# Checkmarx Reviews **Vendor:** Checkmarx **Category:** [Static Application Security Testing (SAST) Software](https://www.g2.com/categories/static-application-security-testing-sast) **Average Rating:** 4.2/5.0 **Total Reviews:** 36 ## About Checkmarx Checkmarx is a type of application security solution designed to help organizations safeguard their software development processes while enhancing efficiency and reducing costs. The Checkmarx One platform stands out in the realm of enterprise-grade security, offering comprehensive protection that addresses the complexities of modern software development, including legacy systems and AI-generated code. By scanning trillions of lines of code annually, Checkmarx enables companies to significantly lower their vulnerability density, ensuring a robust defense against potential threats. The platform is particularly beneficial for software development teams, security professionals, and organizations that prioritize secure coding practices. With the increasing reliance on AI technologies and the rapid pace of software development, Checkmarx One provides essential tools to mitigate risks associated with both traditional and emerging programming languages. Its innovative architecture, powered by autonomous security agents and AI-native intelligence, allows organizations to integrate security seamlessly into their development workflows, thereby accelerating development velocity without compromising on safety. Key features of Checkmarx One include Triage Assist, which employs an autonomous AI agent to prioritize vulnerabilities based on real-world exploitability and contextual risk. This feature empowers teams to concentrate their efforts on the most critical issues rather than getting bogged down by static severity scores. Additionally, Remediation Assist generates review-ready fixes for validated vulnerabilities prior to code merges, streamlining the secure delivery process and minimizing the manual overhead typically associated with remediation tasks. Developer Assist is another notable feature, acting as a standalone security agent that identifies risks during the coding process. By providing safe, explainable, and verified fixes directly within the integrated development environment (IDE), it supports developers in maintaining a stable and rapid development pace. Furthermore, the platform includes AI Supply Chain Security, which offers centralized governance and visibility for AI components embedded in applications, ensuring that hidden AI assets are discovered and managed effectively. Lastly, Checkmarx One incorporates advanced analysis engines such as AI SAST and DAST for AI, which enhance security measures across various environments. The AI SAST feature expands detection capabilities to cover emerging and unsupported programming languages, while the DAST for AI strengthens runtime protection in continuous integration and deployment (CI/CD) settings. Together, these features position Checkmarx One as a comprehensive solution for organizations looking to fortify their software development lifecycle against evolving threats. ## Checkmarx Pros & Cons **What users like:** - Users find Checkmarx's implementation to be **straightforward and user-friendly** , facilitating seamless integration with existing repositories. (2 reviews) - Users commend the **intuitive user interface** of Checkmarx, facilitating easy navigation and effective security reviews. (2 reviews) - Users appreciate the **accuracy of results** from Checkmarx, benefiting from detailed insights and intuitive guidance for fixing vulnerabilities. (1 reviews) - Users find Checkmarx's **automation testing** efficient for security reviews, with intuitive UI and helpful vulnerability insights. (1 reviews) - Users commend Checkmarx for its **exceptional customer support** , always ready to assist with any unresolved issues. (1 reviews) - Dashboard Usability (1 reviews) - Deployment (1 reviews) - Users find Checkmarx to be **very easy to use** , quickly familiarizing themselves with its numerous features and functionalities. (1 reviews) - Users find **easy integrations** with Checkmarx enhance functionality, making it simple to utilize its many features. (1 reviews) - Easy Setup (1 reviews) **What users dislike:** - Users find Checkmarx generates a large amount of **false positives** for Kotlin projects, affecting development efficiency. (1 reviews) - Users report **inadequate support for Kotlin** in Checkmarx, leading to a significant number of false positives. (1 reviews) - Users express frustration over the **missing support for Kotlin** , leading to numerous false positives in project reports. (1 reviews) - Users feel the **poor navigation** of Checkmarx hampers their ability to efficiently use the dashboards. (1 reviews) ## Checkmarx Discussions - [What is Checkmarx used for?](https://www.g2.com/discussions/checkmarx-what-is-checkmarx-used-for) - 1 comment, 1 upvote - [Which testing method does Checkmarx support?](https://www.g2.com/discussions/which-testing-method-does-checkmarx-support) - 1 comment - [Does Checkmarx support DAST?](https://www.g2.com/discussions/does-checkmarx-support-dast) - 1 comment - [What is Checkmarx used for?](https://www.g2.com/discussions/what-is-checkmarx-used-for) - 2 comments - [View Checkmarx pricing details and edition comparison](https://www.g2.com/products/checkmarx/reviews?page=3&qs=pros-and-cons§ion=pricing&secure%5Bexpires_at%5D=2026-05-16+19%3A18%3A54+-0500&secure%5Bsession_id%5D=4ef1e2f1-0627-4b60-addb-c6478f3d3f01&secure%5Btoken%5D=c693aadcac463f5563814ef3d2a80f830a5ca35c795132fe7306ce66d6def852&format=llm_user) ## Checkmarx Integrations - [TeamCity](https://www.g2.com/products/teamcity/reviews) ## Checkmarx Features **Administration** - API / Integrations - Extensibility **Administration** - API / Integrations - Extensibility **Documentation** - Feedback - Prioritization - Remediation Suggestions **Agentic AI - Static Code Analysis** - Adaptive Learning - Natural Language Interaction - Proactive Assistance **Performance - AI AppSec Assistants** - Remediation - Real-time Vulnerability Detection - Accuracy **Analysis** - Reporting and Analytics - Issue Tracking - Static Code Analysis - Code Analysis **Analysis** - Reporting and Analytics - Issue Tracking - Static Code Analysis - Vulnerability Scan - Code Analysis **Security** - False Positives - Custom Compliance - Agility **Integration - AI AppSec Assistants** - Stack Integration - Workflow Integration - Codebase Contextual Awareness **Testing** - Command-Line Tools - Manual Testing - Test Automation - Compliance Testing - Black-Box Scanning - Detection Rate - False Positives **Testing** - Manual Testing - Test Automation - Compliance Testing - Black-Box Scanning - Detection Rate - False Positives **Agentic AI - Interactive Application Security Testing (IAST)** - Autonomous Task Execution **Agentic AI - Static Application Security Testing (SAST)** - Autonomous Task Execution ## Top Checkmarx Alternatives - [Veracode Application Security Platform](https://www.g2.com/products/veracode-application-security-platform/reviews) - 3.8/5.0 (24 reviews) - [SonarQube](https://www.g2.com/products/sonarqube/reviews) - 4.4/5.0 (139 reviews) - [GitLab](https://www.g2.com/products/gitlab/reviews) - 4.5/5.0 (874 reviews)