We performed a comparison between Checkmarx One and Rapid7 AppSpider based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The process of remediating software security vulnerabilities can now be performed (ongoing) as portions of the application are being built in advance of being compiled."
"It gives the proper code flow of vulnerabilities and the number of occurrences."
"The most valuable features of Checkmarx are the Best Fix Location and the Payments option because you can save a lot of time trying to mitigate the configuration. Using these tools can save you a lot of time."
"Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%."
"The ability to track the vulnerabilities inside the code (origin and destination of weak variables or functions)."
"It can integrate very well with DAST solutions. So both of them are combined into an integrated solution for customers running application security."
"The feature that I have found most valuable is that its number of false positives is less than the other security application platforms. Its ease of use is another good feature. It also supports most of the languages."
"It is a stable product."
"I like the ability the product has to detect vulnerabilities quickly, when it has been released in our environment, then displaying them to us."
"The most valuable feature of Rapid7 AppSpider is the vulnerability reporting data. Additionally, the data is reported in a convenient way rather than seeing them as a PDF. We are able to generate all the reports exactly what we want in a flexible way."
"It scans all the components developed within a web application."
"I would say that it is stable, as I am not aware of any major issues."
"The initial deployment is very straightforward and simple. The product is stable if configured properly."
"What I like most about AppSpider is that it's easy to use and its automated scan gives me all the details I need to know when it comes to vulnerabilities and their solutions."
"AppSpider's most valuable feature is reporting - everything is stored in the local database so it can be sent to other machines."
"It is really accurate and the rate of false positives is very low."
"It provides us with quite a handful of false positive issues. If Checkmarx could reduce this number, it would be a great tool to use."
"You can't use it in the continuous delivery pipeline because the scanning takes too much time."
"Micro-services need to be included in the next release."
"Checkmarx has a slightly difficult compilation with the CI/CD pipeline."
"Checkmarx is not good because it has too many false positive issues."
"The tool is currently quite static in terms of finding security vulnerabilities. It would be great if it was more dynamic and we had even more tools at our disposal to keep us safe. It would help if there was more scanning or if the process was more automated."
"Checkmarx needs to be more scalable for large enterprise companies."
"Implementing a blackout time for any user or teams: Needs improvement."
"AppSpider could improve in the area of integration. They need to add more integration opportunities."
"The tech support is responsive but issues remain unresolved."
"Support response times are slow and can be improved."
"The dashboard and interface are crucial and they need some improvement."
"It needs better integration with mobile applications."
"The product needs to be able to scale for large companies, like ours. We have millions of IP addresses that need to be scanned, and the scalability is not great."
"The enterprise interface is too simple. It should be more customizable."
"There are some glitches with stability, and it is an area for improvement."
Checkmarx One is ranked 3rd in Application Security Testing (AST) with 67 reviews while Rapid7 AppSpider is ranked 25th in Application Security Testing (AST) with 13 reviews. Checkmarx One is rated 7.6, while Rapid7 AppSpider is rated 7.8. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Rapid7 AppSpider writes "Useful vulnerability reporting data, flexible, and simple implementation". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Rapid7 AppSpider is most compared with Rapid7 InsightAppSec, OWASP Zap, Acunetix, Invicti and Veracode. See our Checkmarx One vs. Rapid7 AppSpider report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.