We performed a comparison between Checkmarx One and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Less false positive errors as compared to any other solution."
"The feature that I have found most valuable is that its number of false positives is less than the other security application platforms. Its ease of use is another good feature. It also supports most of the languages."
"The main advantage of this solution is its centralized reporting functionality, which lets us track issues, then see and report on the priorities via a web portal."
"Scan reviews can occur during the development lifecycle."
"Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%."
"The most valuable feature is the simple user interface."
"What I like best about Checkmarx is that it has fewer false positives than other products, giving you better results."
"It is very useful because it fits our requirements. It is also easy to use. It is not complex, and we are satisfied with the results."
"The solution is quite helpful for session management and configuration."
"It was easy to learn."
"You can download different plugins if you don't have them in the standard edition."
"The most valuable feature of PortSwigger Burp Suite Professional is the dashboard. It is very informative and you can receive all the information you need in one place. It's clear, well-defined, and organized. Anybody without any cybersecurity can use it."
"BurpSuite helps us to identify and fix silly mistakes that are sometimes introduced by our developers in their coding."
"Enables automation of different tasks such as authorization testing."
"The solution has a pretty simple setup."
"The most valuable feature is the application security. It also has a reasonable price."
"Its user interface could be improved and made more friendly."
"The interactive application security testing, or IAST, the interactive part where you're looking at an application that lives in a runtime environment on a server or virtual machine, needs improvement."
"The solution sometimes reports a false auditable code or false positive."
"Checkmarx needs to improve the false positives and provide more accuracy in identifying vulnerabilities. It misses important vulnerabilities."
"The pricing can get a bit expensive, depending on the company's size."
"Updating and debugging of queries is not very convenient."
"The product's reporting feature could be better. The feature works well for developers, but reports generated to be shared with external parties are poor, it lacks the details one gets when viewing the results directly from the Checkmarx One platform."
"Checkmarx has a slightly difficult compilation with the CI/CD pipeline."
"The solution is not easy to set it up. You need a lot of knowledge."
"The price could be better. The rest is fine."
"Scanning APIs using PortSwigger Burp Suite Professional takes a lot of time."
"I am from Brazil. The currency exchange rate from a dollar to a Brazilian Real is quite steep. It is almost six to one. It would be good if it can be sold in the local currency, and its price is cheaper for us."
"We'd like to have more integration potential across all versions of the product."
"PortSwigger Burp Suite Professional could improve the static code review."
"There were a lot of false positives there, and we used to spend a lot of time, like, for security reasons, reproducing those bugs for the development team to fix it."
"As with most automated security tools, too many false positives."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while PortSwigger Burp Suite Professional is ranked 10th in Application Security Tools with 57 reviews. Checkmarx One is rated 7.6, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Fortify on Demand. See our Checkmarx One vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.