We performed a comparison between Checkmarx One and NowSecure based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Testing (AST)."The product's most valuable feature is static code and supply chain effect analysis. It provides a lot of visibility."
"We use the solution to validate the source code and do SAST and security analysis."
"The most valuable features of Checkmarx are difficult to pinpoint because of the way the functionalities and the features are intertwined, it's difficult to say which part of them I prefer most. You initiate the scan, you have a scan, you have the review set, and reporting, they all work together as one whole process. It's not like accounting software, where you have the different features, et cetera."
"Overall, the ability to find vulnerabilities in the code is better than the tool that we were using before."
"It is very useful because it fits our requirements. It is also easy to use. It is not complex, and we are satisfied with the results."
"The solution allows us to create custom rules for code checks."
"We use the solution for dynamic application testing."
"Checkmarx pinpoints the vulnerability in the code and also presents the flow of malicious input across the application."
"The most valuable feature is the ability to download an application without actually putting in the APK. It gives us an option to put the APK in if we want to but we can download it from the App Store and Play Store."
"One area for improvement in Checkmarx is pricing, as it's more expensive than other products."
"We would like to be able to run scans from our local system, rather than having to always connect to the product server, which is a longer process."
"Checkmarx could improve the speed of the scans."
"Checkmarx needs to improve the false positives and provide more accuracy in identifying vulnerabilities. It misses important vulnerabilities."
"Checkmarx could improve the solution reports and false positives. The false positives could be reduced. For example, we have alerts that are tagged as vulnerabilities but when you drill down they are not."
"The product's reporting feature could be better. The feature works well for developers, but reports generated to be shared with external parties are poor, it lacks the details one gets when viewing the results directly from the Checkmarx One platform."
"If it is a very large code base then we have a problem where we cannot scan it."
"Checkmarx could be improved with more integration with third-party software."
"In this solution, there are two kinds of testing, static analysis, and dynamic analysis. There needs some improvement in testing with dynamic analysis because I have found it is not accurate"
Earn 20 points
Checkmarx One is ranked 3rd in Application Security Testing (AST) with 67 reviews while NowSecure is ranked 32nd in Application Security Testing (AST). Checkmarx One is rated 7.6, while NowSecure is rated 7.0. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of NowSecure writes "Scalable and reliable, but dynamic analysis needs improvement". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas NowSecure is most compared with Veracode, Data Theorem API Secure , GitLab and Acunetix.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
