Try our new research platform with insights from 80,000+ expert users

Cequence Security vs Checkmarx One comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cequence Security
Ranking in Application Security Tools
24th
Ranking in API Security
6th
Average Rating
10.0
Reviews Sentiment
5.4
Number of Reviews
1
Ranking in other categories
Bot Management (5th)
Checkmarx One
Ranking in Application Security Tools
3rd
Ranking in API Security
3rd
Average Rating
7.6
Reviews Sentiment
6.9
Number of Reviews
70
Ranking in other categories
Static Application Security Testing (SAST) (3rd), Vulnerability Management (21st), Static Code Analysis (2nd), DevSecOps (2nd), Risk-Based Vulnerability Management (8th)
 

Mindshare comparison

As of April 2025, in the Application Security Tools category, the mindshare of Cequence Security is 0.1%, up from 0.1% compared to the previous year. The mindshare of Checkmarx One is 10.7%, down from 15.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

reviewer2395431 - PeerSpot reviewer
Detect and mitigate attacks with API protection
Compliance with standards like those in Europe often requires ensuring that APIs adhere to OAuth and other security protocols. Many organizations need to verify that their APIs meet these compliance requirements. We can include information about where an API was first recorded and create a detailed chart. Some competitors already offer this feature. It is simple to integrate. Overall, I rate the solution a ten out of ten.
Rohit Kesharwani - PeerSpot reviewer
Provides good security analysis and security identification within the source code
We integrate Checkmarx into our software development cycle using GitLab's CI/CD pipeline. Checkmark has been the most helpful for us in the development stage. The solution's incremental scanning feature has impacted our development speed. The solution's vulnerability detection is around 80% to 90% accurate. I would recommend Checkmarx to other users because it is one of the good tools for doing security analysis and security identification within the source code. Overall, I rate Checkmarx a nine out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It uses machine learning algorithms to detect attacks and manage API inventory."
"The most valuable features of Checkmarx are difficult to pinpoint because of the way the functionalities and the features are intertwined, it's difficult to say which part of them I prefer most. You initiate the scan, you have a scan, you have the review set, and reporting, they all work together as one whole process. It's not like accounting software, where you have the different features, et cetera."
"It gives the proper code flow of vulnerabilities and the number of occurrences."
"The administration in Checkmarx is very good."
"Vulnerability details is valuable."
"The most valuable features of Checkmarx are the SCA module and the code-checking module. Additionally, the solutions are explanatory and helpful."
"What I like best about Checkmarx is that it has fewer false positives than other products, giving you better results."
"The SAST component was absolutely 100% stable."
"The process of remediating software security vulnerabilities can now be performed (ongoing) as portions of the application are being built in advance of being compiled."
 

Cons

"It is expensive."
"As the solution becomes more complex and feature rich, it takes more time to debug and resolve problems. Feature-wise, we have no complaints, but Checkmarx becomes harder to maintain as the product becomes more complex. When I talk to support, it takes them longer to fix the problem than it used to."
"There is nothing particular that I don't like in this solution. It can have more integrations, but the integrations that we would like are in the roadmap anyway, and they just need to deliver the roadmap. What I like about the roadmap is that it is going where it needs to go. If I were to look at the roadmap, there is nothing that is jumping out there that says to me, "Yeah. I'd like something else on the roadmap." What they're looking to deliver is what I would expect and forecast them to deliver."
"Checkmarx reports many false positives that we need to manually segregate and mark “Not exploitable”."
"Its pricing model can be improved. Sometimes, it is a little complex to understand its pricing model."
"We can run only one project at a time."
"The Dynamic Application Security Testing (