Best Software for 2025 is now live!
Show rating breakdown
Save to My Lists
Claimed
Claimed

Top Rated Checkmarx Alternatives

Checkmarx Reviews & Product Details

Checkmarx Overview

What is Checkmarx?

Checkmarx is constantly pushing the boundaries of Application Security (AppSec) Testing to make security seamless and simple for the world’s developers while giving CISOs the confidence and control they need. As the AppSec testing leader, Checkmarx provides the industry’s most comprehensive AST platform, Checkmarx One, that provides developers and security teams with unparalleled accuracy, coverage, visibility and guidance to reduce risk across all components of modern software—including proprietary code, open source, APIs and infrastructure as code. More than 1,800 customers, including half of the Fortune 50, trust Checkmarx security technology, expert research, and global services to securely optimize development at speed and scale.

Checkmarx Details
Show LessShow More
Product Description

Identify software security vulnerabilities & fix them

How do you position yourself against your competitors?

Checkmarx offers developer-friendly, auditor-friendly and CISO-friendly application security solutions that are easy to get up-and-running and integrate well with other tools used in your SDLC. By implementing CxSAST throughout your SDLC, security testing can be better planned and simply executed.


Seller Details
Year Founded
2006
HQ Location
Paramus, NJ
Twitter
@Checkmarx
7,213 Twitter followers
LinkedIn® Page
www.linkedin.com
902 employees on LinkedIn®

IB
Overview Provided by:

Recent Checkmarx Reviews

Verified User
A
Verified UserEnterprise (> 1000 emp.)
4.5 out of 5
"Brilliant Code to Cloud Application"
Is so user friendly and it is very easy to become familiar with all the numerous features. Although I wasn't around for the implementation, I've f...
Abhineet S.
AS
Abhineet S.Mid-Market (51-1000 emp.)
5.0 out of 5
"Best in class SAST solution in the market"
I like the SAST-ification thing in overall, it is having all offering varies from source code scans to sca, to license scanning and does a great jo...
Verified User
U
Verified UserSmall-Business (50 or fewer emp.)
4.0 out of 5
"Innovative"
This is a very innovative company. The product is safe.
Security Badge
This seller hasn't added their security information yet. Let them know that you'd like them to add it.
0 people requested security information

Checkmarx Media

Checkmarx Demo - Best Fix Location
CxSAST's Best Fix Location offers the most efficient place to remediate code to fix as many vulnerabilities as possible with one code change.
Checkmarx Demo - Checkmarx Reporting
Simple, user-friendly reporting for all your analytical needs.
Answer a few questions to help the Checkmarx community
Have you used Checkmarx before?
Yes

35 Checkmarx Reviews

4.2 out of 5
The next elements are filters and will change the displayed results once they are selected.
Search reviews
Popular Mentions
The next elements are radio elements and sort the displayed results by the item selected and will update the results displayed.
Hide FiltersMore Filters
The next elements are filters and will change the displayed results once they are selected.
The next elements are filters and will change the displayed results once they are selected.
35 Checkmarx Reviews
4.2 out of 5
35 Checkmarx Reviews
4.2 out of 5

Checkmarx Pros and Cons

How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Cons

Overall Review Sentiment for CheckmarxQuestion

Time to Implement
<1 day
>12 months
Return on Investment
<6 months
48+ months
Ease of Setup
0 (Difficult)
10 (Easy)
Log In
Want to see more insights from verified reviewers?
Log in to view review sentiment.
G2 reviews are authentic and verified.
Verified User in Retail
AR
Enterprise(> 1000 emp.)
More Options
Validated Reviewer
Verified Current User
Review source: G2 Gives Campaign
Incentivized Review
What do you like best about Checkmarx?

Is so user friendly and it is very easy to become familiar with all the numerous features. Although I wasn't around for the implementation, I've found that it is relatively straightforward to integrate further functionality. The Scanning tools (IaC, SAST, SCA, API etc.) are all excellent and provide us with all the staus and visibility that we require. If we ever have issues that can't be resolved the Customer Support team at Checkmarx always are there to help us out. Review collected by and hosted on G2.com.

What do you dislike about Checkmarx?

The dahsboards layour and display could be improved. Review collected by and hosted on G2.com.

