Coming October 25: PeerSpot Awards will be announced! Learn more

Codebashing OverviewUNIXBusinessApplication

Codebashing is #2 ranked solution in top Application Security Training Software. PeerSpot users give Codebashing an average rating of 9.0 out of 10. Codebashing is most commonly compared to Veracode Security Labs: Codebashing vs Veracode Security Labs. Codebashing is popular among the large enterprise segment, accounting for 59% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 20% of all views.
Codebashing Buyer's Guide

Download the Codebashing Buyer's Guide including reviews and more. Updated: September 2022

What is Codebashing?

Codebashing's SaaS platform is built specifically to train, refresh and validate Software Developers and DevOps personnel on Application Security and Secure Coding principles; helping business to develop and maintain more secure software and applications. Codebashing achieves this through a purpose-built platform for developers that is time-efficient, game-like, and provides hands-on vulnerable applications to interact with… providing insight into how common vulnerabilities manifest within the application stack.

Codebashing Customers

Fitbit, Microsoft, Just Eat, NCC Group, National Bank of Abu Dhabi, Sky

Codebashing Video

Codebashing Pricing Advice

What users are saying about Codebashing pricing:
"Licenses are renewed annually."

Codebashing Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Dodzi Kwame Agudogo - PeerSpot reviewer
Senior Software Development Engineer at Stanbic Bank Ghana
Real User
Top 10Leaderboard
Good plugins, very scalable, and great for checking code vulnerabilities
Pros and Cons
  • "There are lots of great plugins available."
  • "The user interface could be updated and refreshed. It has the appearance of being very basic."

What is our primary use case?

We use the solution for scanning the codes we develop in Java. We use it to check them against our glitches, then we mediate them before we push them to the applications and to the server.

What is most valuable?

It helps us to channel our secure application. We get to at least mediate most of the code vulnerabilities before we push it to the servers and it gets up to a level of assurance that the code is secured right. It helps prevent crimes as it makes sure everything is secure and there aren't any loopholes or back doors.

The stability is good.

It's pretty scalable.

There are lots of great plugins available.

What needs improvement?

I've never really considered any improvements as the solution tends to offer the exact feature sets we need.

The configuration could use some improvement.

The user interface could be updated and refreshed. It has the appearance of being very basic.

If you look at the reporting, it only gives you a basic summary and then gives you details of the code and maybe some suggestions. It's not clear on the vulnerabilities per se. It could be more robust.

It would be ideal if we could get an IDE plugin on the solution. That makes it easier when you are developing and when you are writing your code. You can check the vulnerabilities before you actually go for the scan.

For how long have I used the solution?

The solution was already in place before I joined my current organization and therefore the company itself has used it longer than I have. I've been using it for about two years at this point.

Buyer's Guide
Codebashing vs. Veracode Security Labs
September 2022
Find out what your peers are saying about Codebashing vs. Veracode Security Labs and other solutions. Updated: September 2022.
635,162 professionals have used our research since 2012.

What do I think about the stability of the solution?

I haven't experienced any downtime. The stability is quite good. The only thing I experienced is that it doesn't seem to take above 200. If, let's say, that the project is above 200 MB, it rejects it. However, it is my understanding that it is a configuration issue for our side. 

What do I think about the scalability of the solution?

It's hard to say how many users are on this solution, as our company runs across many countries. It could be thousands of people across 20+ African countries.

We use it regularly. Once we build an application, a part of the requirements is that we need to pass it through Checkmarx.

It's a shared environment across multiple countries, with the head office being in South Africa.

Now that we've moved to the cloud, I've found it to be very scalable.

How are customer service and support?

I've never dealt with technical support. I can't speak to their responsiveness or level of knowledge.

Which solution did I use previously and why did I switch?

It's my understanding that the company used to use SonarQube. 

SonarQube starts right from the IDE and it has a MiFi interface. When the developer is developing they get to see the vulnerabilities from their IDE.

How was the initial setup?

I wasn't present for the initial setup. I don't know if the solution had a straightforward setup or if it was complex in any way.

Our in-house security team handles the maintenance on the solution.

