We use Checkmarx to review the source code for the external applications that we expose to the cloud or other servers on the internet.
We received two main benefits from Checkmarx:
- Better Security
- Saving Time
I recommend Checkmarx to be sure that your development has robust security. For your team management, Checkmarx has a very nice feature to check out manual staff in the process.
The most valuable features of Checkmarx are the Best Fix Location and the Payments option because you can save a lot of time trying to mitigate the configuration. Using these tools can save you a lot of time.
Checkmarx could probably do something to improve their license model. If you have a small company, or if you have a small team with just one or two applications, the entry-level price is too high for such a company.
You can find all the solutions offered by Checkmarx through other solutions providers. That is why this type of company needs to be more flexible.
In this space, you have a security code and also you have a quality code. It is totally different in terms of investment. In terms of functionality, there are a lot of differences between the various competing products.
With Checkmarx, normally you need to use one tool for quality and you need to use another tool for security. I understand that Checkmarx is not in the parity space because it's totally different, but they could include some free features or recommendations too.
The problem with Checkmarx lies with the pricing and licensing, not the product itself. The product is very good.
One to three years.
Checkmarx is a good product, certainly stable.
The scalability is good. We haven't had any problems with it.
Our experience with technical support is good. They have a lot of expert staff on their customer service lines. We have had no problems with their technical support services.
We used Veracode for some time and it's also a good solution. Veracode fits better for small companies. It's more automatic.
Checkmarx is more complete and they have more features to support our development team and security team requirements.
In general, Checkmarx is a better solution, but it's more complicated, especially in terms of the price for a small company.
Our deployment of Checkmarx took a couple of days, at max, a week.
The setup was a long time back, but I know that we did not use a reseller or consultant for the deployment.
We evaluated some products from a company in Spain. Checkmarx provided better functionality and options for us.
We have a small team. It is about four people in total. We do not require that many staff for the deployment and maintenance of Checkmarx.
We are testing the solution in a small local company. Our idea is to expand the use of it to our clients in the West.
In this space, you can have different points of view and if only you are looking for a solution to do a check in your auditory report, then you can choose anyone.
If you really are worried about your business, i.e. about your development sites or development environments, Checkmarx is a great solution.
I would rate Checkmarx a nine out of ten because of the price, but technically for me, it is a 10.
I would rate Checkmarx with a nine because it would be perfect at a more functional level, and could be better at providing these features for parity.
If you research what Checkmarx is offering in their package distribution, you get exactly what they promise up front, so they are not lying.