We performed a comparison between Acunetix and Checkmarx One based on real PeerSpot user reviews.
Find out in this report how the two DevSecOps solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature of Acunetix is the UI and the scan results are simple."
"I haven't seen reporting of that level in any other tool."
"The usability and overall scan results are good."
"The automated approach to these repetitive discovery attempts would take days to do manually and therefore it helps reduce the time needed to do an assessment."
"Their technical support has been very active. If I have an issue, I can reach out to them and get an answer pretty quick."
"We use the solution for the scanning of vulnerabilities like SQL injections."
"The most important feature is that it's a web-based graphical user interface. That is a great addition. Also, the ability to schedule scans is great."
"It comes equipped with an internal applicator, which automatically identifies and addresses vulnerabilities within the program."
"The most valuable feature is that it actually identifies the different criteria you can set to meet whatever standards you're trying to get your system accredited for."
"From my point of view, it is the best product on the market."
"The main thing we find valuable about Checkmarx is the ease of use. It's easy to initiate scans and triage defects."
"It's not an obstacle for developers. They can easily write their code and make it more secure with Checkmarx."
"The value you can get out of the speedy production may be worth the price tag."
"The most valuable feature is the simple user interface."
"The report function is the solution's greatest asset."
"The solution communicates where to fix the issue for the purpose of less iterations."
"The jargon used makes it difficult for project managers to understand the issues, and the technical explanations used make it difficult for developers to understand issues. These things should be simplified much more. That would be very helpful for us when explaining to them what needs to be fixed. The report output needs to be simplified."
"The solution can be improved by adding the ability to scan subdomains automatically, and by providing reports that can be exported to external databases to share with other solutions."
"The only problem that they have is the price. It is a bit expensive, and you cannot change the number of applications for the whole year."
"Currently only supports web scanning."
"It should be easier to recreate something manually, with the manual tool, because Acunetix is an automatic tool. If it finds something, it should be easier to manually replicate it. Sometimes you don't get the raw data from the input and output, so that could be improved."
"The solution's pricing could be better."
"The vulnerability identification speed should be improved."
"There are some versions of the solution that are not as stable as others."
"I think the CxAudit tool has room for improvement. At the beginning you can choose a scan of a project, but in any event the project must be scanned again (wasting time)."
"The validation process needs to be sped up."
"Licensing models and Swift language support are the aspects in which this product needs to improve. Swift is a new language, in which major customers require support for lower prices."
"The tool is currently quite static in terms of finding security vulnerabilities. It would be great if it was more dynamic and we had even more tools at our disposal to keep us safe. It would help if there was more scanning or if the process was more automated."
"Some of the descriptions were found to be missing or were not as elaborate as compared to other descriptions. Although, they could be found across various standard sources but it would save a lot of time for developers, if this was fixed."
"When we first ran it on a big project, there wasn't enough memory on the computer. It originally ran with eight gigabytes, and now it runs with 32. The software stopped at some point, and while I don't think it said it ran out of memory, it just said "stopped" and something else. We had to go to the logs and send them to the integrator, and eventually, they found a memory issue in the logs and recommended increasing the memory. We doubled it once, and it didn't seem enough. We doubled it again, and it helped."
"Checkmarx is not good because it has too many false positive issues."
"Checkmarx could be improved with more integration with third-party software."
Acunetix is ranked 5th in DevSecOps with 26 reviews while Checkmarx One doesn't meet the minimum requirements to be ranked in DevSecOps with 67 reviews. Acunetix is rated 7.6, while Checkmarx One is rated 7.6. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, PortSwigger Burp Suite Professional, HCL AppScan and Rapid7 Metasploit, whereas Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and GitLab. See our Acunetix vs. Checkmarx One report.
See our list of best Application Security Testing (AST) vendors, best Vulnerability Management vendors, and best DevSecOps vendors.
We monitor all DevSecOps reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
