Sign in
Sign in
or
Create a new account
Agent Mode
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

Checkmarx One

Checkmarx

Reviews from AWS customer

4 AWS reviews
  • 5 star
    0
  • 4 star
    4
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

51 reviews
from and

External reviews are not included in the AWS star rating for the product.

4-star reviews ( Show all reviews )

    Banking

Checkmarx : Enable SAST for CI/CD Effortlessly

  • September 23, 2021
  • Review provided by G2

What do you like best about the product?
The best features of Checkmarx are:
1) Open Source vulnerability scanner
2) Integration with multiple Ci/CD orchestration tools
3) Real-time reporting of static code vulnerabilities
What do you dislike about the product?
I feel the Jenkins code snippet of Checkmarx is a bit complex, and it could be a lot simpler.
What problems is the product solving and how is that benefiting you?
We have enabled SAST in our CI/CD pipelines using Checkmarx. It saves a lot of time as the integration of Checkmarx with our CI/CD orchestration tool achieves maximum automation and reduces the time significantly.

    Sujeet S.

Impressed with the Codebashing platform and AppSec awareness

  • June 25, 2021
  • Review provided by G2

What do you like best about the product?
Checkmarx has an impressive Codebashing feature that has the edge over SonarQube. The application tracking-reporting feature is good too. I like the "delta-scan" feature as it is really good for cases when there are very frequent scans needed (e.g. with every major code commit, we don't want the entire source code scan to happen again). Having used both tools extensively (SonarQube and Checkmarx), I prefer Checkmarx overall. Checkmarx also fares better compared to peers when it comes to finding any vulnerabilities within the database. Since ours is a user-information driven applicaiton, it becomes even more imminent to identify the data-specfic vulnerabilities at the earliest.
What do you dislike about the product?
Dashboarding could be better. The UI to show the current issue and the descriptive/suggestive text for the potential fix could be more "obvious" to the end-users. SonarQube scores over checkmarx in this regard.
Also, dashboarding could provide a little more flexibility towards the creation of new widgets.
One ore thing that I disliked about Checkmarx is that I could not find a free version in the market. Even for making an initial comparison, I had to contact the sales rep (the sales rep were pretty quick to respond, though).
What problems is the product solving and how is that benefiting you?
Static code analysis helps identify AppSec related issues at the earliest. Also, integration with the CICD pipeline ensures quality gating.
Ours is new product development in the earlier stages, and checkmarx is truly helping us by providing the developers and early insight into what could be done "right" from the beginning and instill a culture of finding issues at the earlier stage of development.
Recommendations to others considering the product:
Check your organization's needs. Checkmarx is comparitively expensive, and there is no free edition to try out first, as far as I know.

    Information Technology and Services

Good and very useful sast tool

  • June 27, 2019
  • Review provided by G2

What do you like best about the product?
The report generated by this tool is comprehensive and easy to understand
It has good charts
What do you dislike about the product?
The report some times have false positives and duplication
What problems is the product solving and how is that benefiting you?
Performing security testing using this tool

    Banking

Great application for Software security

  • October 23, 2018
  • Review provided by G2

What do you like best about the product?
Results are pretty good with CheckMarx. This tool is helpful to build secure source code. CheckMarx scan report gives detailed view of each issue and flowchart is given for the variables which might cause security threat. Code scanning is fast.
What do you dislike about the product?
Sometimes reports generated by the CheckMarx scan contain lot of false positive issues even though code is designed in a way that ensures security. This decreases the readability of the reports.
What problems is the product solving and how is that benefiting you?
Sotware application is tested using CheckMarx.
Benefits:
1. Secure code development and best coding practices
2. Possible vulnerabilities and threats identification to assure software quality
3.
Recommendations to others considering the product:
Great tool designed for security scan.

    Financial Services

Great for finding overlooked or unthought of issues

  • September 30, 2018
  • Review provided by G2

What do you like best about the product?
I like the way that the checkmarx report provides a detailed account of al potential vulnerabilities and then provides examples of how the issue can be fixed. This is very helpful when it comes to trying to resolve all issues.
What do you dislike about the product?
As with anything automated, some issues that are found are just non-issues. We use several different security gating products like Checkmarx and I would say that it is less often incorrect than the others.
What problems is the product solving and how is that benefiting you?
We are making our application more secure and staying in the know about new threats and vulnerabilities.
Recommendations to others considering the product:
It is a good way to catch potential vulnerabilities in your code. With a large code base and many contributors this can be next to impossible if you rely on manual methods (ie. code review).

    vidya vignan c.

We use it for checking the test cases

  • August 30, 2018
  • Review provided by G2

What do you like best about the product?
Automation has been much more easier with the checkmarx
What do you dislike about the product?
Even if 1 test fails it shows the everything as failed
What problems is the product solving and how is that benefiting you?
Automation is the main purpose of our use.

    Shebin P.

Code quality using Checkmarx

  • August 11, 2018
  • Review provided by G2

What do you like best about the product?
It gives suggestions of technical issues correctly.
What do you dislike about the product?
Its a little confusing with existing code bases.
What problems is the product solving and how is that benefiting you?
Better code quality is obtained using Checkmarx.
Recommendations to others considering the product:
Better in finding code issues.

    Martin D.

Very easy to use tool for improving security

  • January 18, 2018
  • Review provided by G2

What do you like best about the product?
The tool uses your credentials to generate a report and that report is very comprehensive, yet very easy to understand, it makes very easy to solve potential security issues.
What do you dislike about the product?
The report generated by CheckMarx always contains a lot of false positives or duplicated positives, making it bigger than it should, although to be fair it would not be easy to develop a tool that analyses code so thoroughly without displaying a fair amount of duplicates.
What problems is the product solving and how is that benefiting you?
Performing security reviews of my project's code. It gives the user a comprehensive look into the potential security risks and the explanation of such risks which is helpfull for people like me who is not a security expert.

    Media Production

Super easy to install!

  • January 11, 2018
  • Review provided by G2

What do you like best about the product?
Easy installation and rollout, it performs thorough scans across most, if not all all, languages.
What do you dislike about the product?
The work-layout requires a full screen, and like four windows. It''s not something you can do passively because it takes the whole screen.
What problems is the product solving and how is that benefiting you?
Strengthening security by making the code airtight. And making cleaning the code provides many pluses, in general.

    Sahil M.

CheckMarx review

  • January 05, 2018
  • Review provided by G2

What do you like best about the product?
This is an excellent tool to write secure code and follow best practices. i like that it gives a detailed overview of the issue in your static code and also provides ways to solve it. It attributes a risk profile to each issue and this way you can solve the ones with high priority first.
What do you dislike about the product?
The document generated can sometimes be too verbose and you can loose track of what issues to solve. Sometimes even if you have solved all the issues, re-running the report does not ensure a count of zero.
What problems is the product solving and how is that benefiting you?
We use this as a code quality indicator, the tool helps us write efficient and secure code, benefits include fewer bugs due to poor quality code.
Recommendations to others considering the product:
This works great with Java, you should definitely include this in your technology portfolio

showing 21 - 30