What problems is Checkmarx solving and how is that benefiting you?

Checkmarx is being used mainly for the scanning and checking of code before it makes the journey to the Cloud (AWS). We are using it to look at all the languages and frameworks that we have in our Tech/Data Stack that are incorporated into our IT Landscape. One of the main benefits is that it allows our developers to identify, detect and remediate vulnerabilities at source. It also allows them to edit queries easily and quickly. Review collected by and hosted on G2.com.

Abhineet S.
AS
Senior Consultant - I
Mid-Market(51-1000 emp.)
More Options
Validated Reviewer
Review source: G2 invite
Incentivized Review
(Original )Information
What do you like best about Checkmarx?

I like the SAST-ification thing in overall, it is having all offering varies from source code scans to sca, to license scanning and does a great job finding vulnerabilities. It is easy to use and visually easy to look around for the bugs. Similarly very optimized so that we can integrate with the CI/CD pipelines Review collected by and hosted on G2.com.

What do you dislike about Checkmarx?

The cost acquiring in all of the modules is pretty high. Review collected by and hosted on G2.com.

What problems is Checkmarx solving and how is that benefiting you?

Solving major bugs right from the code by applying shift left approach in an easier way. Review collected by and hosted on G2.com.

TM
Mid-Market(51-1000 emp.)
More Options
Validated Reviewer
Review source: Organic
What do you like best about Checkmarx?

UI implementations are really good (Data Flow Matrixes)

suggestions are provided for the most suitable place to fix a set of vulnerabilities.

Most of the integrations are working seamlessly Review collected by and hosted on G2.com.

What do you dislike about Checkmarx?

Support service is getting delayed sometimes

Some of the findings tend to be false positives

Scanning time is slow when compared with other tools.

Some of the IDE integrations aren't working as intended. Review collected by and hosted on G2.com.

What problems is Checkmarx solving and how is that benefiting you?

Checkmarks provided a lot of visibility to our development cycles. It has the capability to scan the entire GitHub or scan a specific branch. Using the Checkmarks tool we were able to stop major vulnerabilities appears in production. Review collected by and hosted on G2.com.

Verified User in Computer & Network Security
UC
Mid-Market(51-1000 emp.)
More Options
Validated Reviewer
Review source: Organic
What do you like best about Checkmarx?

Integration with CI/CD is pretty fetatureful. Review collected by and hosted on G2.com.

What do you dislike about Checkmarx?

High number of false positives unless you carefully tailor it to each project. Review collected by and hosted on G2.com.

What problems is Checkmarx solving and how is that benefiting you?

Automatic CI/CD SAST testing before each new feature or release. Review collected by and hosted on G2.com.

sanjay s.
SS
Security Analyst
Small-Business(50 or fewer emp.)
More Options
Validated Reviewer
Review source: G2 invite
Incentivized Review
(Original )Information
What do you like best about Checkmarx?

Checkmarx Tool Scans the code pretty well. Gives accurate results in-depth analysis can be done because checkmarx provides Flow of code from source till the values getting executed Review collected by and hosted on G2.com.

What do you dislike about Checkmarx?

Checkmarx reports false positives issues a lot. If it's a big application code base it's tough to control the number of false positive issues to analyse.Reporting can also be improved Review collected by and hosted on G2.com.

What problems is Checkmarx solving and how is that benefiting you?

Checkmarx tool has Library scanning as well. It gives accurate results in reporting Vulnerable libraries. Accuracy has been spot on when it comes to reporting Library issues Review collected by and hosted on G2.com.

Pankaj W.
PW
Specialist - Information Security
Enterprise(> 1000 emp.)
More Options
Validated Reviewer
Review source: G2 invite
Incentivized Review
(Original )Information
What do you like best about Checkmarx?

The most valuable features are the easy to understand interface, and it 's very user-friendly. Reduce the code using cxsast plugin. It will scan code line by line and find most of vulnerabilities. Very easy to use. Vulnerability report is awesome. Review collected by and hosted on G2.com.

What do you dislike about Checkmarx?

UI should update. Reduce the false positive. Please upgrade rules set to avoid the false positive. Review collected by and hosted on G2.com.

What problems is Checkmarx solving and how is that benefiting you?

