We performed a comparison between Checkmarx One and Synopsys Code Dx based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Testing (AST)."From my point of view, it is the best product on the market."
"Overall, the ability to find vulnerabilities in the code is better than the tool that we were using before."
"The solution improved the efficiency of our code security reviews. It helps tremendously because it finds hundreds of potential problems sometimes."
"The most valuable features of Checkmarx are the Best Fix Location and the Payments option because you can save a lot of time trying to mitigate the configuration. Using these tools can save you a lot of time."
"Checkmarx has helped us deliver more secure products. We are able to do static code analysis with the tool before shipping our code to production. When the integration is in the pipeline, this tool gives us early notifications on code fixes."
"The value you can get out of the speedy production may be worth the price tag."
"The process of remediating software security vulnerabilities can now be performed (ongoing) as portions of the application are being built in advance of being compiled."
"Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%."
"The customers were looking for something around static security and dynamic security, and in all those areas, they were looking for an industry leader with a proven solution. Synopsys is a Gartner leader, so I position this particular technology for the technical pre-sales part of it."
"The resolutions should also be provided. For example, if the user faces any problem regarding an installation due to the internal security policies of their company, there should be a resolution offered."
"Checkmarx could improve the speed of the scans."
"Integration into the SDLC (i.e. support for last version of SonarQube) could be added."
"With Checkmarx, normally you need to use one tool for quality and you need to use another tool for security. I understand that Checkmarx is not in the parity space because it's totally different, but they could include some free features or recommendations too."
"Checkmarx needs to be more scalable for large enterprise companies."
"This product requires you to create your own rulesets. You have to do a lot of customization."
"They can support the remaining languages that are currently not supported. They can also create a different model that can identify zero-day attacks. They can work on different patterns to identify and detect zero-day vulnerability attacks."
"I really would like to integrate it as a service along with the SAP HANA Cloud Platform. It will then be easy to use it directly as a service."
"The initial setup is a bit challenging because things are not easy. It needs a lot of technology adaptability plus the customer's environment-specific use cases."
Checkmarx One is ranked 3rd in Application Security Testing (AST) with 67 reviews while Synopsys Code Dx is ranked 31st in Application Security Testing (AST) with 1 review. Checkmarx One is rated 7.6, while Synopsys Code Dx is rated 0.0. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Synopsys Code Dx writes "Facilitates continuous assessment of applications, covering both static and dynamic security aspects". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Synopsys Code Dx is most compared with Veracode, Coverity and SonarQube.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.