• Home
  • Checkmarx One vs. GitHub

Checkmarx One vs GitHub comparison

Cancel
You must select at least 2 products to compare!
Checkmarx Logo
Checkmarx One
Read 67 Checkmarx One reviews
34,421 views|22,385 comparisons
86% willing to recommend
GitHub Logo
GitHub
Read 71 GitHub reviews
2,224 views|926 comparisons
100% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Checkmarx One vs. GitHub
May 2024
Executive Summary

We performed a comparison between Checkmarx One and GitHub based on real PeerSpot user reviews.

Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Checkmarx One vs. GitHub Report (Updated: May 2024).
Download the complete report
771,212 professionals have used our research since 2012.
Featured Review
Anonymous User
Specifies the exact line of code where it finds the problem and gives good reports
The solution improved the efficiency of our code security reviews. It helps tremendously because it finds hundreds of potential problems sometimes.... Read more →
RiteshKapse
Beneficial version control and continuous integration, but guides would be helpful
In my case, I prefer to keep my repositories public, especially for small-scale organizations that don't require a high level of privacy. I find it... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It is a stable product.""It can integrate very well with DAST solutions. So both of them are combined into an integrated solution for customers running application security.""It gives the proper code flow of vulnerabilities and the number of occurrences.""It's not an obstacle for developers. They can easily write their code and make it more secure with Checkmarx.""I like that you don't have to compile the code in order to execute static code analysis. So, it's very handy.""The solution is scalable, but other solutions are better.""The most valuable feature of Checkmarx is the user interface, it is very easy to use. We do not need to configure anything, we only have to scan to see the results.""The only thing I like is that Checkmarx does not need to compile."

More Checkmarx One Pros →

"GitHub allows us the option to push files from a non-UA method or directly upload files from the UA. You can integrate GitHub with Jenkins to do CI/CD.""The most valuable features of GitHub are the ease of integration into Microsoft Azure DevOps. The process that you need to deploy into Microsoft Azure becomes fairly simple and the templates are already available, a lot of the engineers find it easier to use.""The most valuable feature is help offered by the community for open-source projects.""GitHub have a built-in software application development environment and this has been most useful.""The most valuable feature of GitHub is version control and continuous integration.""The deployment is fast since we just have to run the script, and once it's done, it takes a few minutes.""I have found GitHub stable.""GitHub's source code management is top-notch. It's easy to inspect changes and visualize code and differences. Their action system is comprehensive in terms of making changes and automation."

More GitHub Pros →

Cons
"Meta data is always needed.""Checkmarx could improve the speed of the scans.""We would like to be able to run scans from our local system, rather than having to always connect to the product server, which is a longer process.""I would like the product to include more debugging and developed tools. It needs to also add enhancements on the coding side.""Checkmarx could improve the REST APIs by including automation.""The statistics module has a function that allows you to show some statistics, but I think it's limited. Maybe it needs more information.""The plugins for the development environment have room for improvements such as for Android Studio and X code.""The resolutions should also be provided. For example, if the user faces any problem regarding an installation due to the internal security policies of their company, there should be a resolution offered."

More Checkmarx One Cons →

"The UI is a little outdated, so that could be improved.""The ticketing system is not working.""Though I haven't done much research, GitHub lacks in providing more functions like GitLab.""We would like this solution to have a more user-friendly interface.""GitHub could expand the limits of the free version.""The solution should have less integration with the AI part, but it needs to add features with other automation tools so that it can be easily integrated.""The initial setup and implementation could be easier, I had some difficulties with it at first but I don't have a development background.""GitHub could improve by being more user-friendly."

More GitHub Cons →

Pricing and Cost Advice
  • "It is the right price for quality delivery."
  • "I believe pricing is better compared to other commercial tools."
  • "The pricing was not very good. This is just a framework which shouldn’t cost so much."
  • "The pricing is competitive and provides a lower TCO (total cost of ownership) for achieving application security."
  • "It is a good product but a little overpriced."
  • "The license has a vague language around P1 issues and the associated support. Make sure to review these in order to align them with your organizational policies."
  • "​Checkmarx is not a cheap scanning tool, but none of the security tools are cheap. Checkmarx is a powerful scanning tool, and it’s essential to have one of these products."
  • "We got a special offer for a 30% reduction for three years, after our first year. I think for a real source-code scanning tool, you have to add a lot of money for Open Source Analysis, and AppSec Coach (160 Euro per user per year)."

    • More Checkmarx One Pricing and Cost Advice →

  • "The private repositories are free, which is very good."
  • "It is open-source. There is no license for GitHub."
  • "The price of this solution is reasonable."
  • "If there are only 10 people using a particular repository, then GitHub is free. But if we increase the number of users, we need to pay the normal charge for GitHub."
  • "We have an enterprise licensing agreement, and I am not part of the finance department so I can't say how much it costs."
  • "I haven't had to pay anything for GitHub, I use the free version."
  • "The licensing model for GitHub is user-based. Whenever the new developer joins we have to get a new license and register their ID. The overall price of the solution is reasonable."
  • "The licensing model from GitHub is very clear."

