Checkmarx Pros review quotes

ScottDenton - PeerSpot reviewer
Jul 27, 2022
The SAST component was absolutely 100% stable.
JD
May 3, 2022
I like that you don't have to compile the code in order to execute static code analysis. So, it's very handy.
Souhardyya Biswas - PeerSpot reviewer
Dec 19, 2022
It's not an obstacle for developers. They can easily write their code and make it more secure with Checkmarx.
Learn what your peers think about Checkmarx. Get advice and tips from experienced pros sharing their opinions. Updated: December 2023.
746,723 professionals have used our research since 2012.
Peter Ejiofor - PeerSpot reviewer
Jun 14, 2022
The most valuable features of Checkmarx are difficult to pinpoint because of the way the functionalities and the features are intertwined, it's difficult to say which part of them I prefer most. You initiate the scan, you have a scan, you have the review set, and reporting, they all work together as one whole process. It's not like accounting software, where you have the different features, et cetera.
KannanPadmanabhan - PeerSpot reviewer
Jan 13, 2023
The administration in Checkmarx is very good.
MH
May 9, 2023
The most valuable features of Checkmarx are the SCA module and the code-checking module. Additionally, the solutions are explanatory and helpful.
RZ
May 5, 2023
The only thing I like is that Checkmarx does not need to compile.
VT
Apr 26, 2023
It has all the features we need.
Marcelo Carrasco - PeerSpot reviewer
Oct 6, 2022
The best thing about Checkmarx is the amount of vulnerabilities that it can find compared to other free tools.
IH
Jan 16, 2022
The solution is scalable, but other solutions are better.

Checkmarx Cons review quotes

ScottDenton - PeerSpot reviewer
Jul 27, 2022
The interactive application security testing, or IAST, the interactive part where you're looking at an application that lives in a runtime environment on a server or virtual machine, needs improvement.
JD
May 3, 2022
They should make it more container-friendly and optimized for the CI pipeline. They should make it a little less heavy. Right now, it requires a SQL database, and the way the tool works is that it has an engine and then it has an analysis database in which it stores the information. So, it is pretty heavy from that perspective because you have to have a full SQL Server. They're working on something called Checkmarx Light, which is a slim-down version. They haven't released it yet, but that's what we need. There should be something a little more slimmed down that can just run the analysis and output the results in a format that's readable as opposed to having a full, really big, and thick deployment with a full database server.
Souhardyya Biswas - PeerSpot reviewer
Dec 19, 2022
Checkmarx has a slightly difficult compilation with the CI/CD pipeline.
Learn what your peers think about Checkmarx. Get advice and tips from experienced pros sharing their opinions. Updated: December 2023.
746,723 professionals have used our research since 2012.
Peter Ejiofor - PeerSpot reviewer
Jun 14, 2022
Checkmarx could improve by reducing the price.
KannanPadmanabhan - PeerSpot reviewer
Jan 13, 2023
We want to have a holistic view of the portfolio-level dashboard and not just an individual technical project level.
MH
May 9, 2023
Checkmarx could improve the solution reports and false positives. The false positives could be reduced. For example, we have alerts that are tagged as vulnerabilities but when you drill down they are not.
RZ
May 5, 2023
Checkmarx is not good because it has too many false positive issues.
VT
Apr 26, 2023
The validation process needs to be sped up.
Marcelo Carrasco - PeerSpot reviewer
Oct 6, 2022
The statistics module has a function that allows you to show some statistics, but I think it's limited. Maybe it needs more information.
IH
Jan 16, 2022
Checkmarx needs to improve the false positives and provide more accuracy in identifying vulnerabilities. It misses important vulnerabilities.