Compare Business Software for Checkmarx: June 2025 Reviews & Comparison

Cortex

Cortex's internal developer portal (IDP) helps engineering teams drive adoption of best practices, improve visibility into services and infrastructure, and accelerate engineering productivity. With Cortex, engineering organizations can codify standards, manage service maturity, and reduce operational overhead, empowering developers to ship faster and more reliably. Trusted by high-performing engineering organizations, Cortex integrates seamlessly with existing tools to provide a centralized, actionable view of service health and ownership. • Within minutes, determine who owns each service with Cortex’s AI service ownership model across thousands of repositories. • Standardize golden paths using Workflows, enabling teams to scaffold new services & provision infrastructure in minutes. • Consistently uphold best practices and standards across your organization with automated Scorecards and targeted Initiatives. • Make informed, impactful actions based on real-time insights.

3 Ratings

Starting Price: Custom

View Software

Visit Website

Android

Google

This summer, we’re expanding the ways we keep you safe and finding new ways to keep you connected. Here are the latest features available on your Android device. New delightful and helpful experiences across all of the devices that are connected to your Android phone. Your one-stop home for all your favorite entertainment. From movies and TV shows to games and books. Android 11 is optimized for how you use your phone. Helping you manage conversations. And organize your day. With tools designed to help you do more. Meet people using Android to change what's possible in daily life. Watch and read stories about creative, driven people discovering how to make their world more colorful and connected. With Android by their side. Choices for work, gaming, 5G streaming and anything else. There’s over 24,000 phones and tablets that run on Android. So no matter what you’re looking for, there’s something for you. Your security and privacy are at the heart of what we do.

5 Ratings

View Software

Visual Studio Code

Microsoft

VSCode: Code editing. Redefined. Free. Built on open source. Runs everywhere. Go beyond syntax highlighting and autocomplete with IntelliSense, which provides smart completions based on variable types, function definitions, and imported modules. Debug code right from the editor. Launch or attach to your running apps and debug with break points, call stacks, and an interactive console. Working with Git and other SCM providers has never been easier. Review diffs, stage files, and make commits right from the editor. Push and pull from any hosted SCM service. Want even more features? Install extensions to add new languages, themes, debuggers, and to connect to additional services. Extensions run in separate processes, ensuring they won't slow down your editor. Learn more about extensions. With Microsoft Azure you can deploy and host your React, Angular, Vue, Node, Python (and more!) sites, store and query relational and document based data, and scale with serverless computing.

26 Ratings

View Software

Eclipse IDE

Eclipse Foundation

Eclipse IDE The Leading Open Platform for Professional Developers used in computer programming. Better Than Ever. The Eclipse IDE delivers what you need to rapidly innovate. Easier IDE configuration The Eclipse IDE Installer 2020-09 and several packages now include a Java Runtime Environment (JRE). Improved theming and styling. Improved Windows dark theme and GTK light theme. Moving to bleeding edge. Eclipse IDE now needs Java 11 as a minimum version to run on, but you can compile any version as usual. New experimental features. Support for aarch64. Linux support landed this version. Node.js is now embedded For all our LSP-based toolings, Node.js is now embedded to make things work out of the box Free and open source Free and open source; released under the terms of the Eclipse Public License 2.0. Powered by Participation. A vast ecosystem of plugins from an active community

10 Ratings

View Software

Python

The core of extensible programming is defining functions. Python allows mandatory and optional arguments, keyword arguments, and even arbitrary argument lists. Whether you're new to programming or an experienced developer, it's easy to learn and use Python. Python can be easy to pick up whether you're a first-time programmer or you're experienced with other languages. The following pages are a useful first step to get on your way to writing programs with Python! The community hosts conferences and meetups to collaborate on code, and much more. Python's documentation will help you along the way, and the mailing lists will keep you in touch. The Python Package Index (PyPI) hosts thousands of third-party modules for Python. Both Python's standard library and the community-contributed modules allow for endless possibilities.

