CheckMarx

CheckMarx Alternatives & Competitors

Looking for alternatives to CheckMarx? Tons of people want Static Application Security Testing (SAST) software. What's difficult is finding out whether or not the software you choose is right for you.

content

Top 20 Alternatives & Competitors to CheckMarx

    #1
    #1
  1. Coverity

    (23)4.2 out of 5
    Coverity static analysis by Synopsys helps development and security teams find and fix defects and security flaws in code as it’s being written. Coverity is highly accurate, supports thousands of developers, and quickly analyzes large projects exceeding 100 million lines of code, helping your teams build secure, high-quality software faster.

    Reviewers say compared to CheckMarx, Coverity is:

    Easier to set up
    Better at support
    More usable
  2. Coverity static analysis by Synopsys helps development and security teams find and fix defects and security flaws in code as it’s being written. Coverity is highly accurate, supports thousands of developers, and quickly analyzes large projects exceeding 100 million lines of code, helping your teams build secure, high-quality software faster.

    Reviewers say compared to CheckMarx, Coverity is:

    Easier to set up
    Better at support
    More usable

    Coverity review by Valerie R.
    "Immediate help with errors and vulnerabilities in source codes: It is a software with a very large utility. It is quite complete, meets all the features and functions promised from the beginning. It allows finding solutions to errors or problems in the source code quickly and safely."
    #2
    #2
  3. IBM Security AppScan Standard

    (15)3.6 out of 5
    IBM Security AppScan Standard can help minimize web application attacks and expensive data breaches by automating testing of application security vulnerabilities. It allows you to test applications before deploying them and assess risk in production environments on an ongoing basis.

    Reviewers say compared to CheckMarx, IBM Security AppScan Standard is:

    More expensive
    Better at support
    More usable
  4. IBM Security AppScan Standard can help minimize web application attacks and expensive data breaches by automating testing of application security vulnerabilities. It allows you to test applications before deploying them and assess risk in production environments on an ongoing basis.

    Reviewers say compared to CheckMarx, IBM Security AppScan Standard is:

    More expensive
    Better at support
    More usable

    Appscan standard review by Mehdi T.
    "IBM Security AppScan Standard REVIEW: Real time agent status monitorning, agent logging and It is very cost effective compared to its performance and the features it offers. I like the way it assesses the applications."
    #3
    #3
  5. AttackFlow

    (12)4.3 out of 5
    AttackFlow is a solution helps find security and quality weaknesses in software by analyzing the code.

    Reviewers say compared to CheckMarx, AttackFlow is:

    More usable
    Better at support
    Better at meeting requirements
  6. AttackFlow is a solution helps find security and quality weaknesses in software by analyzing the code.

    Reviewers say compared to CheckMarx, AttackFlow is:

    More usable
    Better at support
    Better at meeting requirements

    AttackFlow review by Teresa O.
    "Excelente para ayudarte a identificar las debilidades en tu software: Esta es una maravillosa plataforma de análisis de código estático que te brinda increíbles soluciones vanguardistas para el desarrollo seguro de tus aplicaciones, AttackFlow trabaja de tu mano para garantizar que no sufras perdidas de dinero y que baje tu reputación a causa de Los hacker que siempre están atentos para encontrar y explotar las debilidades de tu software."
    #4
    #4
  7. bugScout

    (2)3.5 out of 5
    bugScout is a SAST platform for detecting vulnerabilities in application and website source codes.
  8. bugScout is a SAST platform for detecting vulnerabilities in application and website source codes.

    bugScout review by Consultant
    "Scouting Vulnerabilities: For my needs, I appreciate the scalability and the fact that it lets me analyze languages we regularly use to check quality and security."
    #5
    #5
  9. Peach Fuzzer

    (2)3.0 out of 5
    Peach Fuzzer is an automated security testing platform that prevents zero-day attacks by findng vulnerabilities in hardware and software systems.
  10. Peach Fuzzer is an automated security testing platform that prevents zero-day attacks by findng vulnerabilities in hardware and software systems.

    Peach Fuzzer review by Cassi G.
    "Few kinks to work thru: I love the effectiveness and speed of ability to use."
    #6
    #6
  11. HttpWatch

    (3)4.0 out of 5
    HttpWatch is HTTP Sniffer software.
  12. HttpWatch is HTTP Sniffer software.

