Checkmarx vs. Lacework

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Checkmarx
Score 8.2 out of 10
N/A
Checkmarx, an Israeli headquartered company with US offices, provides a suite of application security software delivered via the Checkmarx Software Security Platform. Individual modules and capabilities include Checkmarx Static Application Security Testing, Checkmarx Software Composition Analysis, Checkmarx Interactive Application Security Testing (CxIAST)N/A
Lacework
Score 7.1 out of 10
N/A
Lacework is a cloud-native application protection platform offered as-a-Service; delivering build-time to run-time threat detection, behavioral anomaly detection, and cloud compliance across multicloud environments, workloads, containers, and Kubernetes.N/A
Pricing
CheckmarxLacework
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
CheckmarxLacework
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
CheckmarxLacework
Considered Both Products
Checkmarx

No answer on this topic

Lacework
Top Pros
Top Cons
Best Alternatives
CheckmarxLacework
Small Businesses
GitLab
GitLab
Score 8.9 out of 10

No answers on this topic

Medium-sized Companies
GitLab
GitLab
Score 8.9 out of 10
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
Enterprises
GitLab
GitLab
Score 8.9 out of 10
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
CheckmarxLacework
Likelihood to Recommend
7.0
(3 ratings)
7.1
(7 ratings)
User Testimonials
CheckmarxLacework
Likelihood to Recommend
Checkmarx
Chechmarx is really suited for finding wide range of security risks. It although identifies false positives which can be confusing at times. It can do better in terms of scan duration. They are better alternate competitors in the market who can do equally good or even better. It all depends on the scope of the problem you want to address
Read full review
Lacework
Lacework is well suited for behavioral analysis. One thing to consider thought is in the early stages there will be quite a bit of noise generated by Lacework. There will be a higher volume alerts generated initially - until a good baseline is generated. Overall Lacework is good with alert handling - integration with Slack is good.
Read full review
Pros
Checkmarx
  • Reporting
  • Language support
  • Fix recommendations
Read full review
Lacework
  • Easy to set-up the agent in cloud workloads.
  • Easy integration with ticketing and messaging tools.
  • Detailed visibility of all our container workloads across multiple accounts.
Read full review
Cons
Checkmarx
  • Lots of false positives
  • Hard to integrate with CI
Read full review
Lacework
  • UI can be complicated and hard to know where to click to find information.
  • Ability to create and manage cases or tickets from events that trigger.
Read full review
Alternatives Considered
Checkmarx
We actually use Checkmarx along with the other tools. However, the reason we chose Checkmarx is its wide support for languages and useful fix recommendations. The flowcharts help better understand the data flow and give a clear picture of what needs to be fixed and how. Also, developers can make a note of what should be avoided in the future. Overall, it's a great tool and would be a good investment to make.
Read full review
Lacework
Compared to Sysdig Falco (the free open-source IDS), Lacework helps security teams by providing actionable alerts and a user-friendly interface that gives you an overview of all workloads being monitored, and detailed insights into these workloads if needed. Falco requires you to build your own integration and interface around it, including a mechanism to whitelist certain alerts. This made it harder for the security team to focus their time on potential intrusions.
Read full review
Return on Investment
Checkmarx
  • Improved ability to provide high level of IA confidence
  • Improved confidence in application-level security
Read full review
Lacework
  • Being a FinTech company, financial institutions who partner with us want to know that we are appropriately maintaining a Security, Risk and Compliance program that maintains a level of comfort for their vendor management. Lacework gives us the ability to monitor and maintain a level of security for our infrastructure that puts our partners at ease, reduces the revenue cycle for new partners and opens doors to the future.
Read full review
ScreenShots