Checkmarx One and GitHub compete in application security and source code management, respectively. Checkmarx One is advantageous for its comprehensive scanning capabilities and robust security features, while GitHub has an edge in collaboration and ease of integration.
Features: Checkmarx One excels in static and dynamic application security testing with fast performance, comprehensive scanning, and strong support for multiple languages. GitHub focuses on efficient source code management with version control, collaboration tools, and seamless integration with other platforms.
Room for Improvement: Checkmarx One users suggest reducing false positives, enhancing report customization, and improving CI/CD pipeline integration. GitHub users desire better security, improved conflict resolution tools, and enhanced user interface elements.
Ease of Deployment and Customer Service: Checkmarx One offers flexibility with options for on-premises and hybrid cloud deployments, appealing to enterprises. GitHub, focusing on public cloud deployment, provides a straightforward solution with strong community support.
Pricing and ROI: Checkmarx One is a premium solution with higher costs justified by security features and a strong ROI through faster release cycles. GitHub offers free and competitively priced plans, making it accessible to individuals and small teams with advanced features at a cost-effective rate.
I have not used GitHub's technical support extensively because there are many resources and a robust knowledge base available due to the large user community.
The technical support from GitHub is generally good, and they communicate effectively.
Some forums help you get answers faster since you just type in your concern and see resolutions from other engineers.
We have never had a problem with scalability, so I would rate it at least eight to nine.
GitHub is more scalable than on-prem solutions, allowing for cloud-based scaling which is beneficial for processing large workloads efficiently.
I would rate the stability of this solution a nine on a scale of 1 to 10 where one is low stability and 10 is high.
It provides a reliable environment for code management.
If a skilled developer uses it, it is ten out of ten for stability.
GitHub is mostly stable, but there can be occasional hiccups.
It could suggest how the code base is written and automatically populate the source code with three different solution options to choose from.
When solving merge conflicts, it would be helpful to have tooltips within the actions to know what changes could happen next when resolving a conflict.
There are still areas for improvement with GitHub Actions and their deployment workflows, as they have made significant progress but are not yet polished.
Sometimes we do not get the exact solution, and the suggested solution does not work, so GitHub could improve in that area.
The pricing of GitHub is reasonable, with the cost being around seven dollars per user per month for private repositories.
Normally, GitHub is not expensive, but it would be welcome if it reduces costs for developing countries.
The pricing of GitHub depends on the choice of solutions, such as building one's own GitHub Runners to save money or using GitHub's Runners with extra costs.
My experience with the initial setup of Checkmarx One is straightforward; it is not complex compared to other tools that I have tried.
GitHub Actions for CI/CD implementation.
I like how I can create different builds from different branches, which helps me as a QA to test certain features separately from the main application.
GitHub Actions allow for creating multiple jobs that run in different stages such as build, test, and deploy, which enable better visibility and control over the deployment pipeline.
Checkmarx One is an enterprise cloud-native application security platform focused on providing cross-tool, correlated results to help AppSec and developer teams prioritize where to focus time and resources.
Checkmarx One offers comprehensive application scanning across the SDLC:
Checkmarx One provides everything you need to secure application development from the first line of code through deployment and runtime in the cloud. With an ever-evolving set of AppSec engines, correlation and prioritization features, and AI capabilities, Checkmarx One helps consolidate expanding lists of AppSec tools and make better sense of results. Its capabilities are designed to provide an improved developer experience to build trust with development teams and ensure the success of your AppSec program investment.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
