Checkmarx IaC Security / KICS vs Klocwork comparison

Checkmarx and Perforce are both solutions in the Static Application Security Testing (SAST) category. Checkmarx is ranked #57, while Perforce is ranked #16 with an average rating of 8.1. Checkmarx holds a 0.2% mindshare in SAST, compared to Perforce’s 1.6% mindshare. Additionally, 93% of Perforce users are willing to recommend the solution.

Checkmarx IaC Security / KICS

122 Views
121 Comparison Views

Klocwork

Read 25 Klocwork reviews

3,802 Views
2,928 Comparison Views

93% willing to recommend

Checkmarx IaC Security / KICS

Klocwork

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Checkmarx IaC Security / KICS and Klocwork based on real PeerSpot user reviews.

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST).

To learn more, read our detailed Static Application Security Testing (SAST) Report (Updated: July 2025).

Buyer's Guide

Static Application Security Testing (SAST)

July 2025

Download the complete report

Helped 862,543 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Checkmarx IaC Security / KICS

Ranking in Static Application Security Testing (SAST)

57th

Average Rating

0.0

Number of Reviews

Ranking in other categories

No ranking in other categories

Klocwork

Ranking in Static Application Security Testing (SAST)

16th

Average Rating

8.0

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

Application Security Tools (18th), Static Code Analysis (5th)

Mindshare comparison

As of July 2025, in the Static Application Security Testing (SAST) category, the mindshare of Checkmarx IaC Security / KICS is 0.2%, up from 0.0% compared to the previous year. The mindshare of Klocwork is 1.6%, down from 1.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Static Application Security Testing (SAST)

Featured Reviews

Use Checkmarx IaC Security / KICS?

Share your opinion

AnirbanSarkar

Head - Solution Management Group at Meteonic Innovation Pvt. Ltd.

Lets you find defects during the development phase, so you don't have to wait till the development is over to find and address flaws

What needs improvement in Klocwork, compared to other products in the market, is the dashboard or reporting mechanisms that need to be a bit more flexible. The Klocwork dashboard could be improved. Though it's good, it's not as good as some of the other products in the market, which is a problem. The reporting could be more detailed and easier to sort out because sorting in Klocwork could be a bit more time-consuming, mainly when sorting defects based on filters, compared to how it's done on other tools such as Coverity. What I'd like added in the next release of Klocwork is the peer code review Cahoots which used to be a part of Klocwork, and the architecture analysis and both have been taken out of Klocwork. I found the two critical for specific deployments, so if those can be brought back to Klocwork, that would be very good.

Read full review

See which vendors are best for you

Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.

See recommendations

862,543 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

No data available

Manufacturing Company

27%

Computer Software Company

14%

Comms Service Provider

Aerospace/Defense Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

Ask a question

Earn 20 points

What do you like most about Klocwork?

It's integrated into our CI, continuous integration.

See all answers

What is your experience regarding pricing and costs for Klocwork?

Klocwork's pricing seems attractive, as it uses a per-user license model that does not have a lot of overhead.

See all answers

What needs improvement with Klocwork?

One area for improvement is that when customers use different static analysis tools, they report more issues compared to Klocwork. The static analysis engine of Klocwork has areas that need improve...

See all answers

Comparisons

SonarQube Server (formerly SonarQube) vs Checkmarx IaC Security / KICS

Compared 62% of the time

Checkmarx One vs Checkmarx IaC Security / KICS

Compared 38% of the time

More Checkmarx IaC Security / KICS Competitors

SonarQube Server (formerly SonarQube) vs Klocwork

Compared 31% of the time

Coverity vs Klocwork

Compared 30% of the time

Polyspace Code Prover vs Klocwork

Compared 14% of the time

Helix QAC vs Klocwork

Compared 5% of the time

Parasoft SOAtest vs Klocwork

Compared 3% of the time

More Klocwork Competitors

Product Reports

Buyer's Guide

Static Application Security Testing (SAST)

July 2025

Download Checkmarx IaC Security / KICS product report

Buyer's Guide

Klocwork

July 2025

Download Klocwork product report

Overview

Checkmarx IaC Security / KICS provides a comprehensive approach to infrastructure as code security, helping organizations identify and remediate vulnerabilities in their IaC templates efficiently.

KICS, an open-source tool by Checkmarx, focuses on strengthening cloud infrastructure security. It scans IaC files like Terraform, AWS CloudFormation, Kubernetes, and Azure Resource Manager, identifying misconfigurations and security flaws before deployment. By integrating seamlessly into CI/CD pipelines, it ensures secure code development without impeding software delivery speed. KICS is designed for developers, DevOps, and security teams to enhance their security posture effectively.

What are the most valuable features of Checkmarx IaC Security / KICS?

Comprehensive Scanning: Analyzes various IaC platforms for misconfigurations and vulnerabilities.
Continuous Integration: Integrates into CI/CD pipelines for ongoing security checks.
Extensive Query Library: Offers a wide range of pre-built queries for diverse detection needs.
Scalability: Suitable for businesses of different sizes, ensuring secure deployments.

What benefits should users expect regarding ROI when evaluating Checkmarx IaC Security / KICS?

Reduced Risk: Identifies vulnerabilities early, minimizing potential threats.
Cost Efficiency: Decreases the resource burden by automating security checks.
Faster Deployment: Facilitates quicker and safer releases with integrated security.
Improved Security Posture: Enhances compliance and security standards adherence.

In industries like finance, healthcare, and technology, implementing Checkmarx IaC Security / KICS enables organizations to meet stringent regulatory compliance requirements and safeguard sensitive data. By embedding security into the development lifecycle, companies can trust their cloud infrastructure setups, maintaining data integrity and customer trust.

Checkmarx

Klocwork detects security, safety, and reliability issues in real-time by using this static code analysis toolkit that works alongside developers, finding issues as early as possible, and integrates with teams, supporting continuous integration and actionable reporting.

Perforce

Sample Customers

Information Not Available

ACCESS Co Ltd, Risk-AI, Winbond Electronics, Bristol-Myers Squibb Pharmaceutical Research Institute, University of Southern California, Alebra Technologies, SIMULIA, Risk Management Solutions, Brigham Young University, SRD, HRL

Buyer's Guide

Static Application Security Testing (SAST)

July 2025

Download Free Report

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST). Updated: July 2025.

DOWNLOAD NOW

862,543 professionals have used our research since 2012.

See our list of best Static Application Security Testing (SAST) vendors.

We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.