We performed a comparison between Checkmarx One and GitLab based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution is always updating to continuously add items that create a level of safety from vulnerabilities. It's one of the key features they provide that's an excellent selling point. They're always ahead of the game when it comes to finding any vulnerabilities within the database."
"It has all the features we need."
"The process of remediating software security vulnerabilities can now be performed (ongoing) as portions of the application are being built in advance of being compiled."
"The most valuable feature of Checkmarx is the user interface, it is very easy to use. We do not need to configure anything, we only have to scan to see the results."
"The most valuable feature is the simple user interface."
"The SAST component was absolutely 100% stable."
"Overall, the ability to find vulnerabilities in the code is better than the tool that we were using before."
"The features and technologies are very good. The flexibility and the roadmap have also been very good. They're at the forefront of delivering the additional capabilities that are required with cloud delivery, etc. Their ability to deliver what customers require and when they require is very important."
"I have found the most valuable features of GitLab are the GitClone, GitPush, GitPull, GitMatch, GitMit, GitCommit, and GitStatus."
"The most valuable feature of GitLab is the automatic merging of code."
"It is very flexible and easy because you can store data on cloud."
"The tool helps to integrate CI/CD pipeline deployments. It is very easy to learn. Its security model is good."
"Of all available products, it was the easiest to use and easy to install."
"CI/CD is valuable for me."
"CI/CD is very good. The version control system is also good. These are the two features that we use."
"The solution makes the CI/CD pipelines easy to execute."
"The interactive application security testing, or IAST, the interactive part where you're looking at an application that lives in a runtime environment on a server or virtual machine, needs improvement."
"The resolutions should also be provided. For example, if the user faces any problem regarding an installation due to the internal security policies of their company, there should be a resolution offered."
"The solution sometimes reports a false auditable code or false positive."
"We can run only one project at a time."
"Implementing a blackout time for any user or teams: Needs improvement."
"Its pricing model can be improved. Sometimes, it is a little complex to understand its pricing model."
"The plugins for the development environment have room for improvements such as for Android Studio and X code."
"In terms of dashboarding, the solution could provide a little more flexibility in terms of creating more dashboards. It has some of its own dashboards that come out of the box. However, if I have to implement my own dashboards that are aligned to my organization's requirements, that dashboarding feature has limited capability right now."
"The initial setup was quite challenging because it takes some time to understand how to pull out or push the code."
"Based on what I know so far, its integration with Kubernetes is not so good. We have to develop many things to make it work. We have to acquire third-party components to work with Kubernetes."
"The user interface could be more user-friendly. We do most of our operations through the website interface but it could be better."
"The integration and storage capabilities could be better."
"Expand features to match other tools such as a static code analysis tool so third-party integrations are not required."
"The only thing our company is really waiting on in terms of features is the development of metrics."
"For as long as I have used GitLab, I haven't encountered any major limitations. However, I think that perhaps the search functionality could be better."
"The price of GitLab could improve, it is high."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while GitLab is ranked 7th in Application Security Tools with 70 reviews. Checkmarx One is rated 7.6, while GitLab is rated 8.6. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Fortify WebInspect, whereas GitLab is most compared with Microsoft Azure DevOps, Bamboo, SonarQube, AWS CodePipeline and Tekton. See our Checkmarx One vs. GitLab report.
See our list of best Application Security Tools vendors, best Static Application Security Testing (SAST) vendors, and best DevSecOps vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.