Try our new research platform with insights from 80,000+ expert users

Checkmarx One vs Synopsys Software Risk Manager comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Customer Service

Sentiment score
7.4
Checkmarx One's support is generally rated positively for knowledgeability and quick responses, despite occasional delays and unresolved issues.
No sentiment score available
 

Room For Improvement

Sentiment score
4.7
Checkmarx One needs better accuracy, language support, integration, flexibility, UI customization, documentation, dynamic testing, and API security features.
No sentiment score available
 

Scalability Issues

Sentiment score
7.3
Checkmarx One is favored for its scalability and efficiency, though licensing and resource challenges are sometimes noted.
No sentiment score available
 

Setup Cost

Sentiment score
6.4
Checkmarx One is costly but valued for its robust security, despite complexity in setup and licensing options.
No sentiment score available
 

Stability Issues

Sentiment score
7.2
Checkmarx One is stable for most, but large codebase handling can cause crashes, memory issues, and configuration dependence.
No sentiment score available
 

Valuable Features

Sentiment score
8.4
Checkmarx One enhances secure coding with user-friendly interface, automation, and multi-language support, making it ideal for developers.
No sentiment score available
 

Categories and Ranking

Checkmarx One
Ranking in Static Application Security Testing (SAST)
3rd
Average Rating
7.6
Reviews Sentiment
7.1
Number of Reviews
70
Ranking in other categories
Application Security Tools (3rd), Vulnerability Management (16th), Static Code Analysis (2nd), API Security (2nd), DevSecOps (2nd), Risk-Based Vulnerability Management (5th)
Synopsys Software Risk Manager
Ranking in Static Application Security Testing (SAST)
34th
Average Rating
0.0
Reviews Sentiment
7.0
Number of Reviews
1
Ranking in other categories
Software Composition Analysis (SCA) (20th), Application Security Posture Management (ASPM) (6th)
 

Featured Reviews

Rohit Kesharwani - PeerSpot reviewer
Provides good security analysis and security identification within the source code
We integrate Checkmarx into our software development cycle using GitLab's CI/CD pipeline. Checkmark has been the most helpful for us in the development stage. The solution's incremental scanning feature has impacted our development speed. The solution's vulnerability detection is around 80% to 90% accurate. I would recommend Checkmarx to other users because it is one of the good tools for doing security analysis and security identification within the source code. Overall, I rate Checkmarx a nine out of ten.
Saravanan_Radhakrishnan - PeerSpot reviewer
Facilitates continuous assessment of applications, covering both static and dynamic security aspects
Code Dx lacks one aspect, the dynamic security part, known as DAST. It's not an on-premise solution; it's in the cloud now. There are compliance standards and data standards where the customer might need to have the data on-premises for dynamic security testing. So that is one shortfall. An area of improvement could be developing an on-premise DAST solution. The current one is a complete cloud-based solution, and that can be one of the areas of improvement.
report
Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
816,636 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
22%
Computer Software Company
15%
Manufacturing Company
10%
Government
5%
Financial Services Firm
18%
Manufacturing Company
13%
Computer Software Company
13%
Government
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What alternatives are there for Fortify WebInspect and Fortify SCA?
I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as well. Veracode is only a cloud solution. Hope this helps.
What do you like most about Checkmarx?
Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%.
What is your experience regarding pricing and costs for Checkmarx?
The pricing is relatively expensive due to the product's quality and performance, but it is worth it.
What do you like most about Synopsys Code Dx?
The customers were looking for something around static security and dynamic security, and in all those areas, they were looking for an industry leader with a proven solution. Synopsys is a Gartne...
What is your experience regarding pricing and costs for Synopsys Code Dx?
I would rate the pricing model an eight out of ten, where one is low and ten is high. Because it is more of an enterprise solution for budget-conscious customers. So, it's moderately priced. It's n...
What needs improvement with Synopsys Code Dx?
Code Dx lacks one aspect, the dynamic security part, known as DAST. It's not an on-premise solution; it's in the cloud now. There are compliance standards and data standards where the customer migh...
 

Also Known As

No data available
Code Dx
 

Overview

 

Sample Customers

YIT, Salesforce, Coca-Cola, SAP, U.S. Army, Liveperson, Playtech Case Study: Liveperson Implements Innovative Secure SDLC
Discover why companies like: CGI said, "Synopsys and Software Risk Manager have provided the results we’re looking for".
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST). Updated: November 2024.
816,636 professionals have used our research since 2012.