    • More GitHub Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
    See Recommendations
    771,212 professionals have used our research since 2012.
    Questions from the Community
    What alternatives are there for Fortify WebInspect and Fortify SCA?
    Top Answer:I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as well. Veracode is only a cloud solution. Hope this helps.
    Read all 4 answers   →
    What do you like most about Checkmarx?
    Top Answer:Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%.
    Read all 38 answers   →
    What is your experience regarding pricing and costs for Checkmarx?
    Top Answer:The solution's price is high and you pay based on the number of users.
    Read all 25 answers   →
    What do you like most about GitHub?
    Top Answer: The control is the most valuable feature as developers can work on a single code.
    Read all 35 answers   →
    What is your experience regarding pricing and costs for GitHub?
    Top Answer:You don't have to pay for a license if you are using the free version. It gives you all the possible features it has.
    Read all 22 answers   →
    What needs improvement with GitHub?
    Top Answer:The initial setup requires heavy documentation which can be challenging for new developers.
    Read all 35 answers   →
    Ranking
    3rd
    out of 74 in Application Security Tools
    Views
    34,421
    Comparisons
    22,385
    Reviews
    21
    Average Words per Review
    508
    Rating
    7.7
    12th
    out of 74 in Application Security Tools
    Views
    2,224
    Comparisons
    926
    Reviews
    48
    Average Words per Review
    349
    Rating
    8.6
    Comparisons
    SonarQube logo
    SonarQube vs. Checkmarx One
    Compared 52% of the time.
    Veracode logo
    Veracode vs. Checkmarx One
    Compared 13% of the time.
    Fortify on Demand logo
    Fortify on Demand vs. Checkmarx One
    Compared 6% of the time.
    Snyk logo
    Snyk vs. Checkmarx One
    Compared 4% of the time.
    GitLab logo
    GitLab vs. Checkmarx One
    Compared 1% of the time.
    More Checkmarx One Competitors   →
    Snyk logo
    Snyk vs. GitHub
    Compared 27% of the time.
    AWS CodeCommit logo
    AWS CodeCommit vs. GitHub
    Compared 12% of the time.
    Bitbucket logo
    Bitbucket vs. GitHub
    Compared 12% of the time.
    Fortify on Demand logo
    Fortify on Demand vs. GitHub
    Compared 10% of the time.
    IBM Rational ClearCase logo
    IBM Rational ClearCase vs. GitHub
    Compared 5% of the time.
    More GitHub Competitors   →
    Learn More
    Checkmarx
    GitHub
    Overview

    Checkmarx One is an enterprise cloud-native application security platform focused on providing cross-tool, correlated results to help AppSec and developer teams prioritize where to focus time and resources.

    Checkmarx One offers comprehensive application scanning across the SDLC:

    • Static Application Security Testing (SAST)
    • Software Composition Analysis (SCA)
    • API security
    • Dynamic Application Security Testing (DAST)
    • Container security
    • IaC security
    • Correlation, prioritization, and risk management
    • Codebashing secure code training
    • AI security
    • Tech partnerships extending AppSec into runtime analysis
    • Developer tool integrations including: CI/CD tools, development frameworks, feedback tools, IDEs, programming languages and SCMs

    Checkmarx One provides everything you need to secure application development from the first line of code through deployment and runtime in the cloud. With an ever-evolving set of AppSec engines, correlation and prioritization features, and AI capabilities, Checkmarx One helps consolidate expanding lists of AppSec tools and make better sense of results. Its capabilities are designed to provide an improved developer experience to build trust with development teams and ensure the success of your AppSec program investment.

    GitHub is a web-based Git repository hosting service. It offers all of the distributed revision control and source code management (SCM) functionality of Git as well as adding its own features. Unlike Git, which is strictly a command-line tool, GitHub provides a Web-based graphical interface and desktop as well as mobile integration. It also provides access control and several collaboration features such as bug tracking, feature requests, task management, and wikis for every project.
    Sample Customers
    YIT, Salesforce, Coca-Cola, SAP, U.S. Army, Liveperson, Playtech Case Study: Liveperson Implements Innovative Secure SDLC
    Dominion Enterprises, NASA, Braintree, SAP, CyberAgent
    Top Industries
    REVIEWERS
    Computer Software Company31%
    Financial Services Firm19%
    Comms Service Provider9%
    Manufacturing Company9%
    VISITORS READING REVIEWS
    Financial Services Firm21%
    Computer Software Company15%
    Manufacturing Company9%
    Insurance Company5%
    REVIEWERS
    Computer Software Company20%
    Financial Services Firm18%
    Government9%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Computer Software Company13%
    Manufacturing Company11%
    Financial Services Firm11%
    Government8%
    Company Size
    REVIEWERS
    Small Business38%
    Midsize Enterprise13%
    Large Enterprise50%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise12%
    Large Enterprise72%
    REVIEWERS
    Small Business43%
    Midsize Enterprise9%
    Large Enterprise49%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise13%
    Large Enterprise66%
    Buyer's Guide
    Checkmarx One vs. GitHub
    May 2024
    Free Report: Checkmarx One vs. GitHub
    Find out what your peers are saying about Checkmarx One vs. GitHub and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    771,212 professionals have used our research since 2012.

    Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while GitHub is ranked 12th in Application Security Tools with 71 reviews. Checkmarx One is rated 7.6, while GitHub is rated 8.6. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of GitHub writes "Beneficial version control and continuous integration, but guides would be helpful". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and GitLab, whereas GitHub is most compared with Snyk, AWS CodeCommit, Bitbucket, Fortify on Demand and IBM Rational ClearCase. See our Checkmarx One vs. GitHub report.

    See our list of best Application Security Tools vendors.

    We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.