Checkmarx Pros and Cons

Overall, the ability to find vulnerabilities in the code is better than the tool that we were using before.

The main benefit to using this solution is that we find vulnerabilities in our software before the development cycle is complete.

The most valuable features of Checkmarx are the Best Fix Location and the Payments option because you can save a lot of time trying to mitigate the configuration. Using these tools can save you a lot of time.

The most valuable feature for me is the Jenkins Plugin.

Our static operation security has been able to identify more security issues since implementing this solution.

It is a stable product.

Most valuable features include: ease of use, dashboard. interface and the ability to report.

It shows in-depth code of where actual vulnerabilities are.

It gives the proper code flow of vulnerabilities and the number of occurrences.

Checkmarx being Windows only is a hindrance. Another problem is: why can't I choose PostgreSQL?

The reports are good, but they still need to be improved considering what the UI offers.

With Checkmarx, normally you need to use one tool for quality and you need to use another tool for security. I understand that Checkmarx is not in the parity space because it's totally different, but they could include some free features or recommendations too.

I think the CxAudit tool has room for improvement. At the beginning you can choose a scan of a project, but in any event the project must be scanned again (wasting time).

Updating and debugging of queries is not very convenient.

It would be really helpful if the level of confidence was included, with respect to identified issues.

It is an expensive solution.

It provides us with quite a handful of false positive issues. If Checkmarx could reduce this number, it would be a great tool to use.