Try our new research platform with insights from 80,000+ expert users
Checkmarx SAST Logo

Checkmarx SAST pros and cons

Vendor: Checkmarx
4.3 out of 5
Leave a review

Pros & Cons summary

Checkmarx SAST identifies vulnerabilities in source code at early stages, proving crucial protection for companies against attacks. The unified CX1 platform covers SAST, SCA, DAST, and more, offering a comprehensive solution. Integration within IDEs helps developers efficiently fix vulnerabilities. Although effective, the on-premises version is costlier than the cloud, presenting challenges for mid-sized companies. Additional vendor support may be required due to occasional inaccuracy or unnoticed vulnerabilities.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the category report

Prominent pros & cons

PROS

Checkmarx SAST identifies vulnerabilities in the source code immediately without needing to complete the coding.
Checkmarx protects companies against attacks.
CX1 platform covers SAST, SCA, DAST, container scanning, and infrastructure code, offering a beneficial one-stop solution.
Checkmarx aids in identifying vulnerabilities at early stages.
Integration within IDEs helps developers fix vulnerabilities easily by getting results directly into their IDE.

CONS

On-premises version is more expensive compared to the cloud version.
Checkmarx did not recognize a vulnerability, requiring vendor intervention for tool improvement.
Price is a challenge for many mid-sized companies due to affordability concerns.
Accuracy of results is affected by false positives from test folders, impacting vulnerability assessment.
Main challenge is related to the cost of Checkmarx SAST.
 

Checkmarx SAST Pros review quotes

reviewer1635690 - PeerSpot reviewer
Sep 5, 2025
The CX1 is a unified platform that covers all components such as SAST, SCA, DAST, container scanning, and infrastructure code, which is quite beneficial because some clients need one-stop solutions for all their needs.
Read full review
Tharindu Malwenna - PeerSpot reviewer
Oct 17, 2025
This helps us a lot in identifying vulnerabilities in early stages, and the integration within the IDEs helps developers get the results into their IDE itself, making it easier for them to fix vulnerabilities.
Read full review
reviewer2392968 - PeerSpot reviewer
Dec 16, 2024
The most important feature is that Checkmarx protects our company against attacks.
Read full review
Buyer's Guide
Static Application Security Testing (SAST)
October 2025
Download Free Report
Find out what your peers are saying about Checkmarx, Qualys, SonarSource Sàrl and others in Static Application Security Testing (SAST). Updated: October 2025.
DOWNLOAD NOW
873,003 professionals have used our research since 2012.
Cuneyt KALPAKOGLU Phd. - PeerSpot reviewer
Oct 7, 2024
The most important competitive advantage and benefit is the ability to identify vulnerabilities in the source code immediately without needing to complete the coding.
Read full review
 

Checkmarx SAST Cons review quotes

reviewer1635690 - PeerSpot reviewer
Sep 5, 2025
The main challenge with Checkmarx SAST is the price. The price is a challenge because Checkmarx SAST is a very big brand, and many mid-sized companies cannot afford it as they are very price-conscious.
Read full review
Tharindu Malwenna - PeerSpot reviewer
Oct 17, 2025
The accuracy of the results depends on various factors, as some of the test folders tend to give us false positives, which makes a huge impact on the vulnerabilities.
Read full review
reviewer2392968 - PeerSpot reviewer
Dec 16, 2024
We had some issues where Checkmarx did not recognize a vulnerability.
Read full review
Buyer's Guide
Static Application Security Testing (SAST)
October 2025
Download Free Report
Find out what your peers are saying about Checkmarx, Qualys, SonarSource Sàrl and others in Static Application Security Testing (SAST). Updated: October 2025.
DOWNLOAD NOW
873,003 professionals have used our research since 2012.
Cuneyt KALPAKOGLU Phd. - PeerSpot reviewer
Oct 7, 2024
The on-premises version is more expensive compared to the cloud version.
Read full review

Product Categories

Product Categories
Static Application Security Testing (SAST)

Popular Comparisons

Popular Comparisons
SonarQube vs Checkmarx SAST Logo
SonarQube vs Checkmarx SAST
Snyk vs Checkmarx SAST Logo
Snyk vs Checkmarx SAST
GitLab vs Checkmarx SAST Logo
GitLab vs Checkmarx SAST
Checkmarx One vs Checkmarx SAST Logo
Checkmarx One vs Checkmarx SAST
Veracode vs Checkmarx SAST Logo
Veracode vs Checkmarx SAST
OWASP Zap vs Checkmarx SAST Logo
OWASP Zap vs Checkmarx SAST
Qualys Web Application Scanning vs Checkmarx SAST Logo
Qualys Web Application Scanning vs Checkmarx SAST
Semgrep vs Checkmarx SAST Logo
Semgrep vs Checkmarx SAST
Cycode vs Checkmarx SAST Logo
Cycode vs Checkmarx SAST
GitHub Code Scanning vs Checkmarx SAST Logo
GitHub Code Scanning vs Checkmarx SAST
Aikido Security vs Checkmarx SAST Logo
Aikido Security vs Checkmarx SAST
See all alternatives

Product Categories

Product Categories
Static Application Security Testing (SAST)

Popular Comparisons

Popular Comparisons
SonarQube vs Checkmarx SAST Logo
SonarQube vs Checkmarx SAST
Snyk vs Checkmarx SAST Logo
Snyk vs Checkmarx SAST
GitLab vs Checkmarx SAST Logo
GitLab vs Checkmarx SAST
Checkmarx One vs Checkmarx SAST Logo
Checkmarx One vs Checkmarx SAST
Veracode vs Checkmarx SAST Logo
Veracode vs Checkmarx SAST
OWASP Zap vs Checkmarx SAST Logo
OWASP Zap vs Checkmarx SAST
Qualys Web Application Scanning vs Checkmarx SAST Logo
Qualys Web Application Scanning vs Checkmarx SAST
Semgrep vs Checkmarx SAST Logo
Semgrep vs Checkmarx SAST
Cycode vs Checkmarx SAST Logo
Cycode vs Checkmarx SAST
GitHub Code Scanning vs Checkmarx SAST Logo
GitHub Code Scanning vs Checkmarx SAST
Aikido Security vs Checkmarx SAST Logo
Aikido Security vs Checkmarx SAST
See all alternatives
Related questions
  • 9
What Application Security Solution Do You Use That Is DevOps Friendly?
  • 12
Which is the most comprehensive open source Web Security Testing tool?
  • 44
What is the best Application Security Testing platform?
  • 10
When evaluating Application Security Testing, what aspect do you think is the most important to look for?
  • 28
SAST vs. DAST: Which is better for application security testing?
  • 28
What tools do you rely on for building a DevSecOps pipeline?
  • 40
What does the Log4j/Log4Shell vulnerability mean for your company?
  • 37
Checkmarx or Veracode. Which should we choose?
  • 61
What are your recommended automated penetration testing tools?
  • 20
What are the OWASP top 10 in 2020?