Checkmarx Pros and Cons
Checkmarx Pros
Overall, the ability to find vulnerabilities in the code is better than the tool that we were using before.
View full review »The main benefit to using this solution is that we find vulnerabilities in our software before the development cycle is complete.
View full review »The most valuable features are the easy to understand interface, and it 's very user-friendly.
View full review »Learn what your peers think about Checkmarx. Get advice and tips from experienced pros sharing their opinions. Updated: January 2021.
455,536 professionals have used our research since 2012.
The solution is always updating to continuously add items that create a level of safety from vulnerabilities. It's one of the key features they provide that's an excellent selling point. They're always ahead of the game when it comes to finding any vulnerabilities within the database.
View full review »From my point of view, it is the best product on the market.
View full review »The most valuable features of Checkmarx are the Best Fix Location and the Payments option because you can save a lot of time trying to mitigate the configuration. Using these tools can save you a lot of time.
View full review »The user interface is excellent. It's very user friendly.
View full review »The identification of verification-related security vulnerabilities is really important and one of the key things. It also identifies vulnerabilities for any kind of third-party tool coming into the system or any third-party tools that you are using, which is very useful for avoiding random hacking.
View full review »User friendly and easily configurable.
View full review »The UI is very intuitive and simple to use.
View full review »Checkmarx Cons
Checkmarx being Windows only is a hindrance. Another problem is: why can't I choose PostgreSQL?
View full review »The reports are good, but they still need to be improved considering what the UI offers.
View full review »We have received some feedback from our customers who are receiving a large number of false positives.
View full review »Learn what your peers think about Checkmarx. Get advice and tips from experienced pros sharing their opinions. Updated: January 2021.
455,536 professionals have used our research since 2012.
In terms of dashboarding, the solution could provide a little more flexibility in terms of creating more dashboards. It has some of its own dashboards that come out of the box. However, if I have to implement my own dashboards that are aligned to my organization's requirements, that dashboarding feature has limited capability right now.
View full review »Micro-services need to be included in the next release.
View full review »With Checkmarx, normally you need to use one tool for quality and you need to use another tool for security. I understand that Checkmarx is not in the parity space because it's totally different, but they could include some free features or recommendations too.
View full review »The tool is currently quite static in terms of finding security vulnerabilities. It would be great if it was more dynamic and we had even more tools at our disposal to keep us safe. It would help if there was more scanning or if the process was more automated.
View full review »We are trying to find out if there is a way to identify the run-time null values. I am analyzing different tools to check if there is any tool that supports run-time null value identification, but I don't think any of the tools in the market currently supports this feature. It would be helpful if Checkmarx can identify and throw an exception for a null value at the run time. It would make things a lot easier if there is a way for Checkmarx to identify nullable fields or hard-coded values in the code.
The accessibility for customized Checkmarx rules is currently limited and should be improved. In addition, it would be great if Checkmarx can do static code and dynamic code validation. It does a lot of security-related scanning, and it should also do static code and dynamic code validation. Currently, for security-related validation, we are using Checkmarx, and for static code and dynamic code validation, we are using some other tools. We are spending money on different tools. We can pay a little extra money and use Checkmarx for everything.
View full review »We have some issues with false positives.
View full review »Creating and editing custom rules in Checkmarx is difficult because the license for the editor comes at an additional cost, and there is a steep learning curve.
View full review »Learn what your peers think about Checkmarx. Get advice and tips from experienced pros sharing their opinions. Updated: January 2021.
455,536 professionals have used our research since 2012.