What is the biggest difference between Veracode and Checkmarx?

  • 6
  • 286
PeerSpot user

6 Answers

Russell Rothstein - PeerSpot reviewer
Jan 29, 2020

JaeLee, check out our comparison page hereof Veracode vs Checkmarx: https://www.itcentralstation.c...

Checkmarx is ranked 4th, while Veracode is ranked 1st with 39 reviews. Checkmarx is rated 8.0, while Veracode is rated 8.2. 

The top reviewer of Checkmarx writes "Works well with Windows servers but no Linux support and takes too long to scan files". 

On the other hand, the top reviewer of Veracode writes "Enables us to automatically submit each new build for scanning and get results directly into our JIRA". 

Checkmarx is most compared with SonarQube, Veracode and Micro Focus Fortify on Demand, whereas Veracode is most compared with SonarQube, Checkmarx and Micro Focus Fortify on Demand.

Product comparison that may be of interest to you
Apr 24, 2020

Veracode has offered a dynamic analysis testing solution for several years, having launched our first offering in 2015. Veracode’s DAST product line offers the ideal solution to find all of the sites on your web perimeter, including the ones that you did not know about, and run a comprehensive DAST scan of the websites you are securing. Veracode Dynamic Analysis scans Single Page Apps and apps built with Angular and React Vue.js frameworks. Veracode Dynamic Analysis provides scanning automation to configure, schedule, and kick-off scans using REST APIs. We offer integrations with Jira and Jenkins to help streamline your processes. While we are new entrants into the IAST market, we’re confident that Veracode Interactive Analysis can meet the needs of the market. Veracode’s IAST product installs in the pipeline with a lightweight, multi-language agent that delivers high-quality results. Veracode Interactive Analysis covers multiple languages to simplify CICD tooling and adds only 3% to pipeline timelines.

Real User
Feb 4, 2020

In order to run correctly, Veracode needs executables compiled with debug, that is not so different from having source code, but configuration files checking will be excluded from the analysis. The quality of detections of CheckMarx is superior, as well as the number of supported programming languages. Further, the Veracode company's stability was recently mined by a further recent acquisition. Between those products I haven't any doubt to choose Checkmarx

it_user1162671 - PeerSpot reviewer
Feb 4, 2020

Veracode is very new in DAST and IAST, Checkmarx is offering that since longer time and is more experienced.

Feb 2, 2020

Checkmarx can be deploy on private , Veracode only support the Saas Model . But in China I think that is better for Appscan which include black box and white box function . Any question can contact SYSTIME CHINA . (Apple@systime.com.cn)

Jan 28, 2020


Find out what your peers are saying about Checkmarx vs. Veracode and other solutions. Updated: November 2023.
746,635 professionals have used our research since 2012.
Checkmarx vs. Veracode comparison
We performed a comparison between Checkmarx vs.Veracode based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below. Ease of Deployment: Users note that both products are very straightforward and simple to set up. A few Veracode users mention slight complexity. Features: Users of both products are happy with their flexibility, stability, and scalability, although a few Checkmarx users note instances with bugs.Checkmarx users are...
Download Checkmarx vs. Veracode comparison ReportRead more

Related Q&As