We performed a comparison between Checkmarx One and Digital.ai Application Security based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."The main advantage of this solution is its centralized reporting functionality, which lets us track issues, then see and report on the priorities via a web portal."
"We use the solution to validate the source code and do SAST and security analysis."
"It is a stable product."
"The best thing about Checkmarx is the amount of vulnerabilities that it can find compared to other free tools."
"Scan reviews can occur during the development lifecycle."
"We were using HPE Security Fortify to scan code for security vulnerabilities, but it can scan only after a successful compile. If the code has dependencies or build errors, the scan fails. With Checkmarx, pre-compile scanning is seamless. This allows us to scan more code."
"The most valuable features of Checkmarx are the automation and information that it provides in the reports."
"It allows for SAST scanning of uncompiled code. Further, it natively integrates with all key repos formats (Git, TFS, SVN, Perforce, etc)."
"I used the tool to prepare for the interview as a Business Developer. It helped me improve my understanding on software security."
"Checkmarx has a slightly difficult compilation with the CI/CD pipeline."
"Some of the descriptions were found to be missing or were not as elaborate as compared to other descriptions. Although, they could be found across various standard sources but it would save a lot of time for developers, if this was fixed."
"Licensing models and Swift language support are the aspects in which this product needs to improve. Swift is a new language, in which major customers require support for lower prices."
"I really would like to integrate it as a service along with the SAP HANA Cloud Platform. It will then be easy to use it directly as a service."
"There is nothing particular that I don't like in this solution. It can have more integrations, but the integrations that we would like are in the roadmap anyway, and they just need to deliver the roadmap. What I like about the roadmap is that it is going where it needs to go. If I were to look at the roadmap, there is nothing that is jumping out there that says to me, "Yeah. I'd like something else on the roadmap." What they're looking to deliver is what I would expect and forecast them to deliver."
"Checkmarx could improve the speed of the scans."
"When we first ran it on a big project, there wasn't enough memory on the computer. It originally ran with eight gigabytes, and now it runs with 32. The software stopped at some point, and while I don't think it said it ran out of memory, it just said "stopped" and something else. We had to go to the logs and send them to the integrator, and eventually, they found a memory issue in the logs and recommended increasing the memory. We doubled it once, and it didn't seem enough. We doubled it again, and it helped."
"The lack of ability to review compiled source code. It would then be able to compete with other scanning tools, such as Veracode."
"I would like the tool to integrate AI and automation that is dedicated to detecting software vulnerabilities."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Digital.ai Application Security is ranked 36th in Application Security Tools with 1 review. Checkmarx One is rated 7.6, while Digital.ai Application Security is rated 6.0. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Digital.ai Application Security writes "Helps to improve knowledge on software security ". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Digital.ai Application Security is most compared with SonarQube, PortSwigger Burp Suite Professional and Fortify Application Defender.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.