4.6 out of 5 (17 Ratings)
Dec 15, 2016
CheckMarx perfectly aligns with requirements of centralized cross-product application security team responsible for 100s of products/applications.
Dec 8, 2016
The product works well and is certainly of benefit, but I find that intricate issues can take a while for support to acknowledge and create fixes for.
Nov 22, 2016
Great Partnership and focussed effort to help us automate SAST capabilities at organizational scale
Nov 17, 2016
Experienced some deployment and licensing hiccups, upgrade surprises and some interesting desktop software behavior, but overall I feel it's working better than the previous solution we had implemented.
Nov 17, 2016
Very good experience with the breadth of issues and explanations about remediation steps.
Oct 13, 2016
We run PoC and found that Checkmarx was better than Fortify and IBM App Scan, also better audit experience. Installation was easy and it uses resources more efficiently (DB/disk)
Oct 12, 2016
Product fulfills requirements, good support, and relationship to the company.
Sep 14, 2016
We are very satisfied with the features offered by the tool and the reactivity of Checkmarx.
Sep 6, 2016
We compared the CxSAST (Checkmarx Static Analysis Suite) against solutions from Fortify and Coverity. We found that CxSAST was better than Fortify and on-par with Coverity in terms of out-of-the-box performance, however the impressive programmability of the CxSAST, much broader programming language support, and their rapid-release process made them the clear winner. Once we purchased, we were happy with the responsiveness of support, speed of fixing issues, and their local support representatives. The product continues to rapidly involve and impress. The UI has been greatly improved. The plugins allowing integration with third party services are a significant value add. Areas that need improvement: The software only works in windows environment and requires an MS SQL database that must be separately purchased, two things that no other product in this space requires and which add cost to deploying the solution over the use of free operating systems and open source databases that are bundled. The installation process when performing non-standard installs is high tough, as it requires manually editing multiple configuration xml files on different hosts. There is also some paranoia: the licensing restrictions are excessive for no apparent reason. E.g. things like the number of company managers are not actually paid for but are restricted on a per-license basis, so they must be accurately scoped in advance and are difficult to change without going contacting support and obtaining a new license, even though sales are not made on the basis of how many company managers there are. To download the zip file to obtain updates requires entering a password that must first be requested by support, making this process also high touch.
Aug 30, 2016
Product technology is solid and fits our needs.