We performed a comparison between Checkmarx One and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the simple user interface."
"The solution communicates where to fix the issue for the purpose of less iterations."
"The most valuable features of Checkmarx are difficult to pinpoint because of the way the functionalities and the features are intertwined, it's difficult to say which part of them I prefer most. You initiate the scan, you have a scan, you have the review set, and reporting, they all work together as one whole process. It's not like accounting software, where you have the different features, et cetera."
"It is very useful because it fits our requirements. It is also easy to use. It is not complex, and we are satisfied with the results."
"The most valuable feature for me is the Jenkins Plugin."
"The user interface is excellent. It's very user friendly."
"The most valuable features of Checkmarx are the automation and information that it provides in the reports."
"The setup is fairly easy. We didn't struggle with the process at all."
"It works with many different products."
"With our vulnerabilities under control, it's putting our services in compliance and minimizing our risk for exposure."
"The most valuable feature of Qualys Web Application Scanning is the effective scanning that can be done."
"The most valuable feature is that we are able to scan the services and put credentials like a user ID password. We can verify the vulnerability level."
"It is a very stable solution."
"The feature that I have found most valuable is the progressive scan. It is good. It's done in 24 hours."
"Key features include: Cloud-based, so the installation is not so tedious. Easily deployed. Highly scalable. Comprehensive reporting."
"The vulnerability management feature is a strong one. And also the patch management feature."
"Some of the descriptions were found to be missing or were not as elaborate as compared to other descriptions. Although, they could be found across various standard sources but it would save a lot of time for developers, if this was fixed."
"The validation process needs to be sped up."
"Micro-services need to be included in the next release."
"Checkmarx is not good because it has too many false positive issues."
"Its pricing model can be improved. Sometimes, it is a little complex to understand its pricing model."
"The resolutions should also be provided. For example, if the user faces any problem regarding an installation due to the internal security policies of their company, there should be a resolution offered."
"Checkmarx could be improved with more integration with third-party software."
"The statistics module has a function that allows you to show some statistics, but I think it's limited. Maybe it needs more information."
"The reporting contains too many false positives."
"There should be better visibility into the application."
"It should have better automatic reporting."
"The pricing does not seem to be competitive."
"Sometimes the response time is low because the handshake fails, and then you have to re-login and start again."
"Deployment can be complicated."
"The area of false positives could be improved. There are quite a number of false positives as compared to other solutions. They could probably fine tune the algorithm to be able to reduce the number of false positives being detected."
"The scanner reports a lot of false positives, which is something that needs to be improved."
More Qualys Web Application Scanning Pricing and Cost Advice →
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Qualys Web Application Scanning is ranked 19th in Application Security Tools with 31 reviews. Checkmarx One is rated 7.6, while Qualys Web Application Scanning is rated 7.8. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, PortSwigger Burp Suite Professional and Snyk. See our Checkmarx One vs. Qualys Web Application Scanning report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.