We performed a comparison between Checkmarx One and Seeker based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST)."Less false positive errors as compared to any other solution."
"The solution is always updating to continuously add items that create a level of safety from vulnerabilities. It's one of the key features they provide that's an excellent selling point. They're always ahead of the game when it comes to finding any vulnerabilities within the database."
"The administration in Checkmarx is very good."
"From my point of view, it is the best product on the market."
"Vulnerability details is valuable."
"It is a stable product."
"We use the solution for dynamic application testing."
"We were using HPE Security Fortify to scan code for security vulnerabilities, but it can scan only after a successful compile. If the code has dependencies or build errors, the scan fails. With Checkmarx, pre-compile scanning is seamless. This allows us to scan more code."
"A significant advantage of Seeker is that it is an interactive scanner, and we have found it to be much more effective in reducing the amount of false positives than dynamic scanners such as AppScan, Micro Focus Fortify, etc. Furthermore, with Seeker, we are finding more and more valid (i.e. "true") positives over time compared with the dynamic scanners."
"Creating and editing custom rules in Checkmarx is difficult because the license for the editor comes at an additional cost, and there is a steep learning curve."
"Licensing models and Swift language support are the aspects in which this product needs to improve. Swift is a new language, in which major customers require support for lower prices."
"As the solution becomes more complex and feature rich, it takes more time to debug and resolve problems. Feature-wise, we have no complaints, but Checkmarx becomes harder to maintain as the product becomes more complex. When I talk to support, it takes them longer to fix the problem than it used to."
"Checkmarx needs to be more scalable for large enterprise companies."
"The product can be improved by continuing to expand the application languages and frameworks that can be scanned for vulnerabilities. This includes expanded coverage for mobile applications as well as open-source development tools."
"It would be really helpful if the level of confidence was included, with respect to identified issues."
"It is an expensive solution."
"Checkmarx could improve the solution reports and false positives. The false positives could be reduced. For example, we have alerts that are tagged as vulnerabilities but when you drill down they are not."
"One area that Seeker can improve is to make it more customizable. All security scanning tools have a defined set of rules that are based on certain criteria which they will use to detect issues. However, the criteria that you set initially is not something that all applications are going to need."
Checkmarx One is ranked 3rd in Static Application Security Testing (SAST) with 67 reviews while Seeker is ranked 25th in Static Application Security Testing (SAST) with 1 review. Checkmarx One is rated 7.6, while Seeker is rated 7.0. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Seeker writes "More effective than dynamic scanners, but is missing useful learning capabilities". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Seeker is most compared with Synopsys API Security Testing, Coverity, Contrast Security Assess, SonarQube and HCL AppScan.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.