Checkmarx, an Israeli headquartered company with US offices, provides a suite of application security software delivered via the Checkmarx Software Security Platform. Individual modules and capabilities include Checkmarx Static Application Security Testing, Checkmarx Software Composition Analysis, Checkmarx Interactive Application Security Testing (CxIAST)
N/A
ReSharper
Score 10.0 out of 10
N/A
ReSharper is a code analysis and debugging tool available as an extender to Visual Studio. Its features are also present in JetBrain's .NET IDE, Rider.
Checkmarx works best in organizations with secure development practices where code is regularly scanned during development. It's ideal for CI/CD pipelines, ensuring vulnerabilities are caught early. Checkmarx might not be the best for old systems that aren’t updated often, as setting it up can take time. It’s also less useful for teams that mostly use third-party libraries instead of writing their own code.
ReSharper is the best all-in-one tool for Visual Studio that I have encountered. It contains many features not found in Visual Studio Enterprise, and those features already in Visual Studio provide much better implementations. I would recommend this to all developers, with the only people who will find it a detriment are developers running older, slower machines (due to ReSharper's resource requirements).
Checkmarx's usability is generally good, but it can be a bit complex for new users. The interface may take some time to get used to, especially for those unfamiliar with security tools. Once you become familiar with it, it’s effective and integrates well into development workflows.
ReSharper is very familiar if you already know Visual Studio. JetBrains does have an excellent IDE (Rider); however, since ReSharper is an extension to Visual Studio, you only need to learn what their tools add, not a whole new way of working. I have found the extension's interface to be straightforward, although perhaps due to the massive range of features, navigating the menus is a little time-consuming until your muscle memory kicks in. Maybe a feature search tool would help make usability a 10 out of 10?
We actually use Checkmarx along with the other tools. However, the reason we chose Checkmarx is its wide support for languages and useful fix recommendations. The flowcharts help better understand the data flow and give a clear picture of what needs to be fixed and how. Also, developers can make a note of what should be avoided in the future. Overall, it's a great tool and would be a good investment to make.
ReSharper does what it does very well because it operates inside the IDE you are already using. It provides advanced features that function far above and beyond what Visual Studio Professional offers and does not require you to learn another IDE like JetBrain's excellent IDE Rider. My only wish is that ReSharper had a Visual Studio Code plugin!
ReSharper is our go-to tool for file formatting. All of our code process must be formatted correctly, and ReSharper makes that an easy to access keyboard shortcut.
