Checkmarx One Previous Solutions
AS
reviewer2110539
Technical Lead at a computer software company with 10,001+ employees
We did not previously use a different solution.
View full review »We have used and looked at a mix of options, including Veracode and FOSSA.
Right now, I don't really have a competing vendor in my company, so I can't compare. More importantly, I don't have that much experience with others to compare anything accurately.
View full review »I've used Veracode, and there isn't a big difference between both solutions.
View full review »Buyer's Guide
Checkmarx One
April 2024
Learn what your peers think about Checkmarx One. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
768,857 professionals have used our research since 2012.
GG
Gustavo_Gonzalez
Technical Program Manager at a engineering company with 10,001+ employees
I used to work mostly on checking the source code manually, and estimated the time of completion counting the lines of code to review. With Checkmarx that time was hugely reduced.
I also worked with Veracode, which I use for compiled code, but most of the customer’s applications have uncompiled code, so that is why I use Checkmarx more frequently.
View full review »VY
reviewer1410597
Vice President Of Technology at a computer software company with 5,001-10,000 employees
Prior to using Checkmarx, I used AppScan but the concept is completely different. With Checkmarx, you are working with source code, whereas as with AppScan, you are working with binaries. You can say that AppScan is more like a dynamic security scan and Checkmarx is more static.
These products are quite different in terms of how you do the testing. Checkmarx is better from both a performance perspective and reporting a lower number of false positives.
View full review »JD
reviewer1711191
Cybersecurity at a transportation company with 1,001-5,000 employees
I still use other tools, so I just added it to the tool chest. I have Fortify, CodeSonar, etc and I added Checkmarx as a different tool.
View full review »RB
reviewer1171554
Senior Engineer at a tech vendor with 10,001+ employees
I was previously using Fortify but they were antiquated. They were not updating the solution on a regular basis.
View full review »DR
Don Robbins
Software Configuration Manager at a tech vendor with 501-1,000 employees
The tool that we were using before was AppScan.
View full review »MD
Milind Dharmadhikari
Practice Head - IT Risk & Security Management Services at Suma Soft Private Limited
I do not have recent, hands-on experience with this tool but, I have used it in the past and my team now uses it extensively. We did not use a tool previous to this one, and we plan to continue using this because we are getting good results.
We use this solution for static application security testing. For dynamic testing, we use the Netsparker solution.
View full review »VT
reviewer1534434
System Engineer at a tech vendor with 10,001+ employees
I'm also using SonarQube.
View full review »I am using Checkmarx in parallel with SonarQube.
View full review »RJ
Robert V. Jones
Founder at a tech company with 51-200 employees
I did not previously use a different solution.
View full review »ŁR
reviewer1477026
Solution Manager at a computer software company with 201-500 employees
We haven't really extensively worked with any other products.
View full review »RO
CyberSecAn08987
Cyber Security Analyst at a tech vendor with 1,001-5,000 employees
Prior to this solution, we were using IBM Security AppScan. We had many, many issues with the application, along with complaints about the deployment time. The main reason we switched is that it was not updated, and it did not support certain technologies. For example, it did not support Visual Studio 2017, so we had to switch to a new solution.
View full review »YD
Yafes Duygulutuna
Sr. Security Engineer at SugarCRM
We were using Fortify. Its software capability was limited in terms of mobile code scanning.
View full review »None. I started with this product.
View full review »AR
Antoine Rime
Cyber Security Consultant at a computer software company with 5,001-10,000 employees
We didn't previously use a different solution. We've only ever used this product.
View full review »We haven't used anything else. This is our first solution.
View full review »Before Checkmarx, we used HPE Security Fortify and IBM AppScan. We also tried several open-source scanning tools.
View full review »DK
Deepak Kamra
Vice President at Arisglobal Software Pvt Ltd
We were using IBM AppScan. Checkmarx is much better than that particular tool. It has more functionality and offers much more support to its users than IBM.
View full review »MM
reviewer971370
CEO at a tech services company with 11-50 employees
We have some experience with HPP AppScan, and with SonarQube. We started with a trial and felt that Checkmarx was the best.
View full review »TD
reviewer1415661
General Manager at a consultancy with 51-200 employees
We have used other products and found that you have to spend considerable time fine-tuning the scanning engine. With Checkmarx, it is a lot less and I would say that this is one of the significant differences with this solution.
The maintenance in terms of running the scans and fine-tuning the scans is very low.
On the other hand, we have used other tools where writing custom rules is not so difficult to do.
View full review »I have not used another before Checkmarx.
View full review »YB
reviewer932058
AVP, aPaaS Engineer at a financial services firm with 10,001+ employees
I have used SonarQube previously.
View full review »EB
EduardoBeltran
Director and Co-Founder at Ushiro-tec
We used Veracode for some time and it's also a good solution. Veracode fits better for small companies. It's more automatic.
Checkmarx is more complete and they have more features to support our development team and security team requirements.
In general, Checkmarx is a better solution, but it's more complicated, especially in terms of the price for a small company.
View full review »Previously, we were using a different solution. We were leveraging multiple tools since we have code in multiple languages. Checkmarx advertised that they provide support for C, C+++, Java, etc. It turned out that they aren’t able to scan C and C++ for us. Our reason to switch to Checkmarx didn’t work out for us.
View full review »We switched solutions due to the client's requirements.
View full review »I am not aware of any previous solutions.
View full review »This is the only solution I have used.
View full review »SD
Bus432Anly
Business Analyst at a tech services company with 201-500 employees
Previously, we considered: Veracode, SonarQube, Fortify and IBM Security AppScan.
View full review »We are using other tools along with this solution.
View full review »I have used Armorize codesecure.
View full review »Straight forward. Easy to follow steps.
I worked for an IT security firm and it was quite easy to setup the product for demo purposes virtually and even physically on the client premises
View full review »KN
reviewer1108275
Security at a tech services company with 51-200 employees
In my previous company, I used SonarQube. In my opinion, Checkmarx gives better results, and its protection is better than SonarQube.
View full review »We have used no other product.
View full review »We didn’t really have a previous solution but Checkmarx was the best match for .NET support and scan without resolving the dependencies.
View full review »Buyer's Guide
Checkmarx One
April 2024
Learn what your peers think about Checkmarx One. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
768,857 professionals have used our research since 2012.