We performed a comparison between Checkmarx and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The features and technologies are very good. The flexibility and the roadmap have also been very good. They're at the forefront of delivering the additional capabilities that are required with cloud delivery, etc. Their ability to deliver what customers require and when they require is very important."
"The most valuable features are the easy to understand interface, and it 's very user-friendly."
"The most valuable features of Checkmarx are the automation and information that it provides in the reports."
"The user interface is excellent. It's very user friendly."
"The ability to track the vulnerabilities inside the code (origin and destination of weak variables or functions)."
"The best thing about Checkmarx is the amount of vulnerabilities that it can find compared to other free tools."
"Helps us check vulnerabilities in our SAP Fiori application."
"Vulnerability details is valuable."
"BurpSuite helps us to identify and fix silly mistakes that are sometimes introduced by our developers in their coding."
"There is no other tool like it. I like the intuitiveness and the plugins that are available."
"The most valuable features are Burp Intruder and Burp Scanner."
"For pentesting scenarios, this is the number one tool. It can capture the request, and there are so many functions that are very good for that. For example, a black box satellite host."
"The extension that it provides with the community version for the skills mapping is excellent."
"We use the solution for vulnerability assessment in respect of the application and the sites."
"I have found this solution has more plugins than other competitors which is a benefit. You are able to attach different plugins to the security scan to add features. For example, you can check to see if there are any payment systems that exist on a server, or username and password brute force analysis."
"The initial setup is simple."
"Checkmarx is not good because it has too many false positive issues."
"It provides us with quite a handful of false positive issues. If Checkmarx could reduce this number, it would be a great tool to use."
"The reports are good, but they still need to be improved considering what the UI offers."
"One area for improvement in Checkmarx is pricing, as it's more expensive than other products."
"C, C++, VB and T-SQL are not supported by this product. Although, C and C++ were advertised as being supported."
"It would be really helpful if the level of confidence was included, with respect to identified issues."
"Micro-services need to be included in the next release."
"Implementing a blackout time for any user or teams: Needs improvement."
"The biggest drawback is reporting. It's not so good. I can download them, but they're not so informative."
"The technical support team's response time is mostly delayed and should be improved."
"The Burp Collaborator needs improvement. There also needs to be improved integration."
"The one feature that I would like to see in Burp is active scanning of REST based web services. A lot of organizations are providing APIs to access their services to support different business models like SaaS. Scanning these APIs is still a challenge for many security product companies."
"I would like to see a more optimized solution, as it currently uses a lot of CPU power and memory."
"There is a lot to this product, and it would be good if when you purchase the tool, they can provide us with a more extensive user manual."
"The number of false positives need to be reduced on the solution."
"The solution is not easy to set it up. You need a lot of knowledge."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Checkmarx is ranked 3rd in Application Security Tools with 67 reviews while PortSwigger Burp Suite Professional is ranked 12th in Application Security Tools with 54 reviews. Checkmarx is rated 7.6, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Checkmarx writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Checkmarx is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Rapid7 InsightAppSec. See our Checkmarx vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.