We performed a comparison between CAST Highlight and Checkmarx based on real PeerSpot user reviews.
Find out in this report how the two Software Composition Analysis (SCA) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It offers good performance."
"The most valuable features of the CAST Highlight are the interface and there are three notations that are very simple to understand and communicate with."
"The most valuable features of CAST Highlight are automation and speed."
"CAST Highlight is easy to use and has a good dashboard."
"The way it tells you which codebase is more ready for the cloud and which codebase is less ready is very valuable. It works seamlessly with most languages."
"One of the most valuable features is it is flexible."
"The most valuable features of Checkmarx are the automation and information that it provides in the reports."
"The solution improved the efficiency of our code security reviews. It helps tremendously because it finds hundreds of potential problems sometimes."
"We use the solution to validate the source code and do SAST and security analysis."
"The ability to track the vulnerabilities inside the code (origin and destination of weak variables or functions)."
"The solution communicates where to fix the issue for the purpose of less iterations."
"Less false positive errors as compared to any other solution."
"The user interface is modern and nice to use."
"The reports that describe the issues of concern are rather abstract and the issues should be more clearly described to the user."
"Its price should be better. It is a pretty costly tool. They have two products: CAST Highlight and CAST AIP. I would expect CAST Highlight to have the Help dashboard and the Engineering dashboard. These dashboards are currently a part of CAST AIP, and if these are made available in CAST Highlight, customers won't have to use two different products all the time."
"The ease of configuration and customization could be improved in CAST Highlight."
"CAST Highlight could improve to allow us to comment and do a deep analysis by ourselves."
"There's a bit of a learning curve at the outset."
"It would be really helpful if the level of confidence was included, with respect to identified issues."
"The integration could improve by including, for example, DevSecOps."
"The plugins for the development environment have room for improvements such as for Android Studio and X code."
"The solution's user interface could be improved because it seems outdated."
"Licensing models and Swift language support are the aspects in which this product needs to improve. Swift is a new language, in which major customers require support for lower prices."
"Micro-services need to be included in the next release."
"There is nothing particular that I don't like in this solution. It can have more integrations, but the integrations that we would like are in the roadmap anyway, and they just need to deliver the roadmap. What I like about the roadmap is that it is going where it needs to go. If I were to look at the roadmap, there is nothing that is jumping out there that says to me, "Yeah. I'd like something else on the roadmap." What they're looking to deliver is what I would expect and forecast them to deliver."
"In terms of dashboarding, the solution could provide a little more flexibility in terms of creating more dashboards. It has some of its own dashboards that come out of the box. However, if I have to implement my own dashboards that are aligned to my organization's requirements, that dashboarding feature has limited capability right now."
CAST Highlight is ranked 10th in Software Composition Analysis (SCA) with 5 reviews while Checkmarx is ranked 3rd in Application Security Tools with 67 reviews. CAST Highlight is rated 7.8, while Checkmarx is rated 7.6. The top reviewer of CAST Highlight writes "Easy to set up with optimized and automated insights". On the other hand, the top reviewer of Checkmarx writes "The report function is a great, configurable asset but sometimes yields false positives". CAST Highlight is most compared with SonarQube, Snyk, Veracode, Black Duck and Sonatype Lifecycle, whereas Checkmarx is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity. See our CAST Highlight vs. Checkmarx report.
We monitor all Software Composition Analysis (SCA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.