Checkmarx Reviews

Don Robbins
Real User
Software Configuration Manager at a tech vendor with 501-1,000 employees
Jun 19 2019

What is most valuable?

I'm more of the admin as opposed to a user of Checkmarx. Overall, the ability to find vulnerabilities in the code is better than the tool that we were using before.

How has it helped my organization?

I haven't been monitoring how well our projects have been at reducing vulnerabilities. Checkmarx is one that you have to actively follow, and my position doesn't require… more»

What needs improvement?

One of the biggest heartaches that we have is that all of our Windows servers are on an automated upgrade. Whenever Windows upgrades, we lose the order of the ciphers and… more»

What's my experience with pricing, setup cost, and licensing?

I've got 100 licenses for Checkmarx. As people come and go, it's a hassle to add and remove them. In this day and age, it's such a meaningless time-waster.

Which solution did I use previously and why did I switch?

The tool that we were using before was AppScan.

What other advice do I have?

From an administrative standpoint, I would rate Checkmarx with a five out of ten. From what my users are telling me, I'd give it an eight for the tool's ability to report… more»

Which other solutions did I evaluate?

We were previously working with Azure. We switched because of their implementation of SQL Server. Checkmarx uses statements to move from database to database. Azure does… more»
Milind Dharmadhikari
Real User
Practice Head - IT Risk & Security Management Services at Suma Soft Private Limited
May 18 2019

What is most valuable?

There are many features, but first is the fact that it is easy to use, and not complicated. One of the cool features is that it identifies the development technology that… more»

How has it helped my organization?

The main benefit to using this solution is that we find vulnerabilities in our software before the development cycle is complete. As an example, an application may contain… more»

What needs improvement?

The reports are good, but they still need to be improved considering what the UI offers. For example, the UI will suggest the "best-fix location", whereas this information… more»

What's my experience with pricing, setup cost, and licensing?

We have a subscription license that is on a yearly basis, and it's a pretty competitive solution. I don't know of any additional costs, beyond the standard licensing fees… more»

Which solution did I use previously and why did I switch?

I do not have recent, hands-on experience with this tool but, I have used it in the past and my team now uses it extensively. We did not use a tool previous to this one… more»

What other advice do I have?

My advice to any software development team using a different set of tools is to look at Checkmarx. It's a very good product. It's a great product, in fact. Any… more»

Which other solutions did I evaluate?

We evaluated the Fortify Static Code Analyzer and IBM Security AppScan, but our evaluation was not fully completed. We were happy with what we were seeing with Checkmarx… more»

Checkmarx Questions

Malla Reddy Bakka
User at a tech services company with 10,001+ employees
Feb 04 2020
I currently work for a global product engineering and lifecycle services partner.  We are currently evaluating Checkmarx and SonarQube for our PoC. What are the biggest differences between the two? Which would you recommend? Thanks! I appreciate the help.
Elina PetrovnaSonarQube historically was focused on Code Quality and Best Practices. Recently… more»
ManojKumar9The major difference I have seen between Checkmarx and SonarQube is… more»
JaeLee
User
Feb 04 2020
We are currently evaluating application security solutions. What is the biggest difference between Veracode and Checkmarx? Which would you recommend?  Thanks! I appreciate the help. 
Russell RothsteinJaeLee, check out our comparison page here of Veracode vs Checkmarx… more»
Vincent HuCheckmarx can be deploy on private , Veracode only support the Saas Model . But… more»
Volker KoenigsbuescherVeracode is very new in DAST and IAST, Checkmarx is offering that since longer… more»
Shiva
User at a cloud provider with 201-500 employees
Dec 17 2019
I work for a midsized software startup and I am currently evaluating Checkmarx and Fortify.  What are the biggest differences between the two? Which would you recommend? Thanks! I appreciate the help. 
Sekhar NagasundaramFewer false positives with CX than Fortify. More integrated.
reviewer557727Checkmarx SAST is a product supporting 20+ languages, including the modern ones… more»
Akshay PrasadThe major difference is that Checkmarx scans the code without compiling the… more»