Codebashing Reviews

We are a solution provider and this is one of the products that we are evaluating.

We use Codebashing to provide users with different exercises for Python and UI. It allows them to practice.

The most valuable feature is the integration with WhiteSource, which allows for open-source scanning. It helps bring everything together in one solution.

The knowledge base is good.

Codebashing should be available for everybody to use without having to obtain a license.

This solution is available for Windows only and does not have a Linux distribution.

We are currently conducting a PoC for different customers.

We have not yet needed to contact technical support.

Everything was fine in terms of the initial setup.

We have our own in-house team for deployment and maintenance.

This solution is not freeware and more expensive than similar products.

I have tested several areas of Codebashing and have used some of the labs that they provide. The labs are useful because you can find examples of flags and known vulnerabilities. It is different from other products.

I would rate this solution a six out of ten.

We primarily use the solution as part of an integration with the CI pipeline.

The solution did the job properly for us. It's quite good.

The security software, especially in comparison to other competitor's offerings, is quite good.

There's a lot of flexibility and there are a lot of configuration options.

I can't recall any real issues we had using the solution in the past.

The solution should make the configuration more simple. Sometimes the configuration is complex.

In future releases, the solution should introduce incremental objects. 

I'd like to be able to check what the developers are doing on the fly.

I've been working with the solution for about a year or maybe a bit more. The last time I worked with it was three months ago.

The stability of the solution is excellent. I'd rate it ten out of ten. It's very reliable.

I don't know enough about the scalability potential to feel comfortable commenting on it.

I've been in touch with technical support in the past. I'd rate them ten out of ten. They are very good. We've been satisfied with the level of support we've received.

The initial setup, as I understand it, is not very easy. It takes some time. The integrations and the configurations end up taking a lot of time to get right.

Deployment times depend on the company and the environment. It could take anywhere from one to two weeks.

In general, a company needs a team of four or five people to support everything (including changing queries, etc.). There is an option to do it on the customer side or via the solution's support. It depends on the licensing a company chooses.

Depending on the licensing chosen by the company, the deployment is either handled internally or by the solution's technical support team directly.

We've seen an ROI of about 30% after about one year.

I'm unsure of the licensing costs for the solution. I believe their managed services have different costs.

We are not a customer of the solution at my current organization. We are currently running a POC. However, in my previous position, I was a customer.

I'd rate the solution nine out of ten.

It's a hard solution for developers to just start using. It's not so easy to just jump into. It takes time.

We are a service company, and we have a lot of projects for mobile app security. Our customers use JavaScript and Objective-C to code the backend of their systems, and our security experts use this solution to show our customers what needs to be fixed in their environment.

We use a classic cloud service, but from a vendor, so we have a private cloud deployment. In the future, we may switch to an on-premises solution.

This solution has an interactive approach that allows you to quickly receive basic knowledge about vulnerabilities and how they should be fixed. It is easy to understand how it works, and how things should be fixed. Everything is in one place.

This product will integrate well with a socket solution. When a vulnerability is detected, you can redirect to CodeBaching, which is very useful.

This solution is very comfortable for developers, even at the junior level.

We would like to be able to add our own lessons to the platform because right now we can't add our own information. It would be helpful to create a "lesson platform", for example. 

It would be helpful if the solution included tests or exams that would allow you to study, for example, all Java vulnerabilities, and then afterward test your knowledge. This is a typical functionality for learning platforms.

I would like to see more integration with other educational platforms. They have a good start because it integrates well with their own solutions.

This is a stable solution. We have never had a situation where we could not connect to the vendor's cloud.

We currently have three users, and they are experts in information security.

We have not needed to contact technical support for this solution because everything is clear. We have dealt with the same vendor for other solutions and they have a very quick response. They also have Russian speakers available.

Some of our customers used their own products before switching to Codebashing.

We just used documentation and materials from other languages, but it is not as comfortable. In Codebashing, you have one solution for all languages. Previously, we needed to find something for Java, and then something for C, then try to understand what might be a good description and come up with an example. We spent a lot of time on this process.

The initial setup of this solution is very easy. Checkmarx has very good instructions and user manuals, so there are not many problems when it comes to installing and configuring their products.

We deployed this solution with our in-house engineers. There is a lot of technical documentation on the Checkmarx Wikibase, and it's an open base. There are very good examples with screenshots and step-by-step instructions.

We did not evaluate other solutions before choosing this one.

This is a solution that I recommend to people who have a Checkmarx socket implementation because it is good to have a platform with this training program included. Otherwise, it depends on the customer. If they have a lot of their own code development then training is needed. However, in some cases, where they have good experts with a lot of knowledge, then their own experts can teach the staff.

For companies that do not have information security experts available for training, then this is a very good platform to have because it has very clear and quick lessons. 

This product is good and it is reliable.

I would rate this solution a seven out of ten.