Checkmarx One Logo

Checkmarx One pros and cons

Vendor: Checkmarx
3.8 out of 5
Badge Leader
4,264 followers
Post review
 

Checkmarx One Pros review quotes

DR
Jun 19, 2019
Overall, the ability to find vulnerabilities in the code is better than the tool that we were using before.
MH
Feb 7, 2024
The solution improved the efficiency of our code security reviews. It helps tremendously because it finds hundreds of potential problems sometimes.
ScottDenton - PeerSpot reviewer
Jul 27, 2022
The SAST component was absolutely 100% stable.
Learn what your peers think about Checkmarx One. Get advice and tips from experienced pros sharing their opinions. Updated: June 2024.
789,728 professionals have used our research since 2012.
MD
May 16, 2019
The main benefit to using this solution is that we find vulnerabilities in our software before the development cycle is complete.
MM
Jun 18, 2020
The most valuable features are the easy to understand interface, and it 's very user-friendly.
DK
Jun 15, 2020
The solution is always updating to continuously add items that create a level of safety from vulnerabilities. It's one of the key features they provide that's an excellent selling point. They're always ahead of the game when it comes to finding any vulnerabilities within the database.
JD
May 3, 2022
I like that you don't have to compile the code in order to execute static code analysis. So, it's very handy.
Cuneyt KALPAKOGLU Phd. - PeerSpot reviewer
Sep 6, 2020
From my point of view, it is the best product on the market.
NH
Feb 9, 2024
Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%.
EB
Apr 17, 2019
The most valuable features of Checkmarx are the Best Fix Location and the Payments option because you can save a lot of time trying to mitigate the configuration. Using these tools can save you a lot of time.
 

Checkmarx One Cons review quotes

DR
Jun 19, 2019
Checkmarx being Windows only is a hindrance. Another problem is: why can't I choose PostgreSQL?
MH
Feb 7, 2024
When we first ran it on a big project, there wasn't enough memory on the computer. It originally ran with eight gigabytes, and now it runs with 32. The software stopped at some point, and while I don't think it said it ran out of memory, it just said "stopped" and something else. We had to go to the logs and send them to the integrator, and eventually, they found a memory issue in the logs and recommended increasing the memory. We doubled it once, and it didn't seem enough. We doubled it again, and it helped.
ScottDenton - PeerSpot reviewer
Jul 27, 2022
The interactive application security testing, or IAST, the interactive part where you're looking at an application that lives in a runtime environment on a server or virtual machine, needs improvement.
Learn what your peers think about Checkmarx One. Get advice and tips from experienced pros sharing their opinions. Updated: June 2024.
789,728 professionals have used our research since 2012.
MD
May 16, 2019
The reports are good, but they still need to be improved considering what the UI offers.
MM
Jun 18, 2020
We have received some feedback from our customers who are receiving a large number of false positives.
DK
Jun 15, 2020
In terms of dashboarding, the solution could provide a little more flexibility in terms of creating more dashboards. It has some of its own dashboards that come out of the box. However, if I have to implement my own dashboards that are aligned to my organization's requirements, that dashboarding feature has limited capability right now.
JD
May 3, 2022
They should make it more container-friendly and optimized for the CI pipeline. They should make it a little less heavy. Right now, it requires a SQL database, and the way the tool works is that it has an engine and then it has an analysis database in which it stores the information. So, it is pretty heavy from that perspective because you have to have a full SQL Server. They're working on something called Checkmarx Light, which is a slim-down version. They haven't released it yet, but that's what we need. There should be something a little more slimmed down that can just run the analysis and output the results in a format that's readable as opposed to having a full, really big, and thick deployment with a full database server.
Cuneyt KALPAKOGLU Phd. - PeerSpot reviewer
Sep 6, 2020
Micro-services need to be included in the next release.
NH
Feb 9, 2024
We can run only one project at a time.
EB
Apr 17, 2019
With Checkmarx, normally you need to use one tool for quality and you need to use another tool for security. I understand that Checkmarx is not in the parity space because it's totally different, but they could include some free features or recommendations too.