What's my experience with pricing, setup cost, and licensing?

I don't have any information about the pricing of the solution. It's not an aspect that I handle.

What other advice do I have?

We're just customers. We don't have a business relationship with the company.

I'm pretty sure that the company is using the latest version. I didn't really check the version number, however, I think it's the latest.

While we do use a cloud version now, it was previously deployed on-premises.

It is a great solution. It's easy to integrate into and it is very common, very popular, here. Anything you need to do, you can do it on the platform. For example, if you're looking to add it to your CITD pipeline, there's a plugin to do that. It's great.

Overall, out of ten, I'd rate it at a nine.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Peter Ejiofor - PeerSpot reviewer
Chief Executive Officer at Ethnos ITSolutions
Reseller
Top 5Leaderboard
User-friendly, with few false positives and responsive technical support
Pros and Cons
  • "According to the feedback, it's an easy-to-use application tool."
  • "I believe that certificates should be issued to users so that they can be used as proof of having completed that training. The certificate is currently not being used for any competence validation outside of the chance environment."

What is our primary use case?

I am a reseller.

Codebashing is a training tool. It's a training tool that helps users or developers detect their coding errors and correct them. Then Codebashing shows them how to improve and secure their development skills.

What is most valuable?

Codebashing is only one feature. It's a trim model.

According to the feedback, it's an easy-to-use application tool.

We don't use it directly, but from the feedback of our customers who do use it, they are pleased with it.

What needs improvement?

Because I am not the direct user, but rather a reseller, I may not know, because the only way we will know is if we receive a complaint from one of our users. We have received any major complaints that tell us what needs to be changed, on the tool, or where they need to improve it.

Change is an unavoidable constant. There will always be opportunities for change and improvement in order to provide more value to their end users. However, I am unable to specify where the change or improvement will be required.

It is difficult to say, but maybe there are areas of the solution that could improve. 30% improvement.

It does not require storage. Because it is an online tool, there is no need for backup. It is a training platform. When it identifies your area of weakness, it shows you and instructs you on what to do. You, simply log in. It's similar to a cloud base.

I expect the dashboard to be improved based on user feedback and, of course, as technology advances.

I would like to see Certificates issued to users. I believe that certificates should be issued to users so that they can be used as proof of having completed that training. The certificate is currently not being used for any competence validation outside of the chance environment.

They should issue certificates to the users, which can be used as evidence of security development code.

For how long have I used the solution?

The company is called Checkmarx. One of their products is codebashing.

I have been selling Checkmarx products for eight or nine years.

I am working with the most updated version.

What do I think about the stability of the solution?

Generally, Codebashing is a stable solution. We haven't had any complaints.

What do I think about the scalability of the solution?

Codebashing should be scalable.

It should be scalable. Scalable in terms of improvement, and scalable in terms of the environment. Because technologies are expected to be scalable, they should be scaled to users, user experiences, or user environments.

How are customer service and support?

So far, I believe Checkmarx has provided very good technical responses in all areas of their solution. Their technical response is excellent. They will contact you once you have booked your ticket.

I would rate their technical support a four out of five.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is straightforward. That's all there is to it once you install the tool.

It does not require any maintenance. People are not required to do anything. It is straightforward.

What was our ROI?

The return on investment will be one year.

I believe the product is valuable because it assists you in improving secure applications, which can then prevent fraud and threats against the application as well as incorrect application activities.

What's my experience with pricing, setup cost, and licensing?

Licenses are renewed annually.

What other advice do I have?

I can recommend Checkmarx, in my opinion, they are good. Their product is good. It has minimal false positives. They are user-friendly, and they are not complex at all. The response from the technical support is also excellent.

I would happily recommend Checkmarx products at any time, at least for the time being, unless circumstances change.

I would rate Codebashing an eight out of ten. 

I'm giving it an eight because it's extremely useful. It enables users to deploy improved, secure development skills. 

The remaining tool, in my opinion, is that the user cannot use the certificate to demonstrate ability, and they do not use the certificate to demonstrate competence in that area at this time.

