We performed a comparison between Apiiro and Checkmarx One based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Apiiro's secrets detection feature has saved us several times, which we appreciate greatly."
"The workflow automation is likely the best aspect of the solution."
"The ability to track the vulnerabilities inside the code (origin and destination of weak variables or functions)."
"The most valuable feature of Checkmarx is the user interface, it is very easy to use. We do not need to configure anything, we only have to scan to see the results."
"It has all the features we need."
"The user interface is excellent. It's very user friendly."
"The report function is the solution's greatest asset."
"The most valuable feature is the application tracking reporting."
"The feature that I have found most valuable is that its number of false positives is less than the other security application platforms. Its ease of use is another good feature. It also supports most of the languages."
"The main thing we find valuable about Checkmarx is the ease of use. It's easy to initiate scans and triage defects."
"User management is a little bit clunky."
"I would like support for our self-hosted Git server, other than GitHub, just regular Git."
"Licensing models and Swift language support are the aspects in which this product needs to improve. Swift is a new language, in which major customers require support for lower prices."
"The cost per user is high and should be reduced."
"We have received some feedback from our customers who are receiving a large number of false positives."
"We are trying to find out if there is a way to identify the run-time null values. I am analyzing different tools to check if there is any tool that supports run-time null value identification, but I don't think any of the tools in the market currently supports this feature. It would be helpful if Checkmarx can identify and throw an exception for a null value at the run time. It would make things a lot easier if there is a way for Checkmarx to identify nullable fields or hard-coded values in the code. The accessibility for customized Checkmarx rules is currently limited and should be improved. In addition, it would be great if Checkmarx can do static code and dynamic code validation. It does a lot of security-related scanning, and it should also do static code and dynamic code validation. Currently, for security-related validation, we are using Checkmarx, and for static code and dynamic code validation, we are using some other tools. We are spending money on different tools. We can pay a little extra money and use Checkmarx for everything."
"Its user interface could be improved and made more friendly."
"Checkmarx could improve the speed of the scans."
"I would like to see the DAST solution in the future."
"We want to have a holistic view of the portfolio-level dashboard and not just an individual technical project level."
Apiiro is ranked 21st in Static Application Security Testing (SAST) with 2 reviews while Checkmarx One is ranked 3rd in Static Application Security Testing (SAST) with 67 reviews. Apiiro is rated 8.6, while Checkmarx One is rated 7.6. The top reviewer of Apiiro writes "A great secrets detection feature, good visibility, and integrates well". On the other hand, the top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". Apiiro is most compared with Snyk, Ox Security, Cycode and SonarQube, whereas Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity. See our Apiiro vs. Checkmarx One report.
See our list of best Static Application Security Testing (SAST) vendors, best API Security vendors, and best Risk-Based Vulnerability Management vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.