We performed a comparison between Checkmarx One and Fortify Software Security Center based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Testing (AST)."The most valuable feature for me is the Jenkins Plugin."
"The most valuable feature is the simple user interface."
"The setup is fairly easy. We didn't struggle with the process at all."
"The best thing about Checkmarx is the amount of vulnerabilities that it can find compared to other free tools."
"The value you can get out of the speedy production may be worth the price tag."
"It shows in-depth code of where actual vulnerabilities are."
"The most valuable feature of Checkmarx is the user interface, it is very easy to use. We do not need to configure anything, we only have to scan to see the results."
"The solution is always updating to continuously add items that create a level of safety from vulnerabilities. It's one of the key features they provide that's an excellent selling point. They're always ahead of the game when it comes to finding any vulnerabilities within the database."
"You can easily download the tool's rule packs and update them."
"This is a stable solution at the end of the day."
"The reporting is very useful because you can always view an entire list of the issues that you have."
"Checkmarx has a slightly difficult compilation with the CI/CD pipeline."
"Checkmarx reports many false positives that we need to manually segregate and mark “Not exploitable”."
"The solution's user interface could be improved because it seems outdated."
"Checkmarx could improve the REST APIs by including automation."
"Checkmarx being Windows only is a hindrance. Another problem is: why can't I choose PostgreSQL?"
"They can support the remaining languages that are currently not supported. They can also create a different model that can identify zero-day attacks. They can work on different patterns to identify and detect zero-day vulnerability attacks."
"Checkmarx needs to improve the false positives and provide more accuracy in identifying vulnerabilities. It misses important vulnerabilities."
"The lack of ability to review compiled source code. It would then be able to compete with other scanning tools, such as Veracode."
"Fortify Software Security Center's setup is really painful."
"This solution is difficult to implement, and it should be made more comfortable for the end-users."
"We are having issues with false positives that need to be resolved."
More Fortify Software Security Center Pricing and Cost Advice →
Checkmarx One is ranked 3rd in Application Security Testing (AST) with 67 reviews while Fortify Software Security Center is ranked 27th in Application Security Testing (AST) with 3 reviews. Checkmarx One is rated 7.6, while Fortify Software Security Center is rated 7.4. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Fortify Software Security Center writes "A fair-priced solution that helps with application security testing ". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Fortify Software Security Center is most compared with Fortify on Demand, Tricentis Tosca and Fortify WebInspect.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.