We performed a comparison between Checkmarx One and Klocwork based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution communicates where to fix the issue for the purpose of less iterations."
"The most valuable features of Checkmarx are the automation and information that it provides in the reports."
"The most valuable features are the easy to understand interface, and it 's very user-friendly."
"It's not an obstacle for developers. They can easily write their code and make it more secure with Checkmarx."
"The feature that I have found most valuable is that its number of false positives is less than the other security application platforms. Its ease of use is another good feature. It also supports most of the languages."
"The most valuable feature for me is the Jenkins Plugin."
"The user interface is excellent. It's very user friendly."
"It is very useful because it fits our requirements. It is also easy to use. It is not complex, and we are satisfied with the results."
"The reporting helps us understand the trend of our results and whether we improve over time. We can see the history within Klocwork's server architecture and know that we're making things better. It creates a great story for our management. We can demonstrate value and how our software is developing over time."
"It's integrated into our CI, continuous integration."
"The ability to create custom checkers is a plus."
"We like using the static analysis and code refactoring, which are very valuable because of our requirements to meet safety critical levels and reliability."
"On-the-fly analysis and incremental analysis are the best parts of Klocwork. Currently, we are using both of these features very effectively."
"Klocwork's most valuable feature is the static code analysis feature. It detects the potential problem earlier to allow the developer to receive feedback quickly and then address it before it becomes a problem."
"The most valuable feature is the Incremental analysis."
"There's a feature in Klocwork called 'on-the-fly analysis', which helps developers to find and fix the defects at the time of development itself."
"Its user interface could be improved and made more friendly."
"Checkmarx has a slightly difficult compilation with the CI/CD pipeline."
"I would like to see the rate of false positives reduced."
"Checkmarx could be improved with more integration with third-party software."
"I would like to see the tool’s pricing improved."
"If it is a very large code base then we have a problem where we cannot scan it."
"We have received some feedback from our customers who are receiving a large number of false positives."
"The pricing can get a bit expensive, depending on the company's size."
"Klocwork has to improve its features to stay ahead of other free solutions."
"This solution could be improved if they offered support of more languages including Ada and Golang. They currently only support seven languages."
"We'd like to see integration with Agile DevOps and Agile methodologies."
"What needs improvement in Klocwork, compared to other products in the market, is the dashboard or reporting mechanisms that need to be a bit more flexible. The Klocwork dashboard could be improved. Though it's good, it's not as good as some of the other products in the market, which is a problem. The reporting could be more detailed and easier to sort out because sorting in Klocwork could be a bit more time-consuming, mainly when sorting defects based on filters, compared to how it's done on other tools such as Coverity."
"Klocwork does have a problem with true positives. It only found 30% of true positives in the Juliet test case."
"The way to define the rules is too complex. The definition/rules for static analysis could be automated according to various SILs, so as to avoid confusion."
"Every update that we receive requires of us a lengthy and involved process."
"Modern languages, such as Angular and .NET, should be included as a part of Klocwork. They have recently added Kotlin as a part of their project, but we would like to see more languages in Klocwork. That's the reason we are using Coverity as a backup for some of the other languages."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Klocwork is ranked 18th in Application Security Tools with 20 reviews. Checkmarx One is rated 7.6, while Klocwork is rated 8.2. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Klocwork writes "Their technical team helps us get the most out of the solution, but we've faced some stability problems in our environment". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Klocwork is most compared with SonarQube, Coverity, Polyspace Code Prover, CodeSonar and Veracode. See our Checkmarx One vs. Klocwork report.
See our list of best Application Security Tools vendors, best Application Security Testing (AST) vendors, and best Static Code Analysis vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.