We performed a comparison between Checkmarx One and Sonatype Repository Firewall based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is very useful because it fits our requirements. It is also easy to use. It is not complex, and we are satisfied with the results."
"The only thing I like is that Checkmarx does not need to compile."
"The solution has good performance, it is able to compute in 10 to 15 minutes."
"The report function is the solution's greatest asset."
"The most valuable feature of Checkmarx is the user interface, it is very easy to use. We do not need to configure anything, we only have to scan to see the results."
"The most valuable feature is the simple user interface."
"Scan reviews can occur during the development lifecycle."
"The most valuable features of Checkmarx are the automation and information that it provides in the reports."
"Another thing that I like about Sonatype is that if you download something today, and five days from today it becomes vulnerable, it will notify you."
"The product's network and intrusion protection features are valuable. It also has rules and compliance features for security."
"Creating and editing custom rules in Checkmarx is difficult because the license for the editor comes at an additional cost, and there is a steep learning curve."
"The reports are good, but they still need to be improved considering what the UI offers."
"I would like the product to include more debugging and developed tools. It needs to also add enhancements on the coding side."
"The statistics module has a function that allows you to show some statistics, but I think it's limited. Maybe it needs more information."
"Licensing models and Swift language support are the aspects in which this product needs to improve. Swift is a new language, in which major customers require support for lower prices."
"Checkmarx needs to be more scalable for large enterprise companies."
"Checkmarx has a slightly difficult compilation with the CI/CD pipeline."
"I expect application security vendors to cover all aspects of application security, including SAST, DAST, and even mobile application security testing. And it would be much better if they provided an on-premises and cloud option for all these main application security features."
"The tool needs to improve its file systems. The product should also include zero test feature."
"What I don't like is the lack of an option to pick up the phone and call someone for support. That is something they need to improve on. They need to have a professional services package, or they need to include that option with their services."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Sonatype Repository Firewall is ranked 35th in Application Security Tools with 3 reviews. Checkmarx One is rated 7.6, while Sonatype Repository Firewall is rated 8.4. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Sonatype Repository Firewall writes "You will get clean code every time, and that's a great achievement". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Sonatype Repository Firewall is most compared with JFrog Xray, Cisco Secure Firewall, Black Duck, GitHub and Sonatype Lifecycle. See our Checkmarx One vs. Sonatype Repository Firewall report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.