We performed a comparison between Checkmarx One and GitHub based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Apart from software scanning, software composition scanning is valuable."
"The feature that I have found most valuable is that its number of false positives is less than the other security application platforms. Its ease of use is another good feature. It also supports most of the languages."
"The most valuable features of Checkmarx are the SCA module and the code-checking module. Additionally, the solutions are explanatory and helpful."
"Scan reviews can occur during the development lifecycle."
"We use the solution for dynamic application testing."
"The most valuable features of Checkmarx are the automation and information that it provides in the reports."
"We use the solution to validate the source code and do SAST and security analysis."
"The most valuable feature is that it actually identifies the different criteria you can set to meet whatever standards you're trying to get your system accredited for."
"GitHub's merging feature is much better than that of other products because merging is done daily."
"If you want to share documents, you can create articles and diagrams with GitHub and share."
"The best feature is the ability to track the history of all code changes, and it's easy to use. Additionally, as it's open source, anyone can use that feature resulting in distributed development. This opens the door to collaboration with different code and developer, feature, and master branches of development."
"A great feature is being able to have different repositories and different kinds of projects in a single solution at a single time. It's just a click away."
"The most valuable feature is help offered by the community for open-source projects."
"This product is very good for storing and versioning code."
"I have found GitHub stable."
"We can make a private repository."
"I would like to see the tool’s pricing improved."
"They can support the remaining languages that are currently not supported. They can also create a different model that can identify zero-day attacks. They can work on different patterns to identify and detect zero-day vulnerability attacks."
"Checkmarx could improve the speed of the scans."
"We are trying to find out if there is a way to identify the run-time null values. I am analyzing different tools to check if there is any tool that supports run-time null value identification, but I don't think any of the tools in the market currently supports this feature. It would be helpful if Checkmarx can identify and throw an exception for a null value at the run time. It would make things a lot easier if there is a way for Checkmarx to identify nullable fields or hard-coded values in the code. The accessibility for customized Checkmarx rules is currently limited and should be improved. In addition, it would be great if Checkmarx can do static code and dynamic code validation. It does a lot of security-related scanning, and it should also do static code and dynamic code validation. Currently, for security-related validation, we are using Checkmarx, and for static code and dynamic code validation, we are using some other tools. We are spending money on different tools. We can pay a little extra money and use Checkmarx for everything."
"This product requires you to create your own rulesets. You have to do a lot of customization."
"The integration could improve by including, for example, DevSecOps."
"If it is a very large code base then we have a problem where we cannot scan it."
"C, C++, VB and T-SQL are not supported by this product. Although, C and C++ were advertised as being supported."
"GitHub could expand the limits of the free version."
"Lacks sufficient support in terms of professional services that could be provided."
"The merging features can be improved."
"GitHub could have better integration or capability with other solutions."
"It would be good if there were training materials for junior developers."
"I decided not to use GitHub but developed my tool because I found it more efficient. I'm familiar with my tools, making them easier to use. I like being able to customize them to fit my workflow and the way I think.. Software development is like a personal workshop, and I tailor my version control to match my approach."
"The initial setup requires heavy documentation which can be challenging for new developers."
"The solution can improve by adding video guides, official guides, or short courses that cater to beginners who are new to the system. These resources could offer step-by-step guidance on how to use GitHub, including common procedures such as pulling and committing. Currently, many of us have to resort to searching for information on how to do these tasks via Google. An official guide provided by GitHub itself would be a valuable asset to newcomers and would save them time and effort."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while GitHub is ranked 9th in Application Security Tools with 74 reviews. Checkmarx One is rated 7.6, while GitHub is rated 8.6. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of GitHub writes "Beneficial version control and continuous integration, but guides would be helpful". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and GitLab, whereas GitHub is most compared with Snyk, AWS CodeCommit, Fortify on Demand, Bitbucket and IBM Rational ClearCase. See our Checkmarx One vs. GitHub report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.