Checkmarx Reviews

Filter by:Reset all filters
industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
rating
Loading...
Filter Unavailable
Don Robbins
Real User
Software Configuration Manager at a tech vendor with 501-1,000 employees
Jun 19 2019

What is most valuable?

I'm more of the admin as opposed to a user of Checkmarx. Overall, the ability to find vulnerabilities in the code is… more»

How has it helped my organization?

I haven't been monitoring how well our projects have been at reducing vulnerabilities. Checkmarx is one that you have to… more»

What needs improvement?

One of the biggest heartaches that we have is that all of our Windows servers are on an automated upgrade. Whenever… more»

What's my experience with pricing, setup cost, and licensing?

I've got 100 licenses for Checkmarx. As people come and go, it's a hassle to add and remove them. In this day and age… more»

If you previously used a different solution, which one did you use and why did you switch?

The tool that we were using before was AppScan.

What other advice do I have?

From an administrative standpoint, I would rate Checkmarx with a five out of ten. From what my users are telling me, I'd… more»
Milind Dharmadhikari
Real User
Practice Head - IT Risk & Security Management Services at Suma Soft Private Limited
May 18 2019

What is most valuable?

There are many features, but first is the fact that it is easy to use, and not complicated. One of the cool features is… more»

How has it helped my organization?

The main benefit to using this solution is that we find vulnerabilities in our software before the development cycle is… more»

What needs improvement?

The reports are good, but they still need to be improved considering what the UI offers. For example, the UI will suggest… more»

What's my experience with pricing, setup cost, and licensing?

We have a subscription license that is on a yearly basis, and it's a pretty competitive solution. I don't know of any… more»

If you previously used a different solution, which one did you use and why did you switch?

I do not have recent, hands-on experience with this tool but, I have used it in the past and my team now uses it… more»

What other advice do I have?

My advice to any software development team using a different set of tools is to look at Checkmarx. It's a very good… more»
Find out what your peers are saying about Checkmarx, SonarQube, Micro Focus and others in Application Security. Updated: June 2019.
352,552 professionals have used our research since 2012.
EduardoBeltran
Real User
Director and Co-Founder at Ushiro-tec
Apr 17 2019

What is most valuable?

The most valuable features of Checkmarx are the Best Fix Location and the Payments option because you can save a lot of time trying to mitigate the… more»

How has it helped my organization?

We received two main benefits from Checkmarx: * Better Security * Saving Time I recommend Checkmarx to be sure that your development has robust… more»

What needs improvement?

Checkmarx could probably do something to improve their license model. If you have a small company, or if you have a small team with just one or two… more»

If you previously used a different solution, which one did you use and why did you switch?

We used Veracode for some time and it's also a good solution. Veracode fits better for small companies. It's more automatic. Checkmarx is more… more»

What other advice do I have?

We have a small team. It is about four people in total. We do not require that many staff for the deployment and maintenance of Checkmarx. We are… more»
Reviewer59103
Consultant
Software Engineer at a tech services company with 10,001+ employees
Jan 22 2018

What is most valuable?

The most valuable feature for me is the Jenkins Plugin. We usually take a copy of the normal build job for Checkmarx so… more»

How has it helped my organization?

It is very easy to insert the tool in the SDLC because there are a wide variety of ways to access the source-code… more»

What needs improvement?

I think the CxAudit tool has room for improvement. At the beginning you can choose a scan of a project, but in any event… more»

What's my experience with pricing, setup cost, and licensing?

We got a special offer for a 30% reduction for three years, after our first year. I think for a real source-code scanning… more»

If you previously used a different solution, which one did you use and why did you switch?

None. I started with this product.

What other advice do I have?

Before implementing the product I would evaluate if it is really necessary to scan so many different languages and… more»
CyberSecAn08987
Real User
Cyber Security Analyst at a tech vendor with 1,001-5,000 employees
May 25 2019

What is most valuable?

There are many good features like site integration, but the most valuable feature for us is the XL scan of source code.

How has it helped my organization?

Our static operation security has been able to identify more security issues since implementing this solution.

What needs improvement?

It would be really helpful if the level of confidence was included, with respect to identified issues. Some competitors have this feature, and it… more»

If you previously used a different solution, which one did you use and why did you switch?

Prior to this solution, we were using IBM Security AppScan. We had many, many issues with the application, along with complaints about the… more»

What other advice do I have?

If people are in need of static application security, then I would recommend this product. I would rate this solution an eight out of ten.
Bus432Anly
Real User
Business Analyst at a tech services company with 201-500 employees
Nov 01 2018

What do you think of Checkmarx?

What is our primary use case?

Our primary use case solution is for code scanning.

How has it helped my organization?

It has made our organization more efficient with our whole code scan/deployment process for our software applications.

What is most valuable?

The most valuable features are: Ease of use Dashboard Interface Report

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

I have not had an issue with stability of the product.

What do I think about the scalability of the solution?

There have been no issues with scalability that I am aware of.

How is customer service and technical support?

I have not needed the use of technical support.

Which solutions did we use previously?

Previously, we…
Ankur Sood
Real User
Technical Architect at a tech services company with 1,001-5,000 employees
Feb 27 2018

What do you think of Checkmarx?

What is our primary use case?

I have used it for source code scanning of security vulnerabilities. It seems to be a good tool. It gives the proper code flow of vulnerabilities and the number of occurrences.

How has it helped my organization?

We have scanned various applications with it. It works fine, although we need to check manually for false positive issues. 

What is most valuable?

After scanning, it shows in-depth code of where actual vulnerabilities are, which helps us to analyze them.

What needs improvement?

It provides us with quite a handful of false positive issues. If Checkmarx could reduce this number, it would be a great tool to use.

For how long have I used the solution?

One to three years.
James Barwick
Real User
Principal Software Engineer at a comms service provider with 10,001+ employees
Feb 07 2019

What do you think of Checkmarx?

What is our primary use case?

Code scan. We performed periodic static code scans on copies of our Git repository to identify possible vulnerabilities.

How has it helped my organization?

Code consistency. It prompted our developers to fix code or document code they otherwise would not have done.

What is most valuable?

The consistency of code. Showed our team where they are inconsistent or where they have made simple omissions.

What needs improvement?

Dynamic testing. If it had that feature I would have liked to see more consideration of framework validations that we don't have to duplicate. These flags are false positives.

For how long have I used the solution?

One to three years.

Articles

User Assessments By Topic About Checkmarx

Find out what your peers are saying about Checkmarx, SonarQube, Micro Focus and others in Application Security. Updated: June 2019.
352,552 professionals have used our research since 2012.

Checkmarx Questions

Checkmarx Projects By Members

What is Checkmarx?

Checkmarx CxSAST is a highly accurate and flexible Static Code Analysis product that allows organizations to automatically scan un-compiled / un-built code and identify hundreds of security vulnerabilities in all major coding languages. CxSAST is available as a standalone product and can be effectively integrated into the Software Development Lifecycle (SDLC) to streamline detection and remediation. CxSAST can be deployed on-premise in a private data center or hosted via a public cloud.

Whitepaper: I, II

Checkmarx customers

YIT, Salesforce, Coca-Cola, SAP, U.S. Army, Liveperson, Playtech

Case Study: Liveperson Implements Innovative Secure SDLC

BUYER'S GUIDE
Download our free Application Security Report and find out what your peers are saying about Checkmarx, SonarQube, Micro Focus, and more!
Sign Up with Email