We performed a comparison between Checkmarx One and Digital.ai Application Security based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."The administration in Checkmarx is very good."
"The setup is very easy. There is a lot of information in the documents which makes the install not difficult at all."
"The reports are very good because they include details on the code level, and make suggestions about how to fix the problems."
"The user interface is modern and nice to use."
"The features and technologies are very good. The flexibility and the roadmap have also been very good. They're at the forefront of delivering the additional capabilities that are required with cloud delivery, etc. Their ability to deliver what customers require and when they require is very important."
"The solution is always updating to continuously add items that create a level of safety from vulnerabilities. It's one of the key features they provide that's an excellent selling point. They're always ahead of the game when it comes to finding any vulnerabilities within the database."
"The solution improved the efficiency of our code security reviews. It helps tremendously because it finds hundreds of potential problems sometimes."
"The most valuable feature is the simple user interface."
"I used the tool to prepare for the interview as a Business Developer. It helped me improve my understanding on software security."
"I would like the product to include more debugging and developed tools. It needs to also add enhancements on the coding side."
"We are trying to find out if there is a way to identify the run-time null values. I am analyzing different tools to check if there is any tool that supports run-time null value identification, but I don't think any of the tools in the market currently supports this feature. It would be helpful if Checkmarx can identify and throw an exception for a null value at the run time. It would make things a lot easier if there is a way for Checkmarx to identify nullable fields or hard-coded values in the code. The accessibility for customized Checkmarx rules is currently limited and should be improved. In addition, it would be great if Checkmarx can do static code and dynamic code validation. It does a lot of security-related scanning, and it should also do static code and dynamic code validation. Currently, for security-related validation, we are using Checkmarx, and for static code and dynamic code validation, we are using some other tools. We are spending money on different tools. We can pay a little extra money and use Checkmarx for everything."
"Micro-services need to be included in the next release."
"The interactive application security testing, or IAST, the interactive part where you're looking at an application that lives in a runtime environment on a server or virtual machine, needs improvement."
"The lack of ability to review compiled source code. It would then be able to compete with other scanning tools, such as Veracode."
"C, C++, VB and T-SQL are not supported by this product. Although, C and C++ were advertised as being supported."
"The solution's user interface could be improved because it seems outdated."
"Meta data is always needed."
"I would like the tool to integrate AI and automation that is dedicated to detecting software vulnerabilities."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Digital.ai Application Security is ranked 36th in Application Security Tools with 1 review. Checkmarx One is rated 7.6, while Digital.ai Application Security is rated 6.0. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Digital.ai Application Security writes "Helps to improve knowledge on software security ". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Digital.ai Application Security is most compared with SonarQube, PortSwigger Burp Suite Professional and Fortify Application Defender.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.