We performed a comparison between Acunetix and Checkmarx One based on real PeerSpot user reviews.
Find out in this report how the two DevSecOps solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning time depends on the application's code."
"Acunetix is the best service in the world. It is easy to manage. It gives a lot of information to the users to see and identify problems in their site or applications. It works very well."
"I haven't seen reporting of that level in any other tool."
"We are able to create a report which shows the PCI DSS scoring and share it with the application teams. Then, they can correlate and see exactly what they need to fix, and why."
"Overall, it's a very good tool and a very good engine."
"The scalability is good. The scalability is more than good because it can operate both as a standalone and it can be integrated as part of applications. So that really makes it a very, very versatile solution to have."
"The solution is highly stable."
"For us, the most valuable aspect of the solution is the log-sequence feature."
"It is a stable product."
"Scan reviews can occur during the development lifecycle."
"The identification of verification-related security vulnerabilities is really important and one of the key things. It also identifies vulnerabilities for any kind of third-party tool coming into the system or any third-party tools that you are using, which is very useful for avoiding random hacking."
"The most valuable features of Checkmarx are difficult to pinpoint because of the way the functionalities and the features are intertwined, it's difficult to say which part of them I prefer most. You initiate the scan, you have a scan, you have the review set, and reporting, they all work together as one whole process. It's not like accounting software, where you have the different features, et cetera."
"The most valuable features of Checkmarx are the SCA module and the code-checking module. Additionally, the solutions are explanatory and helpful."
"The ability to track the vulnerabilities inside the code (origin and destination of weak variables or functions)."
"The setup is very easy. There is a lot of information in the documents which makes the install not difficult at all."
"The best thing about Checkmarx is the amount of vulnerabilities that it can find compared to other free tools."
"Acunetix needs to improve its cost."
"I had some issues with the JSON parameters where it found some strange vulnerabilities, but it didn't alert the person using it or me about these vulnerabilities, e.g., an error for SQL injection."
"Tools that would allow us to work more efficiently with the mobile environment, with Android and iOS."
"We want to see how much bandwidth usage it consumes. When we monitor traffic we have issues with the consumption and throttling of the traffic."
"The solution can be improved by adding the ability to scan subdomains automatically, and by providing reports that can be exported to external databases to share with other solutions."
"The only problem that they have is the price. It is a bit expensive, and you cannot change the number of applications for the whole year."
"Integration into other tools is very limited for Acunetix. While we're trying to incorporate a CI/CD process where we're integrating with JIRA and we're integrating with Jenkins and Chef, it becomes problematic. Other tools give you a high integration capability to connect into different solutions that you may already have, like JIRA."
"The jargon used makes it difficult for project managers to understand the issues, and the technical explanations used make it difficult for developers to understand issues. These things should be simplified much more. That would be very helpful for us when explaining to them what needs to be fixed. The report output needs to be simplified."
"Checkmarx has a slightly difficult compilation with the CI/CD pipeline."
"Implementing a blackout time for any user or teams: Needs improvement."
"We have received some feedback from our customers who are receiving a large number of false positives."
"The integration could improve by including, for example, DevSecOps."
"One area for improvement in Checkmarx is pricing, as it's more expensive than other products."
"I would like the product to include more debugging and developed tools. It needs to also add enhancements on the coding side."
"Updating and debugging of queries is not very convenient."
"You can't use it in the continuous delivery pipeline because the scanning takes too much time."
Acunetix is ranked 6th in DevSecOps with 26 reviews while Checkmarx One is ranked 2nd in DevSecOps with 67 reviews. Acunetix is rated 7.6, while Checkmarx One is rated 7.6. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, PortSwigger Burp Suite Professional, HCL AppScan and Rapid7 Metasploit, whereas Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and GitHub. See our Acunetix vs. Checkmarx One report.
See our list of best Application Security Testing (AST) vendors, best Vulnerability Management vendors, and best DevSecOps vendors.
We monitor all DevSecOps reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