It will find the vulnerabilities like SQL injection, cross site scripting, command injection, Xxe etc vulnerabilities. Scan speed is very good. We can review the issue easily. Review collected by and hosted on G2.com.

Sujeet S.
SS
Technology Lead
Mid-Market(51-1000 emp.)
More Options
Validated Reviewer
Verified Current User
Review source: G2 invite
Incentivized Review
What do you like best about Checkmarx?

Checkmarx has an impressive Codebashing feature that has the edge over SonarQube. The application tracking-reporting feature is good too. I like the "delta-scan" feature as it is really good for cases when there are very frequent scans needed (e.g. with every major code commit, we don't want the entire source code scan to happen again). Having used both tools extensively (SonarQube and Checkmarx), I prefer Checkmarx overall. Checkmarx also fares better compared to peers when it comes to finding any vulnerabilities within the database. Since ours is a user-information driven applicaiton, it becomes even more imminent to identify the data-specfic vulnerabilities at the earliest. Review collected by and hosted on G2.com.

What do you dislike about Checkmarx?

Dashboarding could be better. The UI to show the current issue and the descriptive/suggestive text for the potential fix could be more "obvious" to the end-users. SonarQube scores over checkmarx in this regard.

Also, dashboarding could provide a little more flexibility towards the creation of new widgets.

One ore thing that I disliked about Checkmarx is that I could not find a free version in the market. Even for making an initial comparison, I had to contact the sales rep (the sales rep were pretty quick to respond, though). Review collected by and hosted on G2.com.

Recommendations to others considering Checkmarx:

Check your organization's needs. Checkmarx is comparitively expensive, and there is no free edition to try out first, as far as I know. Review collected by and hosted on G2.com.

What problems is Checkmarx solving and how is that benefiting you?

Static code analysis helps identify AppSec related issues at the earliest. Also, integration with the CICD pipeline ensures quality gating.

Ours is new product development in the earlier stages, and checkmarx is truly helping us by providing the developers and early insight into what could be done "right" from the beginning and instill a culture of finding issues at the earlier stage of development. Review collected by and hosted on G2.com.

Verified User in Higher Education
UH
Enterprise(> 1000 emp.)
More Options
Validated Reviewer
Review source: G2 invite
Incentivized Review
What do you like best about Checkmarx?

Easy to scan any application to find any security threats Review collected by and hosted on G2.com.

What do you dislike about Checkmarx?

After marking false positives still, sometimes it shows the same issue as a security issue as high or critical. Review collected by and hosted on G2.com.

What problems is Checkmarx solving and how is that benefiting you?

Security vulnerabilities scan for application. Yes, it helps be updated with Jars helping to escape being hacked. Review collected by and hosted on G2.com.

Verified User in Investment Banking
UI
Enterprise(> 1000 emp.)
More Options
Validated Reviewer
Review source: Organic
What do you like best about Checkmarx?

It identifies all the security vulnerabilities making your code secure than ever before. It also categorises the vulnerability into different categories based on the risk associated. Can be easily integrated with your CI pipeline to have you code scan with every build Review collected by and hosted on G2.com.

What do you dislike about Checkmarx?

We can have a more better and user friendly UI to go through the report. Review collected by and hosted on G2.com.

What problems is Checkmarx solving and how is that benefiting you?

Identifying the vulnerability before the code goes into production so that all the risks can be mitigated and we don't have to worry about it once code gets live Review collected by and hosted on G2.com.

Verified User in Banking
UB
Enterprise(> 1000 emp.)
More Options
Validated Reviewer
Review source: G2 invite
Incentivized Review
What do you like best about Checkmarx?

The best features of Checkmarx are:

1) Open Source vulnerability scanner

2) Integration with multiple Ci/CD orchestration tools

3) Real-time reporting of static code vulnerabilities Review collected by and hosted on G2.com.

What do you dislike about Checkmarx?

I feel the Jenkins code snippet of Checkmarx is a bit complex, and it could be a lot simpler. Review collected by and hosted on G2.com.

What problems is Checkmarx solving and how is that benefiting you?

We have enabled SAST in our CI/CD pipelines using Checkmarx. It saves a lot of time as the integration of Checkmarx with our CI/CD orchestration tool achieves maximum automation and reduces the time significantly. Review collected by and hosted on G2.com.