G2 Crowd builds the world's largest business commerce platform fueled by $100M in funding šŸš€

CheckMarx

4.1
(21)

Identify software security vulnerabilities & fix them

Work for CheckMarx?

Learning about CheckMarx?

We can help you find the solution that fits you best.

CheckMarx Reviews

Chat with a G2 Advisor
Write a Review
Filter Reviews
Filter Reviews
  • Ratings
  • Company Size
  • User Role
  • For Category
  • Industry
Ratings
Company Size
User Role
For Category
Industry
Showing 21 CheckMarx reviews
LinkedIn Connections
CheckMarx review by Hatim B.
Hatim B.
Validated Reviewer
Verified Current User
Review Source

"A useful SAST tool to improve maturity in IT security"

What do you like best?

Our choice of Checkmarx as a static code audit tool was done after a long reflection. the richness in terms of languages and the customization of the presets were determinents. We were accompanied at first by a very competent editor team. Today, the use of the tool is unavoidable. We use it both as an integrated tool in our IDEs but also when building in our continuous integration platform. He is also at the hand of the security team to audit code delivered by an external service provider.

We also appreciate the possibility of modifying but also creating new rules to eliminate false positives.

The tool is also rich in terms of indicators and charts. it provides a dashboard that makes it easy to track application risk level scores over time and provides management with comprehensive reports. the details of the vulnerabilities detected and the description of the corrections allows the development teams to correct the vulnerabilities but also to learn about the security of the coding.

What do you dislike?

At each audit, the number of false positives is high. but this is a defect specific to SAST tools. knowledge of the business specificities of the application is necessary to personalize the presets to eliminate false positives.

This tool is a step in the security audit process, it must be completed by DAST and IAST audits.

Recommendations to others considering the product

we highly recommend this tool. We have already recommended the tool at our group level. The cost-effectiveness ratio is interesting.

What business problems are you solving with the product? What benefits have you realized?

we use this tool in a bank-insurance information system. Business requirements are high. Checkmarx has helped us improve the maturity of our IT security in order to gain the confidence of our business.

Sign in to G2 Crowd to see what your connections have to say about CheckMarx
CheckMarx review by Sahil M.
Sahil M.
Validated Reviewer
Review Source

"CheckMarx review"

What do you like best?

This is an excellent tool to write secure code and follow best practices. i like that it gives a detailed overview of the issue in your static code and also provides ways to solve it. It attributes a risk profile to each issue and this way you can solve the ones with high priority first.

What do you dislike?

The document generated can sometimes be too verbose and you can loose track of what issues to solve. Sometimes even if you have solved all the issues, re-running the report does not ensure a count of zero.

Recommendations to others considering the product

This works great with Java, you should definitely include this in your technology portfolio

What business problems are you solving with the product? What benefits have you realized?

We use this as a code quality indicator, the tool helps us write efficient and secure code, benefits include fewer bugs due to poor quality code.

What Application Security solution do you use?

Thanks for letting us know!
CheckMarx review by Martin D.
Martin D.
Validated Reviewer
Review Source

"Very easy to use tool for improving security"

What do you like best?

The tool uses your credentials to generate a report and that report is very comprehensive, yet very easy to understand, it makes very easy to solve potential security issues.

What do you dislike?

The report generated by CheckMarx always contains a lot of false positives or duplicated positives, making it bigger than it should, although to be fair it would not be easy to develop a tool that analyses code so thoroughly without displaying a fair amount of duplicates.

What business problems are you solving with the product? What benefits have you realized?

Performing security reviews of my project's code. It gives the user a comprehensive look into the potential security risks and the explanation of such risks which is helpfull for people like me who is not a security expert.

CheckMarx review by Administrator in Automotive
Administrator in Automotive
Validated Reviewer
Review Source

"Great scanning tool for code "

What do you like best?