2 Ratings

Starting Price: Free

View Software

Nucleus

Nucleus is redefining the vulnerability management software category as the single source of record for all assets, vulnerabilities, and associated data. We unlock the value you’re not getting from existing tools and place you squarely on the path to program maturity by unifying the people, processes, and technology involved in vulnerability management. With Nucleus, you receive unmatched visibility into your program and a suite of tools with functionality that simply can’t be replicated in any other way. Nucleus is the single shift-left tool that unifies development and security operations. It unlocks the value you’re not getting out of your existing tools and puts you on the path to unifying the people, processes, and technology involved in addressing vulnerabilities and code weaknesses. With Nucleus, you’ll get unmatched pipeline integration, tracking, triage, automation and reporting capabilities and a suite of tools with functionality.

1 Rating

Starting Price: $10 per user per year

View Software

Java

Oracle

The Java™ Programming Language is a general-purpose, concurrent, strongly typed, class-based object-oriented language. It is normally compiled to the bytecode instruction set and binary format defined in the Java Virtual Machine Specification. In the Java programming language, all source code is first written in plain text files ending with the .java extension. Those source files are then compiled into .class files by the javac compiler. A .class file does not contain code that is native to your processor; it instead contains bytecodes — the machine language of the Java Virtual Machine1 (Java VM). The java launcher tool then runs your application with an instance of the Java Virtual Machine.

1 Rating

Starting Price: Free

View Software

Visual Studio

Microsoft

Full-featured IDE to code, debug, test, and deploy to any platform. Code faster. Work smarter. Create the future with the best-in-class IDE. Develop with the entire toolset from initial design to final deployment. Improved IntelliSense performance for C++ files. Local development with many common emulators. Simplified test access in Solution Explorer. Git management and repo creation in the IDE. Kubernetes support now included in Microsoft Azure workload. It doesn’t matter what type of app you are building, what language you program in, or what OS you’re on; with Live Share you can instantly share your project with your peers from the comfort of your own tools. No need to clone a repo or set up the environment, to get sharing.

1 Rating

Starting Price: $45.00 per month

View Software

Axonius

Axonius gives customers the confidence to control complexity by providing a system of record for all digital infrastructure. With a comprehensive understanding of all assets including devices, identities, software, SaaS applications, vulnerabilities, security controls, and the context between all assets, customers are able to mitigate threats, navigate risk, decrease incident response time, automate action, and inform business-level strategy — all while eliminating manual, repetitive tasks. Recognized as creators of the Cyber Asset Attack Surface Management (CAASM) category and innovators in SaaS Management Platform (SMP) and SaaS Security Posture Management (SSPM), Axonius is deployed in minutes and integrates with hundreds of data sources to provide a comprehensive asset inventory, uncover gaps, and automatically enforce policies and automate action.

View Software

JupiterOne

JupiterOne is a cyber asset analysis platform every modern security team needs to collect and transform asset data into actionable insights to secure their attack surface. JupiterOne was created to make security as simple as asking a question and getting the right answer back, with context, to make the right decision. With JupiterOne, organizations are able to see all asset data in a single place, improve confidence in choosing their priorities and optimize the deployment of their existing security infrastructure.

Starting Price: $2000 per month

View Software

Vulcan Cyber

At Vulcan Cyber we’re changing the way businesses reduce cyber risk through vulnerability remediation orchestration. We help IT security teams go beyond remedial vulnerability management to help them drive vulnerability remediation outcomes. The Vulcan platform consolidates vulnerability and asset data, with threat intelligence and customizable risk parameters to deliver risk-based vulnerability prioritization insights. But we don't stop there. Vulcan remediation intelligence takes the vulnerabilities that matter to your business and attaches the remedies and fixes needed to mitigate the threat. Then Vulcan orchestrates and measures the rest of the remediation process with integrations and inputs into application security, DevSecOps, patch management, configuration management, and cloud security tools, teams and functions. From scan to fix, Vulcan Cyber delivers the unique ability to orchestrate the entire vulnerability remediation process to GET FIX DONE at scale.

Starting Price: $999 / month

View Software

Logilica

Logilica is the software engineering intelligence platform for fast moving software development teams. Fusing DevOps and Git analytics Logilica enables software leaders with distributed teams to deliver faster, more predictably. One-click connectors and APIs to your existing platform tools to ingest engineering data without moving a finger or filling in a spreadsheet. Prebuilt reports and analytics for humans. Track and optimize your investment effort, risks, and delivery speed. Effortlessly, automatically. Benefit from our open ELT data pipeline to ingest your own data, define your own metrics and dashboards, and create custom insights in minutes. See predicted delays, where to unblock processes, and how to improve delivery flow.

