Checkmarx
Enterprise application security testing platform
Category
AI Security & Vulnerability Detection
Platforms
web, cli, vscode, jetbrains
Pricing
Custom — Custom
Open Source
No
IDE Support
VS Code, JetBrains IDEs, Eclipse, Visual Studio
What is Checkmarx?
Checkmarx is an enterprise AST (Application Security Testing) platform covering SAST, SCA, DAST, and IaC scanning. Its AI Guided Remediation feature provides step-by-step fix instructions generated by AI, personalized to your specific vulnerable code.
Who is it for? Security engineers and teams who need automated vulnerability detection and code audits.
Key Features
Available on
Our Verdict
Comprehensive enterprise security platform. AI remediation is genuinely helpful. Expensive and complex — suited for large organizations.
Pros & Cons
Pros
- + Full AST coverage (SAST+SCA+DAST)
- + AI remediation guidance
- + Wide language support
- + Strong compliance reporting
Cons
- - Very expensive
- - Complex deployment
- - No free tier
- - Steep learning curve
Pricing
Enterprise
Custom
- SAST + SCA + DAST
- AI remediation
- IDE plugins
- CI/CD integration
Supported Languages & IDEs
Alternatives to Checkmarx
Semgrep
Fast, customizable static analysis for security
Free OSS 4.5/5
Snyk Code
AI-powered security code review
Free 4.4/5
GitGuardian
AI secrets detection and remediation for code
Free 4.4/5
SonarQube
Code quality and security platform with AI
Free OSS 4.3/5
Veracode
Cloud-native application security testing
3.9/5
About Checkmarx
Company Checkmarx
Founded 2006
HQ Atlanta, GA
Status Active
Data updated 2025-02-20