We performed a comparison between Checkmarx One and Synopsys Code Dx based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Testing (AST)."The feature that I have found most valuable is that its number of false positives is less than the other security application platforms. Its ease of use is another good feature. It also supports most of the languages."
"The setup is fairly easy. We didn't struggle with the process at all."
"Most valuable features include: ease of use, dashboard. interface and the ability to report."
"The features and technologies are very good. The flexibility and the roadmap have also been very good. They're at the forefront of delivering the additional capabilities that are required with cloud delivery, etc. Their ability to deliver what customers require and when they require is very important."
"The ability to track the vulnerabilities inside the code (origin and destination of weak variables or functions)."
"Checkmarx pinpoints the vulnerability in the code and also presents the flow of malicious input across the application."
"The report function is the solution's greatest asset."
"The most valuable features of Checkmarx are the automation and information that it provides in the reports."
"The customers were looking for something around static security and dynamic security, and in all those areas, they were looking for an industry leader with a proven solution. Synopsys is a Gartner leader, so I position this particular technology for the technical pre-sales part of it."
"Its pricing model can be improved. Sometimes, it is a little complex to understand its pricing model."
"Updating and debugging of queries is not very convenient."
"Checkmarx could improve by reducing the price."
"It is an expensive solution."
"It would be really helpful if the level of confidence was included, with respect to identified issues."
"The product's reporting feature could be better. The feature works well for developers, but reports generated to be shared with external parties are poor, it lacks the details one gets when viewing the results directly from the Checkmarx One platform."
"As the solution becomes more complex and feature rich, it takes more time to debug and resolve problems. Feature-wise, we have no complaints, but Checkmarx becomes harder to maintain as the product becomes more complex. When I talk to support, it takes them longer to fix the problem than it used to."
"They can support the remaining languages that are currently not supported. They can also create a different model that can identify zero-day attacks. They can work on different patterns to identify and detect zero-day vulnerability attacks."
"The initial setup is a bit challenging because things are not easy. It needs a lot of technology adaptability plus the customer's environment-specific use cases."
Checkmarx One is ranked 3rd in Application Security Testing (AST) with 67 reviews while Synopsys Code Dx is ranked 31st in Application Security Testing (AST) with 1 review. Checkmarx One is rated 7.6, while Synopsys Code Dx is rated 0.0. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Synopsys Code Dx writes "Facilitates continuous assessment of applications, covering both static and dynamic security aspects". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Synopsys Code Dx is most compared with Veracode, Coverity and SonarQube.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.