Starting Price: $33/user/month

View Software

InsightCloudSec

Rapid7

You transform your business, we’ll keep your cloud services secure. InsightCloudSec enables you to drive innovation through continuous security and compliance. Achieve continuous security and compliance and prevent misconfigurations through unified visibility and monitoring and real-time automated remediation. Secure configurations and workloads through automated cloud security and vulnerability management across dynamic cloud environments. Manage identity and effective access across ephemeral resources, at scale. InsightCloudSec is a fully-integrated cloud-native security platform, your whole cloud security toolbox in a single solution. Consumer privacy (or the lack thereof) is a huge societal concern and the focus on protecting privacy is manifesting itself through many forms, including regulations like the California Consumer Privacy Act and General Data Protection Regulation.

Starting Price: $66,000 per year

View Software

ASP.NET

Microsoft

Blazor is a feature of ASP.NET for building interactive web UIs using C# instead of JavaScript. Blazor gives you real .NET running in the browser on WebAssembly. .NET is a developer platform made up of tools, programming languages, and libraries for building many different types of applications. ASP.NET supports industry standard authentication protocols. Built-in features help protect your apps against cross-site scripting (XSS) and cross-site request forgery (CSRF). ASP.NET provides a built-in user database with support for multi-factor authentication and external authentication with Google, Twitter, and more.

Starting Price: Free

View Software

Kotlin

Easy to pick up, so you can create powerful applications immediately. Compatible with the Java ecosystem. Use your favorite JVM frameworks and libraries. Share application logic between web, mobile, and desktop platforms while keeping an experience native to users. Save time and get the benefit of unlimited access to features specific to these platforms. Kotlin has great support and many contributors in its fast-growing global community. Enjoy the benefits of a rich ecosystem with a wide range of community libraries. Help is never far away — consult extensive community resources or ask the Kotlin team directly. Kotlin Multiplatform Mobile is an SDK for iOS and Android app development. It offers all the combined benefits of creating cross-platform and native apps. Maintain a single codebase for networking, data storage, analytics, and the other logic of your Android and iOS apps.

Starting Price: Free

View Software

PHP

Fast, flexible and pragmatic, PHP powers everything from your blog to the most popular websites in the world. The PHP development team announces the immediate availability of PHP 8.0.20. When using the PHP.net website, there is even no need to get to a search box to access the content you would like to see quickly. You can use short PHP.net URLs to access pages directly.

Starting Price: Free

View Software

Visual Basic

Microsoft

Visual Basic is an object-oriented programming language developed by Microsoft. Using Visual Basic makes it fast and easy to create type-safe .NET apps. Visual Basic focuses on supplying more of the features of the Visual Basic Runtime (microsoft.visualbasic.dll) to .NET Core and is the first version of Visual Basic focused on .NET Core. Many portions of the Visual Basic Runtime depend on WinForms and these will be added in a later version of Visual Basic. .NET is a free, open-source development platform for building many kinds of apps. With .NET, your code and project files look and feel the same no matter which type of app you're building. You have access to the same runtime, API, and language capabilities with each app. A Visual Basic program is built up from standard building blocks. A solution comprises one or more projects. A project in turn can contain one or more assemblies. Each assembly is compiled from one or more source files.

Starting Price: Free

View Software

Swift

Apple

Writing Swift code is interactive and fun, the syntax is concise yet expressive, and Swift includes modern features developers love. Swift code is safe by design and produces software that runs lightning-fast. Swift is the result of the latest research on programming languages, combined with decades of experience building Apple platforms. Named parameters are expressed in a clean syntax that makes APIs in Swift even easier to read and maintain. Even better, you don’t even need to type semi-colons. Inferred types make code cleaner and less prone to mistakes, while modules eliminate headers and provide namespaces. To best support international languages and emoji, Strings are Unicode-correct and use a UTF-8 based encoding to optimize performance for a wide-variety of use cases. You can even write concurrent code with simple, built-in keywords that define asynchronous behavior, making your code more readable and less error-prone.

