We performed a comparison between Checkmarx One and Trustwave App Scanner [EOL] based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."The setup is fairly easy. We didn't struggle with the process at all."
"The most valuable feature for me is the Jenkins Plugin."
"The reports are very good because they include details on the code level, and make suggestions about how to fix the problems."
"Checkmarx has helped us deliver more secure products. We are able to do static code analysis with the tool before shipping our code to production. When the integration is in the pipeline, this tool gives us early notifications on code fixes."
"Vulnerability details is valuable."
"We use the solution for dynamic application testing."
"The most valuable feature is the simple user interface."
"The most valuable feature is the application tracking reporting."
"The stability is great. We haven't had any issues at all with it."
"Integration into the SDLC (i.e. support for last version of SonarQube) could be added."
"Meta data is always needed."
"We have received some feedback from our customers who are receiving a large number of false positives."
"It is an expensive solution."
"One area for improvement in Checkmarx is pricing, as it's more expensive than other products."
"When we first ran it on a big project, there wasn't enough memory on the computer. It originally ran with eight gigabytes, and now it runs with 32. The software stopped at some point, and while I don't think it said it ran out of memory, it just said "stopped" and something else. We had to go to the logs and send them to the integrator, and eventually, they found a memory issue in the logs and recommended increasing the memory. We doubled it once, and it didn't seem enough. We doubled it again, and it helped."
"Some of the descriptions were found to be missing or were not as elaborate as compared to other descriptions. Although, they could be found across various standard sources but it would save a lot of time for developers, if this was fixed."
"Checkmarx reports many false positives that we need to manually segregate and mark “Not exploitable”."
"I would like to see a little more flexibility with regards to setting up profiles for vulnerabilities."
Earn 20 points
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Trustwave App Scanner [EOL] doesn't meet the minimum requirements to be ranked in Application Security Tools. Checkmarx One is rated 7.6, while Trustwave App Scanner [EOL] is rated 7.6. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Trustwave App Scanner [EOL] writes "It helps us troubleshoot failed scans and incomplete statuses". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Trustwave App Scanner [EOL] is most compared with .
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.