Checkmarx vs. ReSharper

Chechmarx is really suited for finding wide range of security risks. It although identifies false positives which can be confusing at times. It can do better in terms of scan duration. They are better alternate competitors in the market who can do equally good or even better. It all depends on the scope of the problem you want to address

Incentivized

ReSharper is suitable for all legacy and new projects. It helps keep the code clean, short and understandable. The color codes help you quickly identify what you are looking for, and the shortcuts are the best. While Visual Studio made progress on these points on its own, it seems to me that ReSharper has a lot to offer. Today it happens to me that I can't think of another productivity tool without thinking of ReSharper first.

Incentivized

• Reporting
• Language support
• Fix recommendations

Incentivized

• It displays errors or suggestions for your code
• Saves time to optimize a code
• Faster development

• Lots of false positives
• Hard to integrate with CI

Incentivized

• Sometimes colleagues report degraded performance
• Sometimes Visual Studio needs to be restarted because the code becomes out of sync with what ReSharper thinks it should be

Incentivized

We actually use Checkmarx along with the other tools. However, the reason we chose Checkmarx is its wide support for languages and useful fix recommendations. The flowcharts help better understand the data flow and give a clear picture of what needs to be fixed and how. Also, developers can make a note of what should be avoided in the future. Overall, it's a great tool and would be a good investment to make.

Incentivized

• Improved ability to provide high level of IA confidence
• Improved confidence in application-level security

Incentivized

• ReSharper saved me HOURS of code writing.
• Saved me time to find issues in code.
• Saved me time finding dependency issues.
• It helps to create understandable code, so that others can continue the work without wasting time.

Incentivized