Starting Price: Free

View Software

Ruby

Ruby Language

Wondering why Ruby is so popular? Its fans call it a beautiful, artful language. And yet, they say it’s handy and practical. Since its public release in 1995, Ruby has drawn devoted coders worldwide. In 2006, Ruby achieved mass acceptance. With active user groups formed in the world’s major cities and Ruby-related conferences filled to capacity. Ruby-Talk, the primary mailing list for discussion of the Ruby language, climbed to an average of 200 messages per day in 2006. It has dropped in recent years as the size of the community pushed discussion from one central list into many smaller groups. Ruby is ranked among the top 10 on most of the indices that measure the growth and popularity of programming languages worldwide (such as the TIOBE index). Much of the growth is attributed to the popularity of software written in Ruby, particularly the Ruby on Rails web framework.

Starting Price: Free

View Software

Scala

Scala combines object-oriented and functional programming in one concise, high-level language. Scala's static types help avoid bugs in complex applications, and its JVM and JavaScript runtimes let you build high-performance systems with easy access to huge ecosystems of libraries. The Scala compiler is smart about static types. Most of the time, you need not tell it the types of your variables. Instead, its powerful type inference will figure them out for you. In Scala, case classes are used to represent structural data types. They implicitly equip the class with meaningful toString, equals and hashCode methods, as well as the ability to be deconstructed with pattern matching. In Scala, functions are values, and can be defined as anonymous functions with a concise syntax.

Starting Price: Free

View Software

Perl

Perl is a highly capable, feature-rich programming language with over 30 years of development. Perl is a highly capable, feature-rich programming language with over 30 years of development. Perl runs on over 100 platforms from portables to mainframes and is suitable for both rapid prototyping and large scale development projects. "Perl" is a family of languages, "Raku" (formerly known as "Perl 6") is part of the family, but it is a separate language which has its own development team. Its existence has no significant impact on the continuing development of "Perl". Perl includes powerful tools for processing text that make it ideal for working with HTML, XML, and all other mark-up and natural languages. Perl can handle encrypted Web data, including e-commerce transactions.

Starting Price: Free

View Software

Go

Golang

With a strong ecosystem of tools and APIs on major cloud providers, it is easier than ever to build services with Go. With popular open source packages and a robust standard library, use Go to create fast and elegant CLIs. With enhanced memory performance and support for several IDEs, Go powers fast and scalable web applications. With fast build times, lean syntax, an automatic formatter and doc generator, Go is built to support both DevOps and SRE. Everything there is to know about Go. Get started on a new project or brush up for your existing Go code. An interactive introduction to Go in three sections. Each section concludes with a few exercises so you can practice what you've learned. The Playground allows anyone with a web browser to write Go code that we immediately compile, link, and run on our servers.

Starting Price: Free

View Software

Apache Groovy

The Apache Software Foundation

Apache Groovy is a powerful, optionally typed and dynamic language, with static-typing and static compilation capabilities, for the Java platform aimed at improving developer productivity thanks to a concise, familiar and easy to learn syntax. It integrates smoothly with any Java program, and immediately delivers to your application powerful features, including scripting capabilities, Domain-Specific Language authoring, runtime and compile-time meta-programming and functional programming. Concise, readable and expressive syntax, easy to learn for Java developers. Closures, builders, runtime & compile-time meta-programming, functional programming, type inference, and static compilation. Flexible & malleable syntax, advanced integration & customization mechanisms, to integrate readable business rules in your applications. Great for writing concise and maintainable tests, and for all your build and automation tasks.

Starting Price: Free

View Software

Phoenix Security

Phoenix Security enables security, developers, and businesses to all talk the same language. We help security professionals focus on the vulnerabilities that matter most across cloud, infrastructure, and application security. Laser focuses on the 10% of vulnerabilities that matter today, and reduces risk faster with prioritized contextualized vulnerabilities. Threat intelligence automatically in the risk improves efficiency enabling fast reaction. Threat intelligence automatically in the risk improves efficiency enabling fast reaction. Aggregate, correlate and contextualize multiple security tools and data sources, providing your business with unprecedented visibility. Break down the silos between application security, operational security, and the business.

