Checkmarx, an Israeli headquartered company with US offices, provides a suite of application security software delivered via the Checkmarx Software Security Platform. Individual modules and capabilities include Checkmarx Static Application Security Testing, Checkmarx Software Composition Analysis, Checkmarx Interactive Application Security Testing (CxIAST)
N/A
ReSharper
Score 9.3 out of 10
N/A
ReSharper is a code analysis and debugging tool available as an extender to Visual Studio. Its features are also present in JetBrain's .NET IDE, Rider.
If you are going with SAST process or want to improve overall security posture then go for it like integrating it with post deployment steps. If you are more concerned about proactive controls better choose other options such as pee-commit hooks and CI security. Also choose other tools for DAST and API scans.
ReSharper is the best all-in-one tool for Visual Studio that I have encountered. It contains many features not found in Visual Studio Enterprise, and those features already in Visual Studio provide much better implementations. I would recommend this to all developers, with the only people who will find it a detriment are developers running older, slower machines (due to ReSharper's resource requirements).
Their API based customizations which I leveraged to create an ASPM package, which is developer friendly and can extend above the dashboard features, other ones are UI which is great and feels clutter free. Menu and navigation is also good so as support. Only drawback is sometimes scan takes longer which I feel so can be reduced
ReSharper is very familiar if you already know Visual Studio. JetBrains does have an excellent IDE (Rider); however, since ReSharper is an extension to Visual Studio, you only need to learn what their tools add, not a whole new way of working. I have found the extension's interface to be straightforward, although perhaps due to the massive range of features, navigating the menus is a little time-consuming until your muscle memory kicks in. Maybe a feature search tool would help make usability a 10 out of 10?
Checkmarx is easier to integrate with development tools and gives quick feedback during coding, which is helpful for developers. Veracode is more focused on scanning and reporting for compliance, but it’s more complex to set up. We chose Checkmarx because it fits better into our development process, offering faster scans and more useful suggestions for fixing problems
ReSharper does what it does very well because it operates inside the IDE you are already using. It provides advanced features that function far above and beyond what Visual Studio Professional offers and does not require you to learn another IDE like JetBrain's excellent IDE Rider. My only wish is that ReSharper had a Visual Studio Code plugin!
ReSharper is our go-to tool for file formatting. All of our code process must be formatted correctly, and ReSharper makes that an easy to access keyboard shortcut.
