I have been working with Codebashing, which is one of the modules in Checkmarx. Checkmarx has different modules like Codebashing, SAST, DAST, and SCA, providing a complete AppSec platform that includes Codebashing. Codebashing has been integrated with our IDEs like Jenkins, Visual Studio, and Eclipse. Whenever a developer identifies any kind of security-related vulnerabilities, they receive a lot of information from Codebashing, such as what exactly the vulnerability is, how it can be fixed, any games around that, and any videos related to those vulnerabilities. The developer watches these videos and learns how to fix those specific issues. Additionally, we organize tournaments to test developer capabilities in terms of how quickly they can identify and fix issues, and how effectively they handle those issues without creating new ones. For Checkmarx, we are the customer, and we use this particular platform to service our customers.
I use Codebashing for security-related testing and aggressive testing, and also to stress-check code to expose weaknesses. Ours is an HRA benefits application, and I use Codebashing for security testing or exposing weaknesses by attacking the input and intentionally passing malicious input. Through Codebashing, I can identify the required vulnerability. This means security testing, and a few of my colleagues have also been using Codebashing.
I have used SonarQube as a community product for static application security testing as well as quality gate checking for the organization. Now I have retired the community edition of SonarQube and I am currently working with Checkmarx for a proper solution. In my current license configuration, I have Codebashing, secret scanning, and SAST. Codebashing is solely purposed for training our developers regarding the vulnerabilities we have, and it has seamless integration within Checkmarx. I am running a security champions program which leverages Codebashing platform itself.
I am a reseller. Codebashing is a training tool. It's a training tool that helps users or developers detect their coding errors and correct them. Then Codebashing shows them how to improve and secure their development skills.
We are very seriously using Codebashing. For example, when we have new engineers in the company, it is company policy that they have to complete the Codebashing sessions. During the orientation and onboarding period, all the engineers of our company must complete the Codebashings sessions and many of our customers are doing the same. We are strategic partners with Checkmarx and we are an internationally certified training center for Checkmarx and Codebashing.
Senior Software Development Engineer at Stanbic Bank Ghana
Real User
Oct 14, 2020
We use the solution for scanning the codes we develop in Java. We use it to check them against our glitches, then we mediate them before we push them to the applications and to the server.
Information Security Engineer at a tech vendor with 51-200 employees
Real User
Mar 25, 2020
We are a solution provider and this is one of the products that we are evaluating. We use Codebashing to provide users with different exercises for Python and UI. It allows them to practice.
We are a service company, and we have a lot of projects for mobile app security. Our customers use JavaScript and Objective-C to code the backend of their systems, and our security experts use this solution to show our customers what needs to be fixed in their environment. We use a classic cloud service, but from a vendor, so we have a private cloud deployment. In the future, we may switch to an on-premises solution.
Codebashing provides comprehensive security training, focusing on real-time remediation, vulnerability discovery, and improved development practices through adaptive learning and gamification.Codebashing offers a dynamic approach to developer training, emphasizing security from the onset of application design. It seamlessly integrates with development tools, providing interactive training, customizable settings, and a focus on preventing vulnerabilities. This platform is ideal for enhancing...
I have been working with Codebashing, which is one of the modules in Checkmarx. Checkmarx has different modules like Codebashing, SAST, DAST, and SCA, providing a complete AppSec platform that includes Codebashing. Codebashing has been integrated with our IDEs like Jenkins, Visual Studio, and Eclipse. Whenever a developer identifies any kind of security-related vulnerabilities, they receive a lot of information from Codebashing, such as what exactly the vulnerability is, how it can be fixed, any games around that, and any videos related to those vulnerabilities. The developer watches these videos and learns how to fix those specific issues. Additionally, we organize tournaments to test developer capabilities in terms of how quickly they can identify and fix issues, and how effectively they handle those issues without creating new ones. For Checkmarx, we are the customer, and we use this particular platform to service our customers.
I use Codebashing for security-related testing and aggressive testing, and also to stress-check code to expose weaknesses. Ours is an HRA benefits application, and I use Codebashing for security testing or exposing weaknesses by attacking the input and intentionally passing malicious input. Through Codebashing, I can identify the required vulnerability. This means security testing, and a few of my colleagues have also been using Codebashing.
I have used SonarQube as a community product for static application security testing as well as quality gate checking for the organization. Now I have retired the community edition of SonarQube and I am currently working with Checkmarx for a proper solution. In my current license configuration, I have Codebashing, secret scanning, and SAST. Codebashing is solely purposed for training our developers regarding the vulnerabilities we have, and it has seamless integration within Checkmarx. I am running a security champions program which leverages Codebashing platform itself.
We have been using the product for code-scanning purposes.
The solution mainly aims to identify false positives or flag any medium to high-risk outcomes, meaning it is mainly for source codes.
We use Codebashing for secure code development.
Our team leaders and managers use this solution. They use this platform to educate and provide security training to their developer teams.
I am a reseller. Codebashing is a training tool. It's a training tool that helps users or developers detect their coding errors and correct them. Then Codebashing shows them how to improve and secure their development skills.
We are very seriously using Codebashing. For example, when we have new engineers in the company, it is company policy that they have to complete the Codebashing sessions. During the orientation and onboarding period, all the engineers of our company must complete the Codebashings sessions and many of our customers are doing the same. We are strategic partners with Checkmarx and we are an internationally certified training center for Checkmarx and Codebashing.
We use the solution for scanning the codes we develop in Java. We use it to check them against our glitches, then we mediate them before we push them to the applications and to the server.
We are a solution provider and this is one of the products that we are evaluating. We use Codebashing to provide users with different exercises for Python and UI. It allows them to practice.
We primarily use the solution as part of an integration with the CI pipeline.
We are a service company, and we have a lot of projects for mobile app security. Our customers use JavaScript and Objective-C to code the backend of their systems, and our security experts use this solution to show our customers what needs to be fixed in their environment. We use a classic cloud service, but from a vendor, so we have a private cloud deployment. In the future, we may switch to an on-premises solution.