We use this tool to scan our code for vulnerabilities. It is a great tool because it can be run against our code base and it lists our the vulnerabilities. This has reduced our time for manual code reviews by quite some time. Also, it helps us set code quality standard. We have implemented this as part of our software development cycle. The new developers that come on board can look at previous scans and learn our coding standards and follow that as part of our coding policy.

What do you dislike?

There can be many false positives. Since the tool is automated it doesn't understand some of the code logic and why it was written in a certain way.

Recommendations to others considering the product

Be aware of false positives. Other than it's a great tool to scan your code base.

What business problems are you solving with the product? What benefits have you realized?

It helps us automate the code review process and catches code vulnerabilities. We have saved time on code reviews by running the code against this tool first.

CheckMarx review by User in Financial Services
User in Financial Services
Validated Reviewer
Review Source

"Great for finding overlooked or unthought of issues"

What do you like best?

I like the way that the checkmarx report provides a detailed account of al potential vulnerabilities and then provides examples of how the issue can be fixed. This is very helpful when it comes to trying to resolve all issues.

What do you dislike?

As with anything automated, some issues that are found are just non-issues. We use several different security gating products like Checkmarx and I would say that it is less often incorrect than the others.

Recommendations to others considering the product

It is a good way to catch potential vulnerabilities in your code. With a large code base and many contributors this can be next to impossible if you rely on manual methods (ie. code review).

What business problems are you solving with the product? What benefits have you realized?

We are making our application more secure and staying in the know about new threats and vulnerabilities.

CheckMarx review by Dev B.
Dev B.
Validated Reviewer
Verified Current User
Review Source

"Best software purchase we ever made."

What do you like best?

Really easy to use and the level of detail you can access is amazing.

What do you dislike?

The Cost, it is not cheap, but not good rarely is.

What business problems are you solving with the product? What benefits have you realized?

Static Code Scan for PCI

CheckMarx review by Raju K.
Raju K.
Validated Reviewer
Review Source

"Best security tool "

What do you like best?

We used the tool to find security flaws in our software it helped us to find cross side scripting bugs in an easy way

What do you dislike?

When we integrate with Jenkins the report sent by CheckMarx is not easily redable

What business problems are you solving with the product? What benefits have you realized?

Security

Code Analysis

Cross side scripting

SQL injections

CheckMarx review by vidya vignan c.
vidya vignan c.
Validated Reviewer
Review Source

"We use it for checking the test cases"

What do you like best?

Automation has been much more easier with the checkmarx

What do you dislike?

Even if 1 test fails it shows the everything as failed

What business problems are you solving with the product? What benefits have you realized?

Automation is the main purpose of our use.

CheckMarx review by Shebin P.
Shebin P.
Validated Reviewer
Review Source

"Code quality using Checkmarx"

What do you like best?

It gives suggestions of technical issues correctly.

What do you dislike?

Its a little confusing with existing code bases.

Recommendations to others considering the product

Better in finding code issues.

What business problems are you solving with the product? What benefits have you realized?

Better code quality is obtained using Checkmarx.

CheckMarx review by User in Internet
User in Internet
Validated Reviewer
Review Source

"A really great way to run security tests"

What do you like best?

I was working on a project for Salesforce and needed to test my code and running CheckMarx against the code helped me get my development done faster and done right.

What do you dislike?

The specific documentation for APEX is a little hard to parse but it helps point out where you need to look.

What business problems are you solving with the product? What benefits have you realized?

We needed to test our APEX code and needed to make sure it was as secure as possible.

CheckMarx review by Administrator in Media Production
Administrator in Media Production
Validated Reviewer
Review Source

"Super easy to install!"

What do you like best?

Easy installation and rollout, it performs thorough scans across most, if not all all, languages.

What do you dislike?

The work-layout requires a full screen, and like four windows. It''s not something you can do passively because it takes the whole screen.

What business problems are you solving with the product? What benefits have you realized?

Strengthening security by making the code airtight. And making cleaning the code provides many pluses, in general.

CheckMarx review by Prashanth M.
Prashanth M.
Validated Reviewer
Review Source

"Good App"

What do you like best?

Highly recommend Check mark in this current trend.

