Checkmarx is not a cheap solution. For around 250 users or committers, the cost is approximately $500,000. However, the investment is justified considering the potential costs of security breaches and the benefits of improved security practices.
Checkmarx is comparatively costlier than other products, which is why some of the customers feel reluctant to go for it, though performance-wise, Checkmarx can compete with other products.
Security Architect at a financial services firm with 5,001-10,000 employees
Real User
Top 20
2022-10-06T15:42:53Z
Oct 6, 2022
As with other tools, if you want more, you have to pay more. You have to pay for additional modules or functionalities. For instance, if you want to do some scanning to external dependencies of the software, you have to buy another tool provided by Checkmarx. You have to pay for licenses for the number of projects that you want to scan and the number of users. I think you have to pay licenses for three features: the number of users, the projects, and I don't remember the other one.
Annually, the typical application scanning cost/setup would run anywhere from $75k to 150k, but that was dependent on the specific scanning requirements. There were no additional operating costs. There was a requirement or a request as a best practice for us to provide the appropriate professional services or implementation services to ensure that the product got off the ground by the time the licenses were purchased.
Head of IT Security Department at a energy/utilities company with 5,001-10,000 employees
Real User
2022-01-12T16:21:24Z
Jan 12, 2022
We're using a commercial version of Checkmarx, and we paid for the solution for two years. The price is high and could be reduced. The local distributor charges two times higher than in other countries.
Senior Cybersecurity Solution Architect at Dimension Data
Real User
2021-10-13T14:14:00Z
Oct 13, 2021
Most of my customers opted for a perpetual license. They prefer to pay the highest amount upfront for the perpetual license and then pay for additional support annually.
I express that I know the price structure and licensing models very well.Â
I constantly meet with the authorities on this subject and keep myself up to date. It is necessary to pay attention to the licensing model and talk about this issue with an expert. If you look at it from a purely monetary point of view, you may think it is expensive, but if you configure it correctly, you will understand that it is the best in terms of technology and acceptable in terms of price and performance.
Director and Co-Founder at a tech services company with 1-10 employees
Real User
2021-09-15T19:52:24Z
Sep 15, 2021
It is not expensive, but sometimes, their pricing model or licensing model is not very clear. There are similar variables, such as projects or developers, and sometimes, it is a little bit confusing.
Director at a tech services company with 11-50 employees
Reseller
2021-03-09T22:51:35Z
Mar 9, 2021
Its price is fair. It is in or around the right spot. Ultimately, if the price is wrong, customers won't commit, but they do tend to commit. It is neither too cheap nor too expensive.
Solution Manager at a computer software company with 201-500 employees
Reseller
2021-01-27T09:57:18Z
Jan 27, 2021
The cost might seem steep, however, it really depends on, first the size and requirements of your company. There are companies for which the speed of developing new features and developing them securely, is more valuable than for other organizations. This goes not only for Checkmarx. It goes for any automated desktop security platform in general. I definitely see the cases when the Checkmarx license is a reasonable expense. It just may not be for everyone.
The number of users and coverage for languages will have an impact on the cost of the license. We would like to deploy it for the whole company but it's a question of spending thousands of dollars. Investing $200,000 or $300,000 would be an upper management decision. The educational component is additional and costs approximately $100 per month for each user. This is too high so we did not agree to the service.
This solution is expensive. The customized package allows you to buy additional users at any time. You could advise the vendor that you are in need of some more resources, and they can send you a trial license which lets you pay later. In the meantime, you can start working with the trial license. They have subscriptions for licenses, but this is confidential information and I cannot share the price as per our non-disclosure agreement. If you purchase a typical package then it is clear licensing with no hidden payments. You can add integration services for Checkmarx if you needed to, but it's optional. The hardware is on the customer site. It could be virtual, or a physical server, or even cloud-based. You can choose what you want to use and there are still no hidden fees. Licensing and policy are clear.
This solution is definitely one of the more expensive tools. However, if I'm able to get value out of using it, I don't mind paying. They have protection services costs that are separate from the main license. There are multiple components that are part of the product suite and there are different license costs for each of those components. Sometimes it can be a little difficult to understand. There are a lot of components an individual will need to buy to cover an organization's needs. It really should be more transparent and flexible. Their licensing model as of today is quite rigid.
Software Configuration Manager at a tech vendor with 501-1,000 employees
Real User
2019-06-19T05:02:00Z
Jun 19, 2019
I've got 100 licenses for Checkmarx. As people come and go, it's a hassle to add and remove them. In this day and age, it's such a meaningless time-waster.
Practice Head - IT Risk & Security Management Services at Suma Soft Private Limited
Real User
2019-05-16T16:17:00Z
May 16, 2019
We have a subscription license that is on a yearly basis, and it's a pretty competitive solution. I don't know of any additional costs, beyond the standard licensing fees, for our version of the software. In the case of the SDLC edition, which is a higher version, there may be some professional support that is required. Otherwise, any license that they provide is just an annual subscription fee.
