Checkmarx Primary Use Case

Don Robbins
Software Configuration Manager at a tech vendor with 501-1,000 employees
The primary use that we have for Checkmarx is the evaluation of source code vulnerabilities. We use Git to connect to Checkmarx. We don't use GitHub. We use our own self-hosted Git. We're just using generic Git. One of the biggest thorns in our side is managing that aspect of it. It wouldn't matter if it was GitHub or Bitbucket or any of the other tools that you can use to connect Git to Checkmarx. The issue is the same. The tool is good at telling us what repository we're connected to, but it is horrible in telling us what branch we're connected to. View full review »
Milind Dharmadhikari
Practice Head - IT Risk & Security Management Services at Suma Soft Private Limited
My team uses this product extensively for application vulnerability assessment. This solution is for static application security testing and is used within our software development process. As the software developers are creating solutions, they are able to identify vulnerabilities while the application is being written, rather than after the entire development is over. We were interested in having the raw source code scanned, so that was the primary requirement and that is where Checkmarx comes in. We do not need any precompiled libraries, or compiled source code, to be checked by the source code analysis solution. We have a security team that uses this product to scan source code, rather than have the developers handle it. We do not have any developer licenses (i.e. the SDLC Edition). Instead, the security team identifies the vulnerabilities and shares the report with the development team. View full review »
EduardoBeltran
Director and Co-Founder at Ushiro-tec
We use Checkmarx to review the source code for the external applications that we expose to the cloud or other servers on the internet. View full review »
Find out what your peers are saying about Checkmarx, SonarQube, Micro Focus and others in Application Security. Updated: November 2019.
384,324 professionals have used our research since 2012.
CyberSecAn08987
Cyber Security Analyst at a tech vendor with 1,001-5,000 employees
Our primary use case for this solution is SAST, Static Application Security Testing. View full review »
Bus432Anly
Business Analyst at a tech services company with 201-500 employees
Our primary use case solution is for code scanning. View full review »
Ankur Sood
Technical Architect at a tech services company with 1,001-5,000 employees
I have used it for source code scanning of security vulnerabilities. It seems to be a good tool. It gives the proper code flow of vulnerabilities and the number of occurrences. View full review »
James Barwick
Principal Software Engineer at a comms service provider with 10,001+ employees
Code scan. We performed periodic static code scans on copies of our Git repository to identify possible vulnerabilities. View full review »
Find out what your peers are saying about Checkmarx, SonarQube, Micro Focus and others in Application Security. Updated: November 2019.
384,324 professionals have used our research since 2012.
Sign Up with Email