We performed a comparison between Checkmarx One and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution allows us to create custom rules for code checks."
"The only thing I like is that Checkmarx does not need to compile."
"The UI is user-friendly."
"The most valuable feature of Checkmarx is the user interface, it is very easy to use. We do not need to configure anything, we only have to scan to see the results."
"The solution is always updating to continuously add items that create a level of safety from vulnerabilities. It's one of the key features they provide that's an excellent selling point. They're always ahead of the game when it comes to finding any vulnerabilities within the database."
"The most valuable features of Checkmarx are the Best Fix Location and the Payments option because you can save a lot of time trying to mitigate the configuration. Using these tools can save you a lot of time."
"One of the most valuable features is it is flexible."
"The UI is very intuitive and simple to use."
"We use the solution for vulnerability assessment in respect of the application and the sites."
"The solution is stable."
"Enables automation of different tasks such as authorization testing."
"The way they do the research and they keep their profile up to date is great. They identify vulnerabilities and update them immediately."
"The solution helped us discover vulnerabilities in our applications."
"BurpSuite helps us to identify and fix silly mistakes that are sometimes introduced by our developers in their coding."
"The initial setup is simple."
"PortSwigger Burp Suite Professional is one of the best user-friendly solutions for getting the proxy set up."
"They could work to improve the user interface. Right now, it really is lacking."
"One area for improvement in Checkmarx is pricing, as it's more expensive than other products."
"Its user interface could be improved and made more friendly."
"Checkmarx is not good because it has too many false positive issues."
"I would like the product to include more debugging and developed tools. It needs to also add enhancements on the coding side."
"Its pricing model can be improved. Sometimes, it is a little complex to understand its pricing model."
"The validation process needs to be sped up."
"I would like to see the rate of false positives reduced."
"Sometimes the solution can run a little slow."
"The Iran market does not have after-sales support. PortSwigger Burp Suite Professional needs to provide after-sales support."
"If your application uses multi-factor authentication, registration management cannot be automated."
"One thing that is not up to the mark in PortSwigger is web application testing. I found some issues with its performance and reporting. They should work on these and give us a better outcome."
"The tool is very expensive."
"You can have many false positives in Burp Suite. It depends on the scale of the penetration testing."
"The biggest drawback is reporting. It's not so good. I can download them, but they're not so informative."
"There were a lot of false positives there, and we used to spend a lot of time, like, for security reasons, reproducing those bugs for the development team to fix it."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 55 reviews. Checkmarx One is rated 7.6, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Rapid7 InsightAppSec. See our Checkmarx One vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.