CxSAST

Software for managing application risks and vulnerabilities

About CxSAST

Checkmarx Static Application Security Testing (CxSAST) is designed to help businesses conduct static analysis for identifying vulnerabilities in custom codes and open source applications. It enables DevOps teams to scan source codes in the software development lifecycle (SDLC), mitigate risks, and gain insights into the system's security framework.

CxSAST allows professionals to set up custom policies to manage application security, find remedies to eliminate vulnerabilities, and automate IT workflows via a unified platform. The application also helps IT teams scan uncompiled codes and fix multiple vulnerabilities in codes. It supports various multiple programming and scripting languages such as Java, Kotlin, TypeScript, PHP, and more and lets managers view source code analysis results and conduct software composition analysis.

CxSAST supports integration with various software release orchestration, agile planning and bug tracking platforms, build automation servers, and source repositories, enabling software developers to enforce security policies. Other features include access control, code injection, collaboration, data manipulation, analytics, and more.


Images

CxSAST Software - CxSAST projects
CxSAST Software - CxSAST scan settings
CxSAST Software - CxSAST scan results
View 4 more
CxSAST video
CxSAST Software - CxSAST projects
CxSAST Software - CxSAST scan settings
CxSAST Software - CxSAST scan results

Not sure about CxSAST? Compare with a popular alternative

CxSAST

3,9 (7)
VS.

Starting Price

US$0,01
No pricing found

Pricing Options

Free version
Free trial
Free version
Free trial

Features

24
23

Integrations

No integrations found
4

Ease of Use

3,7 (7)
5,0 (1)

Value for Money

3,0 (7)
4,0 (1)

Customer Service

4,0 (7)
5,0 (1)
Green rating bars show the winning product based on the average rating and number of reviews.

Alternatives

Veracode

4
#1 Alternative to CxSAST
Veracode is a static application security testing (SAST) software designed to help businesses review applications'...

BuildPiper

4,2
#2 Alternative to CxSAST
BuildPiper is a product by OpsTree Labs, which is an end-to-end Kubernetes and microservices Delivery Platform. It is a...

CodeScene

4,7
#3 Alternative to CxSAST
CodeScene is a code analysis, visualization, and reporting tool. Cross reference contextual factors such as code...

GitHub

4,8
#4 Alternative to CxSAST
GitHub is a place to share code with friends, co-workers, classmates, and complete strangers, helping individuals and...

Reviews

Overall rating

3,9 /5
(7)
Value for Money
3/5
Features
4,3/5
Ease of Use
3,7/5
Customer Support
4/5

Already have CxSAST?

Software buyers need your help! Product reviews help the rest of us make great decisions.

Showing 5 reviews of 7
Daniel
Daniel
Overall rating
  • Industry: Hospital & Health Care
  • Company size: 10 000+ Employees
  • Used Daily for 2+ years
  • Review Source

Overall rating

  • Ease of Use
  • Likelihood to recommend 10.0 /10

Gives a full 360 degree view of vulnerabilities in static code

Reviewed on 2023/01/22

My personal overall experience with SAST is positive. I like that I can tweak queries myself and if...

My personal overall experience with SAST is positive. I like that I can tweak queries myself and if there is something I can't do, support is just a phone call/ticket away. They respond to all inquiries very quickly.

Pros

The ability to use CI/CD pipelines so when the build task kicks off, scanning for static code and open source libraries is done at build time.

Cons

The only thing I do not like is we have some languages that the product does not support like ColdFusion and R-Code.

Alternatives Considered

Veracode
Tiennot
Overall rating
  • Industry: Computer & Network Security
  • Company size: 11–50 Employees
  • Used Daily for 2+ years
  • Review Source

Overall rating

  • Value for Money
  • Ease of Use
  • Customer Support
  • Likelihood to recommend 10.0 /10

CxSAST - A great static software analyzer

Reviewed on 2021/01/15

Pros

CXSast has several very important advantages. The first is that the code is scanned before it is even compiled, this means that de developers can scan and fix while they are still in the coding process.

Second CXSAST fully integrates in any devops proces. Scanning and reporting will be doen from within the screens developers work in, so no unneccesary switching between screens. (see extention CXflow)

Nex to that the rules (or queries) are open, every one can see them or a organisation can tailor them to their own need. If needed a FP free setup can be created!

V9.3 now enable installation of the engines on Linux, you can dockarize the stuff

Last but not least CXSast can be setup with additions such as CX-SCA (opensource analysis) and CX-IAST (passive IAST scanning)

Cons

The installation can sometimes be difficult. However Checkmarx counters this by offering free installation services for their costumers.

Donovan
Overall rating
  • Industry: Financial Services
  • Company size: 51–200 Employees
  • Used Daily for 6-12 months
  • Review Source

Overall rating

  • Value for Money
  • Ease of Use
  • Customer Support
  • Likelihood to recommend 3.0 /10

Super expensive but also feels outdated

Reviewed on 2022/03/25

Overall I did not enjoy using it.

Overall I did not enjoy using it.

Pros

It certainly covers all the vulnerability rules you would ever need.

Cons

It is SUPER expensive, very slow and the reporting is too messy. It would have been better if it can take a more integrated into the code approach like Sonar.

Juan
Overall rating
  • Industry: Banking
  • Company size: 1 001–5 000 Employees
  • Used Daily for 2+ years
  • Review Source

Overall rating

  • Value for Money
  • Ease of Use
  • Customer Support
  • Likelihood to recommend 8.0 /10

Checkmarx a strong and reliable competitor

Reviewed on 2021/11/18

It has been a good experience, the support is fast and reliable. The tool work as expected and you...

It has been a good experience, the support is fast and reliable. The tool work as expected and you can use the api integration to go even further.

Pros

Easy of use, the 0 complexity it adds to configure a new project, it feels to work in a collaborative way even in an on premise environment.

Cons

The implementation requires Windows and SQL, i would prefer that it runs on linux with postgresql.
The reporting could be improved.

Shreyans
Shreyans
Overall rating
  • Industry: Banking
  • Company size: 10 000+ Employees
  • Used Weekly for 2+ years
  • Review Source

Overall rating

  • Ease of Use
  • Likelihood to recommend 8.0 /10

Preferred Vulnerability Management Tool

Reviewed on 2022/11/12

Pros

Can be used to analyse application, source code, byte code, and binaries for coding and design conditions.Key elements of the checkmarx dashboard can be split into two sections, namely scan, statistics and scan trends.

Cons

Unavailable or downtime of application causes delay in deploying the code through pipeline which is integrated with Checkmarx.

Showing 5 reviews of 7 Read all reviews

CxSAST FAQs

Below are some frequently asked questions for CxSAST.

CxSAST offers the following pricing plans:

  • Starting from: US$0,01
  • Free Trial: Available

Contact vendor for pricing details.

CxSAST has the following typical customers:

2–10, 11–50, 51–200, 201–500, 501–1 000, 1 001–5 000

CxSAST supports the following languages:

English, German

CxSAST supports the following devices:

We do not have any information about what integrations CxSAST has

CxSAST offers the following support options:

Email/Help Desk, FAQs/Forum, Knowledge Base, Phone Support, Chat

Related categories

See all software categories found for CxSAST.