Checkmarx has a low rate of False Positives (less than 5%). We achieve that by marking a result as FP in the UI and adapting the rules to your environment. Our professional services team can do this for you.
A new version is released every year. A service pack is released every quarter. Hotfixes are released as needed.
Yes. We currently have plugins for Jenkins, Bamboo, TeamCity, TFS, Anthill Pro and others.
Yes, Checkmarx provides a side by side comparison of scans and points out the differences.
Checkmarx’s product is available either On-premise, on a private cloud or on our secure CxCloud service.
Checkmarx parse raw source code (no need to compile) stores it in a DB and queries it with hundreds of rules to find vulnerabilities. Rules can be easily modified & added.
Yes, Checkmarx fully supports scanning of Android, iOS and Windows mobile applications.
Project progress reports and configurable dashboards in PDF, RTF, CSV or XML.
No. The incremental scan option will automatically scan only the updated files and their dependencies.
Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.
Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.