We performed a comparison between Checkmarx One and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The UI is very intuitive and simple to use."
"The solution improved the efficiency of our code security reviews. It helps tremendously because it finds hundreds of potential problems sometimes."
"One of the most valuable features is it is flexible."
"It has all the features we need."
"Overall, the ability to find vulnerabilities in the code is better than the tool that we were using before."
"The main benefit to using this solution is that we find vulnerabilities in our software before the development cycle is complete."
"The ability to track the vulnerabilities inside the code (origin and destination of weak variables or functions)."
"The administration in Checkmarx is very good."
"The initial setup is simple."
"I have found the best features to be the performance and there are a lot of additional plugins available."
"You can scan any number of applications and it updates its database."
"The solution scans web applications and supports APIs, which are the main features I really like."
"The automated scan is what I find most useful because a lot of customers will need it. Not every domain will be looking for complete security, they just need a stamp on the security key. For these kinds of customers, the scan works really well."
"PortSwigger Burp Suite Professional has an intercept tab that helps us to scan our APIs, set the response, and request errors."
""The product is very good just the way it is; It has everything already well established and functions great. I can't see any way for this current version to be improved.""
"PortSwigger Burp Suite does not hamper the node of the server, and it does not shut down the server if it is running."
"This product requires you to create your own rulesets. You have to do a lot of customization."
"Updating and debugging of queries is not very convenient."
"Meta data is always needed."
"The reports are good, but they still need to be improved considering what the UI offers."
"If it is a very large code base then we have a problem where we cannot scan it."
"Implementing a blackout time for any user or teams: Needs improvement."
"Checkmarx has a slightly difficult compilation with the CI/CD pipeline."
"The statistics module has a function that allows you to show some statistics, but I think it's limited. Maybe it needs more information."
"Mitigating the issues and low confluence issues needs some improvement. Implementing demand with the ChatGPT under the web solution is an additional feature I would like to see in the next release."
"The biggest improvement that I would like to see from PortSwigger that today many people see as an issue in their testing. There might be a feature which might be desired."
"The scanner and crawler need to be improved."
"The reporting needs to be improved; it is very bad."
"There is a lot to this product, and it would be good if when you purchase the tool, they can provide us with a more extensive user manual."
"The Burp Collaborator needs improvement. There also needs to be improved integration."
"PortSwigger Burp Suite Professional could improve the static code review."
"Sometimes the solution can run a little slow."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 55 reviews. Checkmarx One is rated 7.6, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Rapid7 InsightAppSec. See our Checkmarx One vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.