We performed a comparison between Checkmarx One and GitLab based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Most valuable features include: ease of use, dashboard. interface and the ability to report."
"The user interface is modern and nice to use."
"The SAST component was absolutely 100% stable."
"One of the most valuable features is it is flexible."
"The process of remediating software security vulnerabilities can now be performed (ongoing) as portions of the application are being built in advance of being compiled."
"We use the solution to validate the source code and do SAST and security analysis."
"The most valuable feature is the simple user interface."
"The reports are very good because they include details on the code level, and make suggestions about how to fix the problems."
"The solution's most valuable feature is that it is compatible with GitHub. The product's integration capabilities are sufficient for our small company of 35 people."
"We're only using the basic features of GitLab and haven't used any advanced features. The solution works fine, so that's what we like about GitLab. We're party using GitHub and GitLab. We have a GitHub server, while we use GitLab locally or only within our team, and it works okay. We don't have any significant problems with the solution. We also found the straightforward setup, stability, and scalability of GitLab valuable."
"GitLab is kind of an image of GitHub, so it gives us the flexibility to monitor our changes in the repos."
"Git hosting has an integration with ACD which is why we liked this solution in the first place."
"The tool helps to integrate CI/CD pipeline deployments. It is very easy to learn. Its security model is good."
"I like GitLab from the CI/CD perspective. It is much easier to set up CI/CD and then integrate with other tools."
"Of all available products, it was the easiest to use and easy to install."
"GitLab's best feature is Actions."
"The product's reporting feature could be better. The feature works well for developers, but reports generated to be shared with external parties are poor, it lacks the details one gets when viewing the results directly from the Checkmarx One platform."
"Checkmarx is not good because it has too many false positive issues."
"The product can be improved by continuing to expand the application languages and frameworks that can be scanned for vulnerabilities. This includes expanded coverage for mobile applications as well as open-source development tools."
"Checkmarx being Windows only is a hindrance. Another problem is: why can't I choose PostgreSQL?"
"It is an expensive solution."
"The resolutions should also be provided. For example, if the user faces any problem regarding an installation due to the internal security policies of their company, there should be a resolution offered."
"Integration into the SDLC (i.e. support for last version of SonarQube) could be added."
"Its pricing model can be improved. Sometimes, it is a little complex to understand its pricing model."
"I would like to see security increased in the future. A secure environment is very important."
"I would like configuration of a YML file to be done via UI rather than a code file."
"We do face issues in our company when we run out of disk space."
"We'd always like to see better pricing on the product."
"It would be better if there weren't any outages. There are occasions where we usually see a lot of outages using GitLab. It happens at least once a week or something like that. Whatever pipelines you're running, to check the logs, you need to have a different set of tools like Argus or something like that. If you have pipelines running on GitLab, you need a separate service deployed to view the logs, which is kind of a pain. If the logs can be used conveniently on GitLab, that would be definitely helpful. I'm not talking about the CI/CD pipelines but the back-end services and microservices deployed over GitLab. To view the logs for those microservices, you need to have separate log viewers, which is kind of a pain."
"I would like to see better integration with project management tools such as Jira."
"It is a little complex to set up the pipelines within the solution."
"We would like to generate document pages from the sources."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while GitLab is ranked 7th in Application Security Tools with 70 reviews. Checkmarx One is rated 7.6, while GitLab is rated 8.6. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and GitHub, whereas GitLab is most compared with Microsoft Azure DevOps, Bamboo, AWS CodePipeline, SonarQube and Tekton. See our Checkmarx One vs. GitLab report.
See our list of best Application Security Tools vendors, best Application Security Testing (AST) vendors, and best DevSecOps vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
