Checkmarks for improving overall SAST security posture
July 19, 2025
Checkmarks for improving overall SAST security posture
Score 8 out of 10
Vetted Review
Verified User
Modules Used
- Checkmarx Static Application Security Testing (CxSAST)
- Checkmarx Software Composition Analysis (CxSCA)
- Checkmarx Codebashing (CxCodebashing)
- Secret Detection
- License Scanning
Overall Satisfaction with Checkmarx
Checkmarx was uses as a reactive security sast control in my org, to detect code security scans, secret detection and license scanning. We also used it to assess our overall sast structure by dashboards and metrics such as MTTR etc. There were lot of grey areas where devs needed assistance with the vulnerable piece of code and checkmarx used to provide great insights on that.
Pros
- Code security scans where issues needs to be tagged as Critical or High and needs to be merged into PR
- Secrets that are hardcoded in the code or comments of the PR
- License scanning where devs will be having an idea if they are using right set of open source packages
Cons
- DAST capability can be the one where it does not support native use case of using OTP based arch
- API Scanning is something that lacks a bit due to not much customizations
- Branch wise reports for SAST is not available
- One product usually for all the SAST need helped us evaluate our security posture
Do you think Checkmarx delivers good value for the price?
Yes
Are you happy with Checkmarx's feature set?
Yes
Did Checkmarx live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of Checkmarx go as expected?
Yes
Would you buy Checkmarx again?
Yes
Comments
Please log in to join the conversation