Checkmarx Reviews

Don Robbins
Real User
Software Configuration Manager at a tech vendor with 501-1,000 employees
Jun 19 2019

What is most valuable?

I'm more of the admin as opposed to a user of Checkmarx. Overall, the ability to find vulnerabilities in the code is better than the tool that we were using before.

How has it helped my organization?

I haven't been monitoring how well our projects have been at reducing vulnerabilities. Checkmarx is one that you have to actively follow, and my position doesn't require… more»

What needs improvement?

One of the biggest heartaches that we have is that all of our Windows servers are on an automated upgrade. Whenever Windows upgrades, we lose the order of the ciphers and… more»

What's my experience with pricing, setup cost, and licensing?

I've got 100 licenses for Checkmarx. As people come and go, it's a hassle to add and remove them. In this day and age, it's such a meaningless time-waster.

If you previously used a different solution, which one did you use and why did you switch?

The tool that we were using before was AppScan.

What other advice do I have?

From an administrative standpoint, I would rate Checkmarx with a five out of ten. From what my users are telling me, I'd give it an eight for the tool's ability to report… more»

Which other solutions did I evaluate?

We were previously working with Azure. We switched because of their implementation of SQL Server. Checkmarx uses statements to move from database to database. Azure does… more»
Milind Dharmadhikari
Real User
Practice Head - IT Risk & Security Management Services at Suma Soft Private Limited
May 18 2019

What is most valuable?

There are many features, but first is the fact that it is easy to use, and not complicated. One of the cool features is that it identifies the development technology that… more»

How has it helped my organization?

The main benefit to using this solution is that we find vulnerabilities in our software before the development cycle is complete. As an example, an application may contain… more»

What needs improvement?

The reports are good, but they still need to be improved considering what the UI offers. For example, the UI will suggest the "best-fix location", whereas this information… more»

What's my experience with pricing, setup cost, and licensing?

We have a subscription license that is on a yearly basis, and it's a pretty competitive solution. I don't know of any additional costs, beyond the standard licensing fees… more»

If you previously used a different solution, which one did you use and why did you switch?

I do not have recent, hands-on experience with this tool but, I have used it in the past and my team now uses it extensively. We did not use a tool previous to this one… more»

What other advice do I have?

My advice to any software development team using a different set of tools is to look at Checkmarx. It's a very good product. It's a great product, in fact. Any… more»

Which other solutions did I evaluate?

We evaluated the Fortify Static Code Analyzer and IBM Security AppScan, but our evaluation was not fully completed. We were happy with what we were seeing with Checkmarx… more»
Sign Up with Email