What do you dislike?

Not having an option to choose personal email.

What business problems are you solving with the product? What benefits have you realized?

Analytics

CheckMarx review by User in Government Administration
User in Government Administration
Validated Reviewer
Review Source

"Innovative"

What do you like best?

This is a very innovative company. The product is safe.

What do you dislike?

Customer service is not so great. It takes a while for them to return your call.

Recommendations to others considering the product

Consider it. Nothing to lose. If you do not like it, switch to something else.

What business problems are you solving with the product? What benefits have you realized?

It is good for network security.

CheckMarx review by Consultant in Information Technology and Services
Consultant in Information Technology and Services
Validated Reviewer
Review Source

"Checkmarx code scanner for Salesforce"

What do you like best?

Fast code scanning capability and to the point recommendation.

What do you dislike?

Many false positive scenarios are provided in results when scanning is done for Apex code

Recommendations to others considering the product

Easy to use for code scanning of Force.com

What business problems are you solving with the product? What benefits have you realized?

Salesforce code security issues. Ability to find major security issues and recommendation to fix them

CheckMarx review by Administrator in Food Production
Administrator in Food Production
Validated Reviewer
Review Source

"Not bad but could be better "

What do you like best?

The software is responsive it is very dynamic and very thorough. If you need a dynamic system look here.

What do you dislike?

Sometimes when you most need a part to save it is sometimes slow.

Recommendations to others considering the product

Buy it

What business problems are you solving with the product? What benefits have you realized?

Integrity, allows us to finish our job right.

CheckMarx review by Consultant in Information Technology and Services
Consultant in Information Technology and Services
Validated Reviewer
Review Source

"Great for Code REviews"

What do you like best?

Reviews APEX code and most security/code scanners do not

What do you dislike?

Results take a few minutes to return, not a huge issue but if you are in a time crunch you never know when they will arrive :)

What business problems are you solving with the product? What benefits have you realized?

Providing reassurance to our customers

CheckMarx review by Administrator in Renewables & Environment
Administrator in Renewables & Environment
Validated Reviewer
Review Source

"Spying on Salesforce inhouse Source "

What do you like best?

Static analysis & Apex Overview of unpackaged code

What do you dislike?

Cost is a big concern and frequent analysis could be better if cost is not a concern.

What business problems are you solving with the product? What benefits have you realized?

Threat identification in our custom code.

Security requirements review.

CheckMarx review by User in Financial Services
User in Financial Services
Validated Reviewer
Review Source

"Good and practical"

What do you like best?

Checkmarx has a lot of pros, easy to deploy and integrates well in the SDLC, board overage of language support.

What do you dislike?

Very high number of false positives takes longer time to triage.

What business problems are you solving with the product? What benefits have you realized?

Securing SDLC.

CheckMarx review by User
User
Validated Reviewer
Review Source

"Checkmarx for security scan of code base"

What do you like best?

Recommendations provided are easy to understand and actionable insights

What do you dislike?

too many false positive results while scanning code

Recommendations to others considering the product

Good tool to use for code scanning for beginners

What business problems are you solving with the product? What benefits have you realized?

Code best practices

CheckMarx review by Administrator in Medical Devices
Administrator in Medical Devices
Validated Reviewer
Review Source

"Great security software"

What do you like best?

Application Security testing and the testing UI

What do you dislike?

Still needs the break even analysis for the cases

What business problems are you solving with the product? What benefits have you realized?

Application software vulnerablities and workflow needed

CheckMarx review by Administrator
Administrator
Validated Reviewer
Review Source

"nice "

What do you like best?

providing the scan report in multiple formats

What do you dislike?

integrating with build tools is not fun

What business problems are you solving with the product? What benefits have you realized?

scanning the vulnerabilities in source code

Kate from G2 Crowd

Learning about CheckMarx?

I can help.
* We monitor all CheckMarx reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. Validated reviews require the user to submit a screenshot of the product containing their user ID, in order to verify a user is an actual user of the product.