Checkmarx, an Israeli headquartered company with US offices, provides a suite of application security software delivered via the Checkmarx Software Security Platform. Individual modules and capabilities include Checkmarx Static Application Security Testing, Checkmarx Software Composition Analysis, Checkmarx Interactive Application Security Testing (CxIAST)
N/A
Trend Vision One Email and Collaboration Security
Score 8.9 out of 10
N/A
The Trend Vision One Email and Collaboration Security application secures Microsoft Office 365 and other cloud storage applications.
If you are going with SAST process or want to improve overall security posture then go for it like integrating it with post deployment steps. If you are more concerned about proactive controls better choose other options such as pee-commit hooks and CI security. Also choose other tools for DAST and API scans.
Cloud App Security blocks all incoming bad emails and drive files without interacting with the portal or having to worry about anything coming through. It demonstrates its ability to work in scenarios where overhead is limited. It could have some improvements in the way where more options are given in the config to make bypass rules or exclusions.
Only a 9 if the product become completely unaffordable. Covid-19 has adversely affected Higher Ed budgets, if that should happen I would lobby hard to find cuts elsewhere...TrendMicro CAS is a necessary tool for any business to have!
Checkmarx's usability is generally good, but it can be a bit complex for new users. The interface may take some time to get used to, especially for those unfamiliar with security tools. Once you become familiar with it, it’s effective and integrates well into development workflows.
It is very easy to implement the policies and get around in the platform. It is easy to release from system quarantine if something inadvertently gets added. The Dashboard has a lot of really good info around the types of detections over last 24 hrs, 7 Days, or 30 Days. It would be nice if when doing log searches, one could search all of the "types" at one time. Types include things like Quarantine, Ransomware, Virtual Analyzer, etc.
Trend Micro Cloud App Security’s support has been highly competent and thorough when we have needed their assistance. Their support has been quickly dispatched, both through telephone and Email, while answer our questions and providing the “inside baseball” answers we have wanted when discussing the why and how of certain issues. When it came to implementation, their support sat through us as we deployed agents and took us on an adventure few implementations have.
Checkmarx is easier to integrate with development tools and gives quick feedback during coding, which is helpful for developers. Veracode is more focused on scanning and reporting for compliance, but it’s more complex to set up. We chose Checkmarx because it fits better into our development process, offering faster scans and more useful suggestions for fixing problems
It is cheaper than most other business antivirus/malware that I have used before, and has a smaller footprint on endpoints. It also seems to have fewer false positives. It is very easy to install compared to others, and has a solid web-based control panel for administering users accounts. It is very easy to monitor our remote users and apply policies or scans even when they are off-line.
CAS gives us peace of mind knowing the file systems we rely on in the cloud are protected the same way they would be if they were sitting in our office. This leads to a reduced risk of downtime that could otherwise limit us from being able to properly support our customers.