    HttpWatch review by Manuel Ricardo L.
    "Great web traffic analizer: This tool allows you to use a free version that can capture web traffic and analize it in real time whout the need of purchasing the full version that can give you a great idea of the product and test it before purchase the full version."
    #7
    #7
  13. Sentinel

    (1)5.0 out of 5
    Cloud-based web application security platform
  14. Cloud-based web application security platform

    Sentinel review by Administrator in Banking
    "WhiteHat's Sentinel: This is a cloud based service that specializes in continuous application security scanning services. Their tool set runs continuously to identify vulnerabilities using production safe scanning. The scan process is slower but very thorough. WhiteHat also has human testers manually review all results, ensuring zero false positives. The solution is extremely compelling, they have expert testers who provide a zero false positive rate and great results. This has proved to be a tremendous cloud offering, where we only deal with proven vulnerabilities, saving us huge amounts of time."
    #8
    #8
  15. Qualys WAS

    (1)5.0 out of 5
    Qualys WAS is Qualys's platform for end-to-end web application scanning.
  16. Qualys WAS is Qualys's platform for end-to-end web application scanning.

    Qualys WAS review by Administrator in Internet
    "Best scanner in Today's market: I have seen many scanning agents, but qualys provide exact results and provide the solutions and fix in the reports. This is awesome scanner i have ever seen. "
    #9
    #9
  17. Micro Focus Fortify Software Security Center

    (1)3.5 out of 5
    Manage, measure and integrate security for the entire software lifecycle.
  18. Manage, measure and integrate security for the entire software lifecycle.

    Micro Focus Fortify Software Security Center review by Administrator in Information Technology and Services
    "A very versatile and powerful application but does have some areas to improve. : It is incredibly easy to create applications and versions inside the platform. It is also easy to make on-the-spot changes to customize. "
    #16
    #16
  19. Sparrow SAST

    Sparrow SAST is designed to detect security weaknesses in source code with its semantic based static program analysis engine.
  20. Sparrow SAST is designed to detect security weaknesses in source code with its semantic based static program analysis engine.

    Be the first to review Sparrow SAST!
    #11
    #11
  21. Wallarm

    Wallarm is an AI-powered application security solution for the teams launching new modular software services or upgrading their existing web applications to a new stack. Wallarm includes an adaptive Next Gen WAF, attack sandboxing, vulnerability scanner and development time testing modules.
  22. Wallarm is an AI-powered application security solution for the teams launching new modular software services or upgrading their existing web applications to a new stack. Wallarm includes an adaptive Next Gen WAF, attack sandboxing, vulnerability scanner and development time testing modules.

    Be the first to review Wallarm!
    #11
    #11
  23. Micro Focus Fortify On Demand

    Integrated secure development, security testing and continuous monitoring.
  24. Integrated secure development, security testing and continuous monitoring.

    Be the first to review Fortify On Demand!
    #12
    #12
  25. Hyperion BDefend

    It's stunning. bDefend creates powerful behavior fingerprints and makes new malware signatures for all to use.We defend against viruses that others can't detect.
  26. It's stunning. bDefend creates powerful behavior fingerprints and makes new malware signatures for all to use.We defend against viruses that others can't detect.

    Be the first to review Hyperion BDefend!
    #13
    #13
  27. Hyperion BDetect

    You know that uploading unknown code leads to unknown consequences. So why risk it? bDetect takes a quick look and identifies what code is Safe, Suspicious, or Malicious.
  28. You know that uploading unknown code leads to unknown consequences. So why risk it? bDetect takes a quick look and identifies what code is Safe, Suspicious, or Malicious.

    Be the first to review Hyperion BDetect!
    #14
    #14
  29. BlueClosure

    The latest Minded Security Labs project regards JavaScript Security. We have released a tool called BlueClosure which helps security testers to analyze and discover Client Side security issues.
  30. The latest Minded Security Labs project regards JavaScript Security. We have released a tool called BlueClosure which helps security testers to analyze and discover Client Side security issues.

