We performed a comparison between Checkmarx One and Rapid7 AppSpider based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It gives the proper code flow of vulnerabilities and the number of occurrences."
"Apart from software scanning, software composition scanning is valuable."
"One of the most valuable features is it is flexible."
"The only thing I like is that Checkmarx does not need to compile."
"Checkmarx has helped us deliver more secure products. We are able to do static code analysis with the tool before shipping our code to production. When the integration is in the pipeline, this tool gives us early notifications on code fixes."
"The most valuable features are the easy to understand interface, and it 's very user-friendly."
"The reports are very good because they include details on the code level, and make suggestions about how to fix the problems."
"The most valuable features of Checkmarx are the Best Fix Location and the Payments option because you can save a lot of time trying to mitigate the configuration. Using these tools can save you a lot of time."
"When it is set up properly, it can do scanning on web apps with multiple engines automatically."
"The entire solution is interactive and has a point-and-click user experience, which makes it easy to find items or drill down on information. You don't need specialized skills to use the product."
"It scans all the components developed within a web application."
"What I like most about AppSpider is that it's easy to use and its automated scan gives me all the details I need to know when it comes to vulnerabilities and their solutions."
"Rapid7 AppSpider is good at managing different applications. It uses applets and generates reports to cover the PCA/GDPR compliance requirements."
"It is really accurate and the rate of false positives is very low."
"I like the ability the product has to detect vulnerabilities quickly, when it has been released in our environment, then displaying them to us."
"I would say that it is stable, as I am not aware of any major issues."
"Its user interface could be improved and made more friendly."
"It provides us with quite a handful of false positive issues. If Checkmarx could reduce this number, it would be a great tool to use."
"We want to have a holistic view of the portfolio-level dashboard and not just an individual technical project level."
"Checkmarx reports many false positives that we need to manually segregate and mark “Not exploitable”."
"I expect application security vendors to cover all aspects of application security, including SAST, DAST, and even mobile application security testing. And it would be much better if they provided an on-premises and cloud option for all these main application security features."
"The lack of ability to review compiled source code. It would then be able to compete with other scanning tools, such as Veracode."
"It is an expensive solution."
"I would like to see the DAST solution in the future."
"This price of this solution is a little bit expensive."
"The enterprise interface is too simple. It should be more customizable."
"The product needs to be able to scale for large companies, like ours. We have millions of IP addresses that need to be scanned, and the scalability is not great."
"Support response times are slow and can be improved."
"Implementing Rapid7 AppSpider requires scanning and self-identification mechanisms. You can add different types of authentication to each scan."
"AppSpider has some problems with the RAM needed while scanning."
"Integration could be better."
"It needs better integration with mobile applications."
Checkmarx One is ranked 3rd in Application Security Testing (AST) with 67 reviews while Rapid7 AppSpider is ranked 25th in Application Security Testing (AST) with 13 reviews. Checkmarx One is rated 7.6, while Rapid7 AppSpider is rated 7.8. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Rapid7 AppSpider writes "Useful vulnerability reporting data, flexible, and simple implementation". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Rapid7 AppSpider is most compared with Rapid7 InsightAppSec, OWASP Zap, Acunetix, Invicti and Cloudflare. See our Checkmarx One vs. Rapid7 AppSpider report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.