Checkmarx, an Israeli headquartered company with US offices, provides a suite of application security software delivered via the Checkmarx Software Security Platform. Individual modules and capabilities include Checkmarx Static Application Security Testing, Checkmarx Software Composition Analysis, Checkmarx Interactive Application Security Testing (CxIAST)
N/A
Veracode
Score 8.5 out of 10
Mid-Size Companies (51-1,000 employees)
Veracode is an application security platform that performs five types of analysis; static analysis, dynamic analysis, software composition analysis, interactive application security testing, and penetration testing. Veracode offers on-demand expertise and aims to help companies fix security defects.
We actually use Checkmarx along with the other tools. However, the reason we chose Checkmarx is its wide support for languages and useful fix recommendations. The flowcharts help better understand the data flow and give a clear picture of what needs to be fixed and how. Also, …
Checkmarx for SAST is easier to integrate and use. It also has a nicer and more convenient UI that shows you the source code and the context of the vulnerabilities identified. However, it is more expensive, not on the cloud so you need your own infrastructure, and it doesn't …
I used AppScan for dynamic scanning when it was IBM, but it was too clunky and hard to use. Developers and testers needed to spend quite a bit of time configuring scans. I also used Checkmarx for static scanning and it was faster, but it requires you to install on your own …
Checkmarx and Veracode have a few common points and some features which are different. Checkmarx UI is more user-friendly, but the level of detailing in Veracode reports is better. Veracode is a good choice for static analysis of code. if the user interface can be made smoother …
Veracode is more thorough and provides a wider variety of tools than the competition. Support is prompt and very eager to make sure we get the help we need as quickly as possible. If Support can't resolve it right away, they will make sure we are connected to one of their …
Veracode stands out as the best of breed for all types of AppSec scanners.
Verified User
Engineer
Chose Veracode
During the course of our using Veracode, we still do evaluate other platforms to see what they offer, and how they compare to Veracode. I do most of the evaluations myself, and I still come back to Veracode as being the overall best platform. Most every platform, for better …
Veracode has a very good integration within its products, which makes it easy for a developer. Veracode helps in providing support both actively and through resources on their platform to remediate and fix the issues found in one's application. The reporting section being …
Veracode had better pricing than most of them, and much easier deployment (SaaS) so we don't need to worry about hardware. Even with the only cloud option that was not ideal for us, we embraced it. Also, it supports the technology we are using .NET C# and it works great for us.