Checkmarx Pros and Cons

Checkmarx Pros

Milind Dharmadhikari
Practice Head - IT Risk & Security Management Services at Suma Soft Private Limited
The main benefit to using this solution is that we find vulnerabilities in our software before the development cycle is complete.
View full review »
EduardoBeltran
Director and Co-Founder at Ushiro-tec
The most valuable features of Checkmarx are the Best Fix Location and the Payments option because you can save a lot of time trying to mitigate the configuration. Using these tools can save you a lot of time.
View full review »
Reviewer59103
Software Engineer at a tech services company with 10,001+ employees
The most valuable feature for me is the Jenkins Plugin.
View full review »
JohanSoula
Responsable du Pôle Sécurité des Applications at a financial services firm with 5,001-10,000 employees
Both automatic and manual code review (CxQL) are valuable.
View full review »
Yafes Duygulutuna
Sr. Security Engineer at SugarCRM
Vulnerability details is valuable.
View full review »
Bus432Anly
Business Analyst at a tech services company with 201-500 employees
It is a stable product.
Most valuable features include: ease of use, dashboard. interface and the ability to report.
View full review »
Ankur Sood
Technical Architect at a tech services company with 1,001-5,000 employees
It shows in-depth code of where actual vulnerabilities are.
It gives the proper code flow of vulnerabilities and the number of occurrences.
View full review »

Checkmarx Cons

Milind Dharmadhikari
Practice Head - IT Risk & Security Management Services at Suma Soft Private Limited
The reports are good, but they still need to be improved considering what the UI offers.
View full review »
EduardoBeltran
Director and Co-Founder at Ushiro-tec
With Checkmarx, normally you need to use one tool for quality and you need to use another tool for security. I understand that Checkmarx is not in the parity space because it's totally different, but they could include some free features or recommendations too.
View full review »
Reviewer59103
Software Engineer at a tech services company with 10,001+ employees
I think the CxAudit tool has room for improvement. At the beginning you can choose a scan of a project, but in any event the project must be scanned again (wasting time).
Updating and debugging of queries is not very convenient.
View full review »
JohanSoula
Responsable du Pôle Sécurité des Applications at a financial services firm with 5,001-10,000 employees
Integration into the SDLC (i.e. support for last version of SonarQube) could be added.
View full review »
Yafes Duygulutuna
Sr. Security Engineer at SugarCRM
Implementing a blackout time for any user or teams: Needs improvement.
View full review »
Bus432Anly
Business Analyst at a tech services company with 201-500 employees
It is an expensive solution.
View full review »
Ankur Sood
Technical Architect at a tech services company with 1,001-5,000 employees
It provides us with quite a handful of false positive issues. If Checkmarx could reduce this number, it would be a great tool to use.
View full review »

Sign Up with Email