We performed a comparison between Checkmarx One and NowSecure based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST)."The main benefit to using this solution is that we find vulnerabilities in our software before the development cycle is complete."
"Helps us check vulnerabilities in our SAP Fiori application."
"The UI is very intuitive and simple to use."
"The features and technologies are very good. The flexibility and the roadmap have also been very good. They're at the forefront of delivering the additional capabilities that are required with cloud delivery, etc. Their ability to deliver what customers require and when they require is very important."
"From my point of view, it is the best product on the market."
"It shows in-depth code of where actual vulnerabilities are."
"The UI is user-friendly."
"I like that you don't have to compile the code in order to execute static code analysis. So, it's very handy."
"The most valuable feature is the ability to download an application without actually putting in the APK. It gives us an option to put the APK in if we want to but we can download it from the App Store and Play Store."
"Checkmarx is not good because it has too many false positive issues."
"This product requires you to create your own rulesets. You have to do a lot of customization."
"When we first ran it on a big project, there wasn't enough memory on the computer. It originally ran with eight gigabytes, and now it runs with 32. The software stopped at some point, and while I don't think it said it ran out of memory, it just said "stopped" and something else. We had to go to the logs and send them to the integrator, and eventually, they found a memory issue in the logs and recommended increasing the memory. We doubled it once, and it didn't seem enough. We doubled it again, and it helped."
"We want to have a holistic view of the portfolio-level dashboard and not just an individual technical project level."
"Checkmarx could be improved with more integration with third-party software."
"It is an expensive solution."
"Integration into the SDLC (i.e. support for last version of SonarQube) could be added."
"It provides us with quite a handful of false positive issues. If Checkmarx could reduce this number, it would be a great tool to use."
"In this solution, there are two kinds of testing, static analysis, and dynamic analysis. There needs some improvement in testing with dynamic analysis because I have found it is not accurate"
Earn 20 points
Checkmarx One is ranked 3rd in Static Application Security Testing (SAST) with 67 reviews while NowSecure is ranked 33rd in Static Application Security Testing (SAST). Checkmarx One is rated 7.6, while NowSecure is rated 7.0. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of NowSecure writes "Scalable and reliable, but dynamic analysis needs improvement". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas NowSecure is most compared with Veracode, GitLab, Data Theorem API Secure and Acunetix.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.