    Be the first to review BlueClosure!
    #15
    #15
  31. Kiuwan Code Security and Analysis

    Provides an end-to-end Application Security platform to bring you objective data so you can make informed decisions regarding the security, risk, cost, activity, quality, maintainability, efficiency and dependencies of your applications.
  32. Provides an end-to-end Application Security platform to bring you objective data so you can make informed decisions regarding the security, risk, cost, activity, quality, maintainability, efficiency and dependencies of your applications.

    Be the first to review Kiuwan Code Security and Analysis!
    #16
    #16
  33. reshift

    reshift is a continuous application security testing platform that helps software development teams integrate security earlier in the software development life cycle. We make security easier to integrate than other solutions because of two things: 1. Integrations: We don't want to add more work for the developers and that's why we created an end to end solution that seamlessly works with the modern day development workflow. Simply log into Github, Bitbucket, or Gitlab to upload projects. reshift has a scanner included but works on top of your existing scanners. Finally, we also integrate with JIRA to make fixing bugs actionable. 2. False Positives: reshift is capable of automatically triaging false positives with our machine learning algorithm. With other tools false positives just create noise and make fixing bugs more time consuming and less desirable, with reshift everything is filtered based on the rules you set. The more you confirm, the more accurate the predictions get.
  34. reshift is a continuous application security testing platform that helps software development teams integrate security earlier in the software development life cycle. We make security easier to integrate than other solutions because of two things: 1. Integrations: We don't want to add more work for the developers and that's why we created an end to end solution that seamlessly works with the modern day development workflow. Simply log into Github, Bitbucket, or Gitlab to upload projects. reshift has a scanner included but works on top of your existing scanners. Finally, we also integrate with JIRA to make fixing bugs actionable. 2. False Positives: reshift is capable of automatically triaging false positives with our machine learning algorithm. With other tools false positives just create noise and make fixing bugs more time consuming and less desirable, with reshift everything is filtered based on the rules you set. The more you confirm, the more accurate the predictions get.

    Be the first to review reshift!
    #17
    #17
  35. WhiteHat Sentinel Source

    WhiteHat Sentinel Source, a part of the WhiteHat Application Security Platform, is our static application security testing (SAST) product. It is used for scanning source code of the most commonly-used programming languages, identifying vulnerabilities, and providing actionable vulnerability reports, as well as offering Software Composition Analysis and ready-to-implement code fixes for certain vulnerabilities. Scanning of binary files for certain languages is also available.
  36. WhiteHat Sentinel Source, a part of the WhiteHat Application Security Platform, is our static application security testing (SAST) product. It is used for scanning source code of the most commonly-used programming languages, identifying vulnerabilities, and providing actionable vulnerability reports, as well as offering Software Composition Analysis and ready-to-implement code fixes for certain vulnerabilities. Scanning of binary files for certain languages is also available.

    Be the first to review WhiteHat Sentinel Source!
    #18
    #18
  37. ThunderScan

    DefenseCode ThunderScan is a SAST (Static Application Security Testing, WhiteBox Testing) solution for performing extensive security audits of application source code. ThunderScan is easy to use, requires almost no user input and can be deployed during or after development. It is an efficient alternative to the demanding and time-consuming procedure of manual code reviews. ThunderScan performs fast and accurate analyses of large and complex source code projects delivering precise results and low false positive rate.
  38. DefenseCode ThunderScan is a SAST (Static Application Security Testing, WhiteBox Testing) solution for performing extensive security audits of application source code. ThunderScan is easy to use, requires almost no user input and can be deployed during or after development. It is an efficient alternative to the demanding and time-consuming procedure of manual code reviews. ThunderScan performs fast and accurate analyses of large and complex source code projects delivering precise results and low false positive rate.

    Be the first to review ThunderScan!
    #19
    #19
  39. Code Dx Enterprise

    Code Dx Enterprise takes the results of all of your scans, processes them, and gives you a short list with no duplicates. It even points out which vulnerabilities were found by more than one tool, and provides an easy interface to prioritize each one based on severity. This can cut your testing time down, and get your application secured without falling behind schedule.
  40. Code Dx Enterprise takes the results of all of your scans, processes them, and gives you a short list with no duplicates. It even points out which vulnerabilities were found by more than one tool, and provides an easy interface to prioritize each one based on severity. This can cut your testing time down, and get your application secured without falling behind schedule.

    Be the first to review Code Dx Enterprise!