Try our new research platform with insights from 80,000+ expert users

Checkmarx One vs NowSecure comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Checkmarx One
Ranking in Static Application Security Testing (SAST)
3rd
Average Rating
7.6
Reviews Sentiment
7.9
Number of Reviews
70
Ranking in other categories
Application Security Tools (3rd), Vulnerability Management (16th), Static Code Analysis (2nd), API Security (2nd), DevSecOps (2nd), Risk-Based Vulnerability Management (5th)
NowSecure
Ranking in Static Application Security Testing (SAST)
35th
Average Rating
7.0
Number of Reviews
1
Ranking in other categories
Mobile App Testing Tools (17th)
 

Mindshare comparison

As of November 2024, in the Static Application Security Testing (SAST) category, the mindshare of Checkmarx One is 12.8%, down from 13.8% compared to the previous year. The mindshare of NowSecure is 0.2%, down from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Static Application Security Testing (SAST)
 

Featured Reviews

Rohit Kesharwani - PeerSpot reviewer
Feb 19, 2024
Provides good security analysis and security identification within the source code
We use the solution to validate the source code and do SAST and security analysis. Checkmarx dynamics code analysis improved our software security posture by showcasing vulnerabilities within the code and identifying or providing recommendations on how to improve The solution's user interface…
AN
Jun 15, 2021
Scalable and reliable, but dynamic analysis needs improvement
We use this solution for application security testing The most valuable feature is the ability to download an application without actually putting in the APK. It gives us an option to put the APK in if we want to but we can download it from the App Store and Play Store. In this solution, there…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features of Checkmarx are the SCA module and the code-checking module. Additionally, the solutions are explanatory and helpful."
"Helps us check vulnerabilities in our SAP Fiori application."
"The UI is user-friendly."
"The most valuable feature for me is the Jenkins Plugin."
"The solution has good performance, it is able to compute in 10 to 15 minutes."
"The SAST component was absolutely 100% stable."
"The most valuable feature is the simple user interface."
"The solution is scalable, but other solutions are better."
"The most valuable feature is the ability to download an application without actually putting in the APK. It gives us an option to put the APK in if we want to but we can download it from the App Store and Play Store."
 

Cons

"C, C++, VB and T-SQL are not supported by this product. Although, C and C++ were advertised as being supported."
"There is nothing particular that I don't like in this solution. It can have more integrations, but the integrations that we would like are in the roadmap anyway, and they just need to deliver the roadmap. What I like about the roadmap is that it is going where it needs to go. If I were to look at the roadmap, there is nothing that is jumping out there that says to me, "Yeah. I'd like something else on the roadmap." What they're looking to deliver is what I would expect and forecast them to deliver."
"This product requires you to create your own rulesets. You have to do a lot of customization."
"Checkmarx could improve the REST APIs by including automation."
"Its pricing model can be improved. Sometimes, it is a little complex to understand its pricing model."
"I would like the product to include more debugging and developed tools. It needs to also add enhancements on the coding side."
"The validation process needs to be sped up."
"It is an expensive solution."
"In this solution, there are two kinds of testing, static analysis, and dynamic analysis. There needs some improvement in testing with dynamic analysis because I have found it is not accurate"
 

Pricing and Cost Advice

"It's relatively expensive."
"It is a good product but a little overpriced."
"Be cautious of the one-year subscription date. Once it expires, your price will go up."
"​Checkmarx is not a cheap scanning tool, but none of the security tools are cheap. Checkmarx is a powerful scanning tool, and it’s essential to have one of these products."
"The pricing was not very good. This is just a framework which shouldn’t cost so much."
"We're using a commercial version of Checkmarx, and we paid for the solution for one year. The price is high and could be reduced."
"The license has a vague language around P1 issues and the associated support. Make sure to review these in order to align them with your organizational policies."
"The solution's price is high and you pay based on the number of users."
Information not available
report
Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
21%
Computer Software Company
15%
Manufacturing Company
10%
Government
5%
Financial Services Firm
22%
Computer Software Company
15%
Healthcare Company
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What alternatives are there for Fortify WebInspect and Fortify SCA?
I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as well. Veracode is only a cloud solution. Hope this helps.
What do you like most about Checkmarx?
Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%.
What is your experience regarding pricing and costs for Checkmarx?
The pricing is relatively expensive due to the product's quality and performance, but it is worth it.
Ask a question
Earn 20 points
 

Learn More

Video not available
 

Overview

 

Sample Customers

YIT, Salesforce, Coca-Cola, SAP, U.S. Army, Liveperson, Playtech Case Study: Liveperson Implements Innovative Secure SDLC
Vaporstream, FIS, MEA Financial, Silent Circle, Capital One, Citi, EY, EMC, Emerson, Kaiser Permanente, The Home Depot, Humana, Shell, Kellogg's, TD Bank, VMware
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST). Updated: October 2024.
814,649 professionals have used our research since 2012.