The solution mainly aims to identify false positives or flag any medium to high-risk outcomes, meaning it is mainly for source codes.
External reviews
13 reviews
from
and
External reviews are not included in the AWS star rating for the product.
An easy-to-use tool to identify false positives or flag any medium to high-risk outcomes
What is our primary use case?
What is most valuable?
The most valuable features of the solution stem from the fact that its gamification UI is quite user-friendly to use, and it is also quite intuitive since it provides users with proper explanations while allowing one to opt for the obash option. Mapping is also quite accurate, which helps identify why the tool has flagged certain code or lines of code, making it helpful for users because sometimes you might be unable to detect the flaws on your own.
What needs improvement?
The tool can be a little more intuitive for the end users. It isn't a very friendly tool for beginners. In our company, we have to take training courses to learn how to use the platform. Introducing automation and making the tool a little more intuitive for businesses might be helpful.
In our company, we need to take care of the tool's regular updates since, often, the solution may be down. My company has a business administration unit team that is responsible for the updation of tools we use, and their processes can take a day or two to be completed, because of which we may lose out on some time when we may have required the tool to do a complete scan. It would be helpful if the update process can be made faster.
If I make use of the integration capabilities of Codebashing, then the plug-ins won't work as smoothly as it does in the application itself. Maybe the solution's plug-ins can be improved.
For how long have I used the solution?
I have been using Codebashing for three years.
What do I think about the stability of the solution?
If I use Codebashing as a standalone tool, then I don't face any stability issues, but issues arise when I try to use its integration capabilities. If you want to integrate Codebashing with Jenkins or run automated scans, I face some issues with its integration part.
What do I think about the scalability of the solution?
I think that the solution has a few plug-ins on different cloud platforms, making it a scalable product.
Between 50 to 100 people in my organization use the solution.
How are customer service and support?
The solution's technical support is good. My company has been able to resolve issues related to the tool with the help of Codebashing's technical support team. I rate the technical support a seven or eight out of ten.
Which solution did I use previously and why did I switch?
I have experience with AppScan and RiskSense. I was using AppScan to support DAST and RiskSense for getting results from SAST and DAST to generate reports. I was using different solutions for different reasons, but I think they provide different benefits to users. My company chose CheckMarx over AppScan since the former offers better source code scanning capabilities.
How was the initial setup?
The installation phase of the tool is simple.
The tool's installation phase took around 45 minutes.
The tool's installation phase was carried out by a team of 17 people in my company who use Checkmarx.
The solution is deployed on the cloud.
What's my experience with pricing, setup cost, and licensing?
As a developer, though I am unaware of the cost of the solution, the product is expensive since I faced some trouble upgrading to Python for Codebashing.
What other advice do I have?
The solution is easy to maintain.
I think Codebashing is a great tool to start with if you are just learning about application security. Codebashing has some good tutorials and a nice learning platform to learn about coding. Codebashing also has a more nice gamification UI, which is a good tool. Generally, I think it's quite a good tool for developers to get started and pick up skills.
I rate the overall solution an eight and a half to nine out of ten.
Pioneer in Application Security Training
What do you like best about the product?
Gyan Chawdhary created the first AppSec Training for developers. At the time it was the only tool and very useful
What do you dislike about the product?
Tool is getting old. Colors used for developers are not clear. Exercises take too much time.
What problems is the product solving and how is that benefiting you?
It helps me spot the main weaknesses in the code writing and is a daily training that help me be more productive.
Awesome!
What do you like best about the product?
This is a very cool and friendly training and learning platform for all fresher and experienced where we can enhance our knowledge and can get whatever we need to know.
What do you dislike about the product?
There is nothing to dislike in this application. I would dislike here that the only think is to compare this application with others in learning.
What problems is the product solving and how is that benefiting you?
This application resolved the gamified training and on-the-spot remediation support, so security managers can cultivate
a culture that empowers developers to think and act securely in their day-to-day work.
a culture that empowers developers to think and act securely in their day-to-day work.
Securing your codes made easy
What do you like best about the product?
1. Great Interactive Ui and easy to use: There are variety of sections in the console itself and each one is easy to find.
2. Awesome excerices for Wide variety of programming languages and how to make them secure.
3. Challenges which makes the learning more interesting.
4. Creating and joining teams.
2. Awesome excerices for Wide variety of programming languages and how to make them secure.
3. Challenges which makes the learning more interesting.
4. Creating and joining teams.
What do you dislike about the product?
Till now Codebashing has always fulfill my expectations so there is nothing to dislike this product right now.
What problems is the product solving and how is that benefiting you?
One of the major problem companies are facing is the vulnerbalities in the written codes. Coders and developers are not that much aware of the ongoing web apps vulnerabilities which as a result become a upper hand for any attacker/hacker as they are finding new vulnerablities day by day.
I appreciate Checkmarx for this amazing product which will help not only the developers to learn more about the security loopholes in their code but also help the organization as a whole.
I appreciate Checkmarx for this amazing product which will help not only the developers to learn more about the security loopholes in their code but also help the organization as a whole.
showing 11 - 14