We performed a comparison between Checkmarx One and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Apart from software scanning, software composition scanning is valuable."
"The reports are very good because they include details on the code level, and make suggestions about how to fix the problems."
"The setup is fairly easy. We didn't struggle with the process at all."
"Most valuable features include: ease of use, dashboard. interface and the ability to report."
"It shows in-depth code of where actual vulnerabilities are."
"Our static operation security has been able to identify more security issues since implementing this solution."
"The UI is user-friendly."
"The features and technologies are very good. The flexibility and the roadmap have also been very good. They're at the forefront of delivering the additional capabilities that are required with cloud delivery, etc. Their ability to deliver what customers require and when they require is very important."
"The reporting part is the most valuable. It also has very good features. We use almost all of the features for different kinds of customers and needs."
"The automated scan is what I find most useful because a lot of customers will need it. Not every domain will be looking for complete security, they just need a stamp on the security key. For these kinds of customers, the scan works really well."
"PortSwigger Burp Suite Professional has an intercept tab that helps us to scan our APIs, set the response, and request errors."
"The most valuable feature is the application security. It also has a reasonable price."
"The most valuable feature is Burp Collaborator."
"BurpSuite helps us to identify and fix silly mistakes that are sometimes introduced by our developers in their coding."
"It offers very good accuracy. You can trust the results."
"The solution has a great user interface."
"Checkmarx being Windows only is a hindrance. Another problem is: why can't I choose PostgreSQL?"
"The pricing can get a bit expensive, depending on the company's size."
"Checkmarx could improve by reducing the price."
"The solution sometimes reports a false auditable code or false positive."
"C, C++, VB and T-SQL are not supported by this product. Although, C and C++ were advertised as being supported."
"Checkmarx could be improved with more integration with third-party software."
"Meta data is always needed."
"The interactive application security testing, or IAST, the interactive part where you're looking at an application that lives in a runtime environment on a server or virtual machine, needs improvement."
"The solution’s pricing could be improved."
"It would be good if the solution could give us more details about what exactly is defective."
"The use of system memory is an area that can be improved because it uses a lot."
"If we're running a huge number of scans regularly, it slows down the tool."
"I would like to see a more optimized solution, as it currently uses a lot of CPU power and memory."
"The reporting needs to be improved; it is very bad."
"The pricing of the solution is quite high."
"The biggest improvement that I would like to see from PortSwigger that today many people see as an issue in their testing. There might be a feature which might be desired."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 55 reviews. Checkmarx One is rated 7.6, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Rapid7 InsightAppSec. See our Checkmarx One vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.