We use the solution for dynamic application testing.
Checkmarx One
CheckmarxExternal reviews
54 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Best in class SAST solution in the market
What do you like best about the product?
I like the SAST-ification thing in overall, it is having all offering varies from source code scans to sca, to license scanning and does a great job finding vulnerabilities. It is easy to use and visually easy to look around for the bugs. Similarly very optimized so that we can integrate with the CI/CD pipelines
What do you dislike about the product?
The cost acquiring in all of the modules is pretty high.
What problems is the product solving and how is that benefiting you?
Solving major bugs right from the code by applying shift left approach in an easier way.
A stable solution that helps with dynamic application testing
What is our primary use case?
What needs improvement?
I would like the product to include more debugging and developed tools. It needs to also add enhancements on the coding side.
For how long have I used the solution?
I have been working with the product for seven months.
What do I think about the stability of the solution?
I would rate the product's stability a ten out of ten.
What do I think about the scalability of the solution?
I would rate the product's scalability a ten out of ten. My company has 15 users for the produc.
How are customer service and support?
The solution's technical support is good.
How would you rate customer service and support?
Positive
How was the initial setup?
The tool's setup is very straightforward and I would rate it a ten out of ten. The product's deployment took one to two months to complete. We required the technical and development team which consisted of four to five people to handle the deployment.
What's my experience with pricing, setup cost, and licensing?
The solution's price is high and you pay based on the number of users.
What other advice do I have?
I would rate the product a ten out of ten. The solution is the best tool for developers and organizations.
Best tool for Source code scanning
What do you like best about the product?
The most valuable features are the easy to understand interface, and it 's very user-friendly. Reduce the code using cxsast plugin. It will scan code line by line and find most of vulnerabilities. Very easy to use. Vulnerability report is awesome.
What do you dislike about the product?
UI should update. Reduce the false positive. Please upgrade rules set to avoid the false positive.
What problems is the product solving and how is that benefiting you?
It will find the vulnerabilities like SQL injection, cross site scripting, command injection, Xxe etc vulnerabilities. Scan speed is very good. We can review the issue easily.
The lightest and most complete static analysis tool with best place to fix
What do you like best about the product?
ease of deployment. Number of supported languages and best place to fix function.
What do you dislike about the product?
Too much detail in the report for small security shops.
What problems is the product solving and how is that benefiting you?
Fixed code flaws before deployment. Dramatically decreased rework and refactoring.
Recommendations to others considering the product:
Filter the final report by severity and concentrate on the most important issues first.
nice
What do you like best about the product?
providing the scan report in multiple formats
What do you dislike about the product?
integrating with build tools is not fun
What problems is the product solving and how is that benefiting you?
scanning the vulnerabilities in source code
Best software purchase we ever made.
What do you like best about the product?
Really easy to use and the level of detail you can access is amazing.
What do you dislike about the product?
The Cost, it is not cheap, but not good rarely is.
What problems is the product solving and how is that benefiting you?
Static Code Scan for PCI
showing 1 - 6