We performed a comparison between Checkmarx One and Contrast Security Protect based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It allows for SAST scanning of uncompiled code. Further, it natively integrates with all key repos formats (Git, TFS, SVN, Perforce, etc)."
"We use the solution for dynamic application testing."
"It's not an obstacle for developers. They can easily write their code and make it more secure with Checkmarx."
"The solution is always updating to continuously add items that create a level of safety from vulnerabilities. It's one of the key features they provide that's an excellent selling point. They're always ahead of the game when it comes to finding any vulnerabilities within the database."
"The most valuable feature for me is the Jenkins Plugin."
"We use the solution to validate the source code and do SAST and security analysis."
"The setup is very easy. There is a lot of information in the documents which makes the install not difficult at all."
"The feature that I have found most valuable is that its number of false positives is less than the other security application platforms. Its ease of use is another good feature. It also supports most of the languages."
"Protect provides us with more in-depth visibility into ongoing attacks."
"The solution has excellent real-time capabilities."
"The product gives a few false positives. We get 99 percent true positives."
"When we first ran it on a big project, there wasn't enough memory on the computer. It originally ran with eight gigabytes, and now it runs with 32. The software stopped at some point, and while I don't think it said it ran out of memory, it just said "stopped" and something else. We had to go to the logs and send them to the integrator, and eventually, they found a memory issue in the logs and recommended increasing the memory. We doubled it once, and it didn't seem enough. We doubled it again, and it helped."
"The validation process needs to be sped up."
"Checkmarx could be improved with more integration with third-party software."
"We can run only one project at a time."
"I would like to see the tool’s pricing improved."
"The cost per user is high and should be reduced."
"It would be really helpful if the level of confidence was included, with respect to identified issues."
"As the solution becomes more complex and feature rich, it takes more time to debug and resolve problems. Feature-wise, we have no complaints, but Checkmarx becomes harder to maintain as the product becomes more complex. When I talk to support, it takes them longer to fix the problem than it used to."
"Contrast Security Protect needs to improve integration."
"There's room for improvement in the initial setup."
"Protect's reporting GUI is very basic. To get all statuses from the APIs, we needed to write our own KPI dashboard to provide reports."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Contrast Security Protect is ranked 32nd in Application Security Tools with 3 reviews. Checkmarx One is rated 7.6, while Contrast Security Protect is rated 8.4. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Contrast Security Protect writes "It provides us with more in-depth visibility into ongoing attacks". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Contrast Security Protect is most compared with SonarQube, Fortify on Demand, Snyk, Tenable.io Web Application Scanning and Sonatype Lifecycle. See our Checkmarx One vs. Contrast Security Protect report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