Disclosure: My company has a business relationship with this vendor other than being a customer:
Flag as inappropriate
PeerSpot user
Buyer's Guide
Codebashing vs. Veracode Security Labs
September 2022
Find out what your peers are saying about Codebashing vs. Veracode Security Labs and other solutions. Updated: September 2022.
635,162 professionals have used our research since 2012.
Cuneyt KALPAKOGLU Phd. - PeerSpot reviewer
Founder & Chairman at Endpoint-labs Cyber Security R&D
Real User
Top 5Leaderboard
When we hire new engineers, it's company policy that they have to complete the Codebashing sessions
Pros and Cons
  • "From an academic point of view, Codebashing is a very good product because it is based on gamification. This is especially true if you don't have any idea about secure code training. It is one of the best tools in the world to learn secure coding. The product explains very well how vulnerabilities can be found and how programmers can develop securely."
  • "If customers would be able to define their own quizzes or exams, it would be very good. That is the only missing part that I see - customer based scenarios, examinations and quizzes."

What is our primary use case?

We are very seriously using Codebashing. For example, when we have new engineers in the company, it is company policy that they have to complete the Codebashing sessions. During the orientation and onboarding period, all the engineers of our company must complete the Codebashings sessions and many of our customers are doing the same.

We are strategic partners with Checkmarx and we are an internationally certified training center for Checkmarx and Codebashing.

What is most valuable?

From an academic point of view, Codebashing is a very good product because it is based on gamification. This is especially true if you don't have any idea about secure code training. It is one of the best tools in the world to learn secure coding. The product explains very well how vulnerabilities can be found and how programmers can develop securely.

What needs improvement?

My expectation is that the customers should be able to develop their own quizzes, because it's their learning methodology. Indeed, Codebashing is a context E-learning platform that sharpens the developers' skills to fix vulnerabilities and develop secure codes, expanding on the learning by doing concept work and using the gamification methodology. Codebashing teaches developers the principles of secure coding and helps them sharpen their security skills in the most efficient way. So if customers would be able to define their own quizzes or exams, it would be very good. That is the only missing part that I see - customer based scenarios, examinations and quizzes, the rest is excellent.

For how long have I used the solution?

They released Codebashing two years ago and we started working with them very closely as soon as they announced it. 

What do I think about the stability of the solution?

Codebashing is extremely stable.

How was the initial setup?

The initial setup is extremely easy. You don't need anything. Even a child can use it very easily. You don't need to install anything, it is web-based. You can use it very easily.

What other advice do I have?

My advice for anyone considering using Codebashing is to try the free version on their web page first. I would advise them to use the free version to understand the concept and to play with the program and only then to consider purchasing it.

On a scale of one to 10, I would rate Codebashing a nine.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
PeerSpot user
SakchartNgamluan - PeerSpot reviewer
System Engineer at a manufacturing company with 51-200 employees
Real User
Top 5Leaderboard
Developer training solution used to ensure code is written securely and effectively
Pros and Cons
  • "The most valuable feature is that you get the security from the design of the training. It ensures our developers write code securely and effectively. They will not write code that is vulnerable to hackers."
  • "This solution could be improved by offering an increased number of quizzes after each module. The GUI for this solution could also be updated to be more modern."

What is our primary use case?

Our team leaders and managers use this solution. They use this platform to educate and provide security training to their developer teams.

What is most valuable?

The most valuable feature is that you get the security from the design of the training. It ensures our developers write code securely and effectively. They will not write code that is vulnerable to hackers.

What needs improvement?

This solution could be improved by offering an increased number of quizzes after each module. The GUI for this solution could also be updated to be more modern. 

For how long have I used the solution?

We have been using this solution for one year. 

What do I think about the stability of the solution?

This is a stable solution due to the fact that it is an e-learning platform. 

What do I think about the scalability of the solution?

This is a scalable solution. 

How are customer service and support?

The technical support for this solution is good. 

What other advice do I have?

If using Codebashing for a big team of more than 10 developers, it is important to plan to ensure the training is effective. 

I would rate this solution a nine out of ten. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user