We performed a comparison between Checkmarx One and GitHub based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature for me is the Jenkins Plugin."
"Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%."
"The main benefit to using this solution is that we find vulnerabilities in our software before the development cycle is complete."
"The SAST component was absolutely 100% stable."
"The identification of verification-related security vulnerabilities is really important and one of the key things. It also identifies vulnerabilities for any kind of third-party tool coming into the system or any third-party tools that you are using, which is very useful for avoiding random hacking."
"The user interface is modern and nice to use."
"The most valuable feature is the application tracking reporting."
"The value you can get out of the speedy production may be worth the price tag."
"The initial setup was easy."
"This solution is just easy to use."
"The control is the most valuable feature as developers can work on a single code."
"I'm able to access any repository that I like, whether it's public or private."
"Even if I'm not in the office, I can access and work on my code from anywhere with my account credentials."
"The version control functionality for this solution has been most valuable, especially when managing projects with multiple versions."
"The best feature is the ability to track the history of all code changes, and it's easy to use. Additionally, as it's open source, anyone can use that feature resulting in distributed development. This opens the door to collaboration with different code and developer, feature, and master branches of development."
"Has great integration with third-party tools."
"One area for improvement in Checkmarx is pricing, as it's more expensive than other products."
"The cost per user is high and should be reduced."
"We want to have a holistic view of the portfolio-level dashboard and not just an individual technical project level."
"The validation process needs to be sped up."
"I would like to see the rate of false positives reduced."
"Checkmarx is not good because it has too many false positive issues."
"There is nothing particular that I don't like in this solution. It can have more integrations, but the integrations that we would like are in the roadmap anyway, and they just need to deliver the roadmap. What I like about the roadmap is that it is going where it needs to go. If I were to look at the roadmap, there is nothing that is jumping out there that says to me, "Yeah. I'd like something else on the roadmap." What they're looking to deliver is what I would expect and forecast them to deliver."
"Checkmarx could improve the solution reports and false positives. The false positives could be reduced. For example, we have alerts that are tagged as vulnerabilities but when you drill down they are not."
"The solution can improve by adding video guides, official guides, or short courses that cater to beginners who are new to the system. These resources could offer step-by-step guidance on how to use GitHub, including common procedures such as pulling and committing. Currently, many of us have to resort to searching for information on how to do these tasks via Google. An official guide provided by GitHub itself would be a valuable asset to newcomers and would save them time and effort."
"If something has to be moved into approvals, and if they don't approve it in a few hours, then they should move the approval request to some other user, or they should have a way to escalate it."
"I would like a more graphical, user-friendly UI, to avoid writing so much code on cmd."
"They're improving the work items to track the progress of the team, but in my experience, Azure DevOps is better in this functionality. GitHub needs to improve the form to track the progress of the work done by a team."
"This solution could be improved by offering crowd sourced support where we could ask questions to other users."
"There is a bit of a learning curve."
"The GUI design is poor, so I exclusively use the CLI, which is much easier to use and understand. It would be great to see the GUI updated to be more user-friendly."
"GitHub could expand the limits of the free version."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while GitHub is ranked 10th in Application Security Tools with 64 reviews. Checkmarx One is rated 7.6, while GitHub is rated 8.6. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of GitHub writes "Beneficial version control and continuous integration, but guides would be helpful". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Kiuwan, whereas GitHub is most compared with Snyk, AWS CodeCommit, Atlassian SourceTree, Bitbucket and IBM Rational ClearCase. See our Checkmarx One vs. GitHub report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.