We performed a comparison between Checkmarx One and Invicti based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution is scalable, but other solutions are better."
"The solution has good performance, it is able to compute in 10 to 15 minutes."
"Checkmarx has helped us deliver more secure products. We are able to do static code analysis with the tool before shipping our code to production. When the integration is in the pipeline, this tool gives us early notifications on code fixes."
"It is very useful because it fits our requirements. It is also easy to use. It is not complex, and we are satisfied with the results."
"Scan reviews can occur during the development lifecycle."
"The value you can get out of the speedy production may be worth the price tag."
"One of the most valuable features is it is flexible."
"The most valuable features of Checkmarx are the automation and information that it provides in the reports."
"It has a comprehensive resulting mechanism. It is a one-stop solution for all your security testing mechanisms."
"I am impressed by the whole technology that they are using in this solution. It is really fast. When using netscan, the confirmation that it gives on the vulnerabilities is pretty cool. It is really easy to configure a scan in Netsparker Web Application Security Scanner. It is also really easy to deploy."
"I like that it's stable and technical support is great."
"Attacking feature: Actually, attacking is not a solo feature. It contains many attack engines, Hawk, and many properties. But Netsparker's attacking mechanism is very flexible. This increases the vulnerability detection rate. Also, Netsparker made the Hawk for real-time interactive command-line-based exploit testing. It's very valuable for a vulnerability scanner."
"The solution generates reports automatically and quickly."
"Invicti is a good product, and its API testing is also good."
"Its ability to crawl a web application is quite different than another similar scanner."
"The most valuable feature of Invicti is getting baseline scanning and incremental scan."
"Licensing models and Swift language support are the aspects in which this product needs to improve. Swift is a new language, in which major customers require support for lower prices."
"Checkmarx reports many false positives that we need to manually segregate and mark “Not exploitable”."
"I think the CxAudit tool has room for improvement. At the beginning you can choose a scan of a project, but in any event the project must be scanned again (wasting time)."
"In terms of dashboarding, the solution could provide a little more flexibility in terms of creating more dashboards. It has some of its own dashboards that come out of the box. However, if I have to implement my own dashboards that are aligned to my organization's requirements, that dashboarding feature has limited capability right now."
"The solution sometimes reports a false auditable code or false positive."
"They could work to improve the user interface. Right now, it really is lacking."
"The cost per user is high and should be reduced."
"Implementing a blackout time for any user or teams: Needs improvement."
"Reporting should be improved. The reporting options should be made better for end-users. Currently, it is possible, but it's not the best. Being able to choose what I want to see in my reports rather than being given prefixed information would make my life easier. I had to depend on the API for getting the content that I wanted. If they could fix the reporting feature to make it more comprehensive and user-friendly, it would help a lot of end-users. Everything else was good about this product."
"The support's response time could be faster since we are in different time zones."
"The custom attack preparation screen might be improved."
"The scannings are not sufficiently updated."
"The scanning time, complexity, and authentication features of Invicti could be improved."
"Right now, they are missing the static application security part, especially web application security."
"Maybe the ability to make a good reporting format is needed."
"The solution's false positive analysis and vulnerability analysis libraries could be improved."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Invicti is ranked 20th in Application Security Tools with 25 reviews. Checkmarx One is rated 7.6, while Invicti is rated 8.2. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Invicti writes "A customizable security testing solution with good tech support, but the price could be better". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Invicti is most compared with OWASP Zap, Acunetix, PortSwigger Burp Suite Professional, Qualys Web Application Scanning and Synopsys Defensics. See our Checkmarx One vs. Invicti report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.