What needs improvement with Checkmarx SAST?

Find out what your peers are saying about Checkmarx, Qualys, GitLab and others in Static Application Security Testing (SAST). Updated: September 2025.

DOWNLOAD NOW

868,787 professionals have used our research since 2012.

Static Application Security Testing (SAST)

SAST is a method designed to detect security vulnerabilities within an application's source code. By analyzing the code structure, SAST identifies potential flaws early in the development cycle, promoting secure coding practices and reducing the risk of security issues in production. Unlike dynamic testing that examines an application during runtime, SAST operates on static code analysis. This early detection capability is crucial as it enables developers to address vulnerabilities before...

Download Static Application Security Testing (SAST) Report Read more

Related Q&As

Dec 16, 2024

What is your experience regarding pricing and costs for Checkmarx SAST?

Sep 5, 2025

What is your primary use case for Checkmarx SAST?

score 0 · Answer 1 · 2025-09-05T12:18:38Z

The main challenge with Checkmarx SAST is the price. The price is a challenge because Checkmarx SAST is a very big brand, and many mid-sized companies cannot afford it as they are very price-conscious. A 20 to 30% reduction in price would be beneficial. Checkmarx SAST could invest more in digital marketing, particularly in ad sales on platforms such as LinkedIn, which could be a valuable tool.

score 0 · Answer 2 · 2024-12-16T12:36:14Z

We had some issues where Checkmarx did not recognize a vulnerability. We had to talk with the vendor, and they had to include an improvement in the tool to resolve this issue.

Cuneyt KALPAKOGLU Phd. Founder & Chairman at Endpoint-labs Cyber Security R&D · Answer 3 · 2024-10-07T14:48:00Z

There is a need for improvement in terms of technical support, pricing policy, and configuration. The on-premises version is more expensive compared to the cloud version.