Starting Price: $3,782.98 per month

View Software

Betterscan.io

Reduce MTTD & MTTR with full coverage within minutes of using. Full DevSecOps toolchain across your all environments, implementing and collecting evidence as part of your continuous security. Unified and de-duplicated across all the layers we orchestrate. One line to add several thousand checks + AI. It was built with security in mind, and we have avoided common security mistakes and pitfalls. Understands modern technologies. All are callable via REST API. Integrateable with CI/CD systems, lightweight and fast. You can self-host it for 100% code control and transparency, or run source available binary only in your own CI/CD. Use a source-available solution for complete control and transparency. Trivial setup, no software installation, compatible with many programming languages. Detects more than several thousand code and infrastructure issues and counting. You can review the issues, mark them as false positives, and collaborate on issues.

Starting Price: €499 one-time payment

View Software

SD Elements

Security Compass

Security Compass, a pioneer in application security, enables organizations to shift left and build secure applications by design, integrated directly with existing DevSecOps tools and workflows. Its flagship product, SD Elements, helps organizations accelerate software time to market and reduce cyber risks by taking an automated, developer-centric approach to threat modeling, secure development, and compliance. Security Compass is the trusted solution provider to leading financial and technology organizations, the U.S. Department of Defense, government agencies, and renowned global brands across multiple industries.

View Software

Rapid7 InsightConnect

Rapid7

InsightConnect is Rapid7’s security orchestration, automation and response (SOAR) solution, with which you can accelerate your time-intensive, highly manual incident response and vulnerability management processes. Connect teams across your IT and security systems with clear communication, collaboration, and integration. Streamline your manual, repetitive tasks with connect-and-go workflows, no code necessary. Supercharge your security operations with automation that drives efficiency, without sacrificing analyst control. Streamline and accelerate highly manual, time-intensive, processes 24 hours a day. With more than 300 plugins to connect your IT and security systems, and a library of customizable workflows, you’ll free up your security team to tackle bigger challenges, while still leveraging their expertise. Incident response can be time consuming. If you’re suffering from alert fatigue, you understand.

View Software

Flosum

A fully native release management and version control system for Salesforce that simply works. Bring together people, processes, and technology to optimize, visualize, and govern business value flow through your entire Salesforce ecosystem. An all-in-one solution for requirements management, version control, deployments and regression testing. Designed with a “clicks not code” approach to achieve the goals that Salesforce developers require, allowing changes to components limited by Git-based solutions, keeping orgs in sync, and executing deployments quicker than ever before. Built to work in the most sophisticated DevOps environments, including integration with Git, Jira, Azure DevOps, Selenium, and many other tools that our clients require. Finish your deployments in minutes, not hours or days. Our click-not-code functionality for DevOps covers all operations seamlessly. We give developers full-scale power tools they need, in the ways they’ve always wanted.

View Software

Harness

Harness is an AI-native software delivery platform that helps engineering teams achieve excellence by automating and streamlining the entire software delivery lifecycle. It enables continuous integration, continuous delivery, and GitOps for multi-cloud, multi-region deployments with increased speed and reliability. Harness simplifies infrastructure as code, database DevOps, and artifact management to improve collaboration and reduce errors. The platform offers AI-powered testing, incident response, chaos engineering, and feature management to enhance quality and resilience. Harness also provides cloud cost management, security testing orchestration, and developer insights to optimize performance and governance. Trusted by leading enterprises, Harness accelerates innovation while reducing manual effort and risk.

View Software

.NET

Microsoft

Free. Cross-platform. Open source. A developer platform for building all your apps. Build native apps for Android, iOS, macOS and Windows from a single codebase. You can write your .NET apps in C#, F#, or Visual Basic. Your skills, code, and favorite libraries apply anywhere you use .NET. You can learn more about what .NET can do with these free videos. .NET is open source and we are very thankful for the many contributions it receives from the community.

Starting Price: Free

View Software

Business Software for Checkmarx

Top Software that integrates with Checkmarx as of June 2025

Cortex

Android

Visual Studio Code

Eclipse IDE

Python

Nucleus

Java

Visual Studio

Axonius

JupiterOne

Vulcan Cyber

Logilica

InsightCloudSec

ASP.NET

Kotlin

PHP

Visual Basic

Swift

Ruby

Scala

Perl

Go

Apache Groovy

Phoenix Security

Betterscan.io

SD Elements

Rapid7 InsightConnect

Flosum

Harness

.NET