CAST Highlight vs. Checkmarx

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
CAST Highlight
Score 8.4 out of 10
Enterprise companies (1,001+ employees)
CAST headquartered in New York offers Highlight, an application portfolio management solution providing software component analysis , application security, application benchmarking, and technical due diligence.
$25,000
per year
Checkmarx
Score 7.3 out of 10
N/A
Checkmarx, an Israeli headquartered company with US offices, provides a suite of application security software delivered via the Checkmarx Software Security Platform. Individual modules and capabilities include Checkmarx Static Application Security Testing, Checkmarx Software Composition Analysis, Checkmarx Interactive Application Security Testing (CxIAST)N/A
Pricing
CAST HighlightCheckmarx
Editions & Modules
Cloud
25k
Portfolio Size 25
SCA
$26k
Portfolio Size 25
Complete
33k
Portfolio Size 25
No answers on this topic
Offerings
Pricing Offerings
CAST HighlightCheckmarx
Free Trial
YesNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
YesNo
Entry-level Setup FeeOptionalNo setup fee
Additional DetailsAnnual Pricing by Size of Application Portfolio
More Pricing Information
Community Pulse
CAST HighlightCheckmarx
Top Pros
Top Cons
Best Alternatives
CAST HighlightCheckmarx
Small Businesses

No answers on this topic

GitLab
GitLab
Score 9.0 out of 10
Medium-sized Companies
Veracode
Veracode
Score 8.4 out of 10
GitLab
GitLab
Score 9.0 out of 10
Enterprises
Veracode
Veracode
Score 8.4 out of 10
GitLab
GitLab
Score 9.0 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
CAST HighlightCheckmarx
Likelihood to Recommend
10.0
(1 ratings)
6.8
(3 ratings)
Support Rating
10.0
(2 ratings)
-
(0 ratings)
User Testimonials
CAST HighlightCheckmarx
Likelihood to Recommend
CAST
I think CAST is a great tool to give insight into your applications. The tool can be met with resistance from team members as the tool is going to expose defects that should be addressed. Out of the box, it may need some tailoring to focus on certain areas so that you are not overwhelmed with defects the first time you scan your code. But ultimately, you will want to eliminate all defects in the code and have all violations turned on.
Gene Baker | TrustRadius Reviewer
Gene Baker
Vice President, Chief Architect, Development Manager and Software Engineer
Read full review
Checkmarx
Chechmarx is really suited for finding wide range of security risks. It although identifies false positives which can be confusing at times. It can do better in terms of scan duration. They are better alternate competitors in the market who can do equally good or even better. It all depends on the scope of the problem you want to address
Verified User
Anonymous
Read full review
Pros
CAST
  • Identifies common coding vulnerabilities.
  • Compares code to industry best practices.
  • Assesses the code for data privacy compliance.
Gene Baker | TrustRadius Reviewer
Gene Baker
Vice President, Chief Architect, Development Manager and Software Engineer
Read full review
Checkmarx
  • Reporting
  • Language support
  • Fix recommendations
Verified User
Anonymous
Read full review
Cons
CAST
  • Code scans could be faster. A large application may need to be broken down into smaller sub-applications in order to facilitate faster code scans.
  • We spent a lot of time trying to figure out how to best structure our code base in the application for ultimate performance.
Gene Baker | TrustRadius Reviewer
Gene Baker
Vice President, Chief Architect, Development Manager and Software Engineer
Read full review
Checkmarx
  • Lots of false positives
  • Hard to integrate with CI
Verified User
Anonymous
Read full review
Support Rating
CAST
Tech support and pro services are top-notch.
Gene Baker | TrustRadius Reviewer
Gene Baker
Vice President, Chief Architect, Development Manager and Software Engineer
Read full review
Checkmarx
No answers on this topic
Alternatives Considered
CAST
These other tools only do a part of what CAST does. CAST gives a comprehensive view into the code looking at all aspects, code quality, security, maintainability, vulnerability, privacy, reuse, etc. These other tools only focus on one or two dimensions.
Gene Baker | TrustRadius Reviewer
Gene Baker
Vice President, Chief Architect, Development Manager and Software Engineer
Read full review
Checkmarx
We actually use Checkmarx along with the other tools. However, the reason we chose Checkmarx is its wide support for languages and useful fix recommendations. The flowcharts help better understand the data flow and give a clear picture of what needs to be fixed and how. Also, developers can make a note of what should be avoided in the future. Overall, it's a great tool and would be a good investment to make.
Verified User
Anonymous
Read full review
Return on Investment
CAST
  • I believe once we had the tool working for our code base, we immediately saw positive ROI.
  • We spent some time getting to where our code code be scanned efficiently but some of that was trying to do things ourselves instead of fully utilizing Cast Professional Services. I highly recommend to do an engagement with CAST to have them help setup the tool in your environment or to run it in the cloud for you.
Gene Baker | TrustRadius Reviewer
Gene Baker
Vice President, Chief Architect, Development Manager and Software Engineer
Read full review
Checkmarx
  • Improved ability to provide high level of IA confidence
  • Improved confidence in application-level security
Verified User
Anonymous
Read full review
ScreenShots

CAST Highlight Screenshots

Screenshot of Application Portfolio ManagementScreenshot of Software Composition AnalysisScreenshot of Portfolio Advisor for Open SourceScreenshot of Portfolio Advisor for CloudScreenshot of Cloud Migration Blockers and Boosters