Checkmarx, an Israeli headquartered company with US offices, provides a suite of application security software delivered via the Checkmarx Software Security Platform. Individual modules and capabilities include Checkmarx Static Application Security Testing, Checkmarx Software Composition Analysis, Checkmarx Interactive Application Security Testing (CxIAST)
N/A
Selenium
Score 8.2 out of 10
N/A
Selenium is open source software for browser automation, primarily used for functional, load, or performance testing of applications.
Checkmarx works best in organizations with secure development practices where code is regularly scanned during development. It's ideal for CI/CD pipelines, ensuring vulnerabilities are caught early. Checkmarx might not be the best for old systems that aren’t updated often, as setting it up can take time. It’s also less useful for teams that mostly use third-party libraries instead of writing their own code.
When you have to test the UI and how it behaves when certain actions are performed, you need something that can automate the browsers. This is where Selenium comes to the rescue. If you have to test APIs and not the frontend (UI), I would recommend going with other libraries that support HTTP Requests. Selenium is good only when you have no choice but to run the steps on a browser.
Selenium is pretty user-friendly but sometimes tests tend to flake out. I'd say roughly one out of twenty tests yields a false positive.
Selenium software cannot read images. This is a minor negative because a free plug-in is available from alternate sources.
Slowness may be a minor factor with Selenium, though this is an issue with basically any testing software since waiting on a site to execute JavaScript requires the browser to wait for a particular action.
We love this product mainly because of its high customization abilities and the ease of use. Moreover, its free and can be learned easily through online communities and videos. The tests are more consistent and reliable as compared to Manual tests. It has enabled us to test a large number of features all in one go, which would have impossible through manual tests. The reports generated at the end of the tests are really helpful for the QA and the development teams to get a fair view of the application.
Checkmarx's usability is generally good, but it can be a bit complex for new users. The interface may take some time to get used to, especially for those unfamiliar with security tools. Once you become familiar with it, it’s effective and integrates well into development workflows.
As I mentioned earlier, the reason I use Selenium is because there is a fairly widespread community of users, and user support services are at a good level. because the application is open source, it works on many platforms (Windows, Linux, IOS) without any problems. In addition, it gives us a lot of options for writing functional tests. For errors that we receive through the application, we can easily find the reasons for errors in the forums.
Selenium does not have technical support available easily. You have to go through forums to get the information you need. However, there are excellent forums out there that make it easy to troubleshoot. The open-source flexibility makes it difficult to have dedicated support.
We did everything we needed to use it. Now we can execute our tests on different operational systems and browsers running few tests simultaneously. We also implemented Appium framework to execute our tests on mobile devices, such as iPhones, iPads, Android phones and tablets. We use SauceLabs for our test execution and Jenkins for continuous integration.
We actually use Checkmarx along with the other tools. However, the reason we chose Checkmarx is its wide support for languages and useful fix recommendations. The flowcharts help better understand the data flow and give a clear picture of what needs to be fixed and how. Also, developers can make a note of what should be avoided in the future. Overall, it's a great tool and would be a good investment to make.
At the time of adoption, there were not many other alternatives that were even close to being competitive when it comes to browser testing. As far as I know now to this day, there is still little competition to Selenium for what it does. Any other browser-based testing still utilises Selenium to interact with the browser.
