get a picture of the quality assurance.
Klocwork Logo
Rogue Wave
Chidanand Dhanawade
Real User
Senior Software Engineer at a manufacturing company
Jul 14 2017

What is most valuable?

It is one of the best tools available for static analysis.

How has it helped my organization?

This tool was already rolled out in our projects at Delphi Technical Center in Bangalore, India. Though we had a QAC... more»

What needs improvement?

There are some false warnings found which eventually are not considered for a fix after the team reviewed the source code.

What's my experience with pricing, setup cost, and licensing?

I have no idea about pricing.

Which other solutions did I evaluate?

We were using QAC and Klocwork at my previous company. At my current organization, we use Polyspace.

What other advice do I have?

I recommend this tool as one of the best to be used for static analysis and should at least be tried.

Sign Up with Email