Can be used to analyse application, source code, byte code, and binaries for coding and design conditions.Key elements of the checkmarx dashboard can be split into two sections, namely scan, statistics and scan trends.

CXSast has several very important advantages. The first is that the code is scanned before it is even compiled, this means that de developers can scan and fix while they are still in the coding process. Second CXSAST fully integrates in any devops proces. Scanning and reporting will be doen from within the screens developers work in, so no unneccesary switching between screens. (see extention CXflow) Nex to that the rules (or queries) are open, every one can see them or a organisation can tailor them to their own need. If needed a FP free setup can be created! V9.3 now enable installation of the engines on Linux, you can dockarize the stuff Last but not least CXSast can be setup with additions such as CX-SCA (opensource analysis) and CX-IAST (passive IAST scanning)

Overall I did not enjoy using it.

It has been a good experience, the support is fast and reliable. The tool work as expected and you can use the api integration to go even further.

My personal overall experience with SAST is positive. I like that I can tweak queries myself and if there is something I can't do, support is just a phone call/ticket away. They respond to all inquiries very quickly.