Checkmarx One and GitHub compete in application security and source code management, respectively. Checkmarx One is advantageous for its comprehensive scanning capabilities and robust security features, while GitHub has an edge in collaboration and ease of integration.
Features: Checkmarx One excels in static and dynamic application security testing with fast performance, comprehensive scanning, and strong support for multiple languages. GitHub focuses on efficient source code management with version control, collaboration tools, and seamless integration with other platforms.
Room for Improvement: Checkmarx One users suggest reducing false positives, enhancing report customization, and improving CI/CD pipeline integration. GitHub users desire better security, improved conflict resolution tools, and enhanced user interface elements.
Ease of Deployment and Customer Service: Checkmarx One offers flexibility with options for on-premises and hybrid cloud deployments, appealing to enterprises. GitHub, focusing on public cloud deployment, provides a straightforward solution with strong community support.
Pricing and ROI: Checkmarx One is a premium solution with higher costs justified by security features and a strong ROI through faster release cycles. GitHub offers free and competitively priced plans, making it accessible to individuals and small teams with advanced features at a cost-effective rate.
I have not used GitHub's technical support extensively because there are many resources and a robust knowledge base available due to the large user community.
The technical support from GitHub is generally good, and they communicate effectively.
Some forums help you get answers faster since you just type in your concern and see resolutions from other engineers.
We have never had a problem with scalability, so I would rate it at least eight to nine.
GitHub is more scalable than on-prem solutions, allowing for cloud-based scaling which is beneficial for processing large workloads efficiently.
I would rate the stability of this solution a nine on a scale of 1 to 10 where one is low stability and 10 is high.
If a skilled developer uses it, it is ten out of ten for stability.
It provides a reliable environment for code management.
GitHub is mostly stable, but there can be occasional hiccups.
It could suggest how the code base is written and automatically populate the source code with three different solution options to choose from.
When working with the CI/CD pipeline and somebody is writing the workflow file, it would be best to include the AI feature so if they write incorrect code, it will notify me about it in the same dashboard, eliminating the need to use third-party tools to review the file.
When solving merge conflicts, it would be helpful to have tooltips within the actions to know what changes could happen next when resolving a conflict.
I would like to see some AI functionality included in GitHub, similar to the features seen in GitLab, to enhance productivity.
The pricing of GitHub depends on the choice of solutions, such as building one's own GitHub Runners to save money or using GitHub's Runners with extra costs.
Normally, GitHub is not expensive, but it would be welcome if it reduces costs for developing countries.
The pricing of GitHub is reasonable, with the cost being around seven dollars per user per month for private repositories.
My experience with the initial setup of Checkmarx One is straightforward; it is not complex compared to other tools that I have tried.
When working with the CI/CD pipeline and somebody is writing the workflow file, it would be best to include the AI feature so if they write incorrect code, it will notify me about it in the same dashboard, eliminating the need to use third-party tools to review the file.
I like how I can create different builds from different branches, which helps me as a QA to test certain features separately from the main application.
GitHub Actions for CI/CD implementation.
| Product | Market Share (%) |
|---|---|
| Checkmarx One | 10.2% |
| GitHub | 0.9% |
| Other | 88.9% |
| Company Size | Count |
|---|---|
| Small Business | 30 |
| Midsize Enterprise | 9 |
| Large Enterprise | 38 |
| Company Size | Count |
|---|---|
| Small Business | 42 |
| Midsize Enterprise | 12 |
| Large Enterprise | 48 |
Checkmarx One is an enterprise cloud-native application security platform focused on providing cross-tool, correlated results to help AppSec and developer teams prioritize where to focus time and resources.
Checkmarx One offers comprehensive application scanning across the SDLC:
Checkmarx One provides everything you need to secure application development from the first line of code through deployment and runtime in the cloud. With an ever-evolving set of AppSec engines, correlation and prioritization features, and AI capabilities, Checkmarx One helps consolidate expanding lists of AppSec tools and make better sense of results. Its capabilities are designed to provide an improved developer experience to build trust with development teams and ensure the success of your AppSec program investment.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