Checkmarx One is an enterprise cloud-native application security platform focused on providing cross-tool, correlated results to help AppSec and developer teams prioritize where to focus time and resources.
Checkmarx One offers comprehensive application scanning across the SDLC:
Static Application Security Testing (SAST)
Software Composition Analysis (SCA)
API security
Dynamic Application Security Testing (DAST)
Container security
IaC security
Correlation,...
The pricing is relatively expensive due to the product's quality and performance, but it is worth it.
Checkmarx is not a cheap solution. For around 250 users or committers, the cost is approximately $500,000. However, the investment is justified considering the potential costs of security breaches and the benefits of improved security practices.
The tool's pricing is fine.
The solution's price is high and you pay based on the number of users.
I don't deal with the pricing directly. I don't know the exact cost.
I would rate the solution’s pricing an eight out of ten. The tool’s pricing is higher than others and it is for the license alone.
Checkmarx is comparatively costlier than other products, which is why some of the customers feel reluctant to go for it, though performance-wise, Checkmarx can compete with other products.
The licensing is okay. I'd rate it 3.7 out of five. It is moderately priced yet not overly expensive.
As with other tools, if you want more, you have to pay more. You have to pay for additional modules or functionalities. For instance, if you want to do some scanning to external dependencies of the software, you have to buy another tool provided by Checkmarx. You have to pay for licenses for the number of projects that you want to scan and the number of users. I think you have to pay licenses for three features: the number of users, the projects, and I don't remember the other one.
Annually, the typical application scanning cost/setup would run anywhere from $75k to 150k, but that was dependent on the specific scanning requirements. There were no additional operating costs. There was a requirement or a request as a best practice for us to provide the appropriate professional services or implementation services to ensure that the product got off the ground by the time the licenses were purchased.
The price of Checkmarx could be reduced to match their competitors, it is expensive.
Checkmarx costs us around $132,000 annually.
We're using a commercial version of Checkmarx, and we paid for the solution for two years. The price is high and could be reduced. The local distributor charges two times higher than in other countries.
We have purchased an annual license to use this solution. The price is reasonable.
Most of my customers opted for a perpetual license. They prefer to pay the highest amount upfront for the perpetual license and then pay for additional support annually.
I express that I know the price structure and licensing models very well.Â
I constantly meet with the authorities on this subject and keep myself up to date. It is necessary to pay attention to the licensing model and talk about this issue with an expert. If you look at it from a purely monetary point of view, you may think it is expensive, but if you configure it correctly, you will understand that it is the best in terms of technology and acceptable in terms of price and performance.
It is not expensive, but sometimes, their pricing model or licensing model is not very clear. There are similar variables, such as projects or developers, and sometimes, it is a little bit confusing.
Its price is fair. It is in or around the right spot. Ultimately, if the price is wrong, customers won't commit, but they do tend to commit. It is neither too cheap nor too expensive.
I would rate Checkmarx a seven out of ten.
The cost might seem steep, however, it really depends on, first the size and requirements of your company. There are companies for which the speed of developing new features and developing them securely, is more valuable than for other organizations. This goes not only for Checkmarx. It goes for any automated desktop security platform in general. I definitely see the cases when the Checkmarx license is a reasonable expense. It just may not be for everyone.
The pricing is rather reasonable. It's not the most expensive on the market.
The number of users and coverage for languages will have an impact on the cost of the license. We would like to deploy it for the whole company but it's a question of spending thousands of dollars. Investing $200,000 or $300,000 would be an upper management decision. The educational component is additional and costs approximately $100 per month for each user. This is too high so we did not agree to the service.
The interface used to create custom rules comes at an additional cost.
This solution is expensive. The customized package allows you to buy additional users at any time. You could advise the vendor that you are in need of some more resources, and they can send you a trial license which lets you pay later. In the meantime, you can start working with the trial license. They have subscriptions for licenses, but this is confidential information and I cannot share the price as per our non-disclosure agreement. If you purchase a typical package then it is clear licensing with no hidden payments. You can add integration services for Checkmarx if you needed to, but it's optional. The hardware is on the customer site. It could be virtual, or a physical server, or even cloud-based. You can choose what you want to use and there are still no hidden fees. Licensing and policy are clear.
This solution is definitely one of the more expensive tools. However, if I'm able to get value out of using it, I don't mind paying. They have protection services costs that are separate from the main license. There are multiple components that are part of the product suite and there are different license costs for each of those components. Sometimes it can be a little difficult to understand. There are a lot of components an individual will need to buy to cover an organization's needs. It really should be more transparent and flexible. Their licensing model as of today is quite rigid.
I've got 100 licenses for Checkmarx. As people come and go, it's a hassle to add and remove them. In this day and age, it's such a meaningless time-waster.
We have a subscription license that is on a yearly basis, and it's a pretty competitive solution. I don't know of any additional costs, beyond the standard licensing fees, for our version of the software. In the case of the SDLC edition, which is a higher version, there may be some professional support that is required. Otherwise, any license that they provide is just an annual subscription fee.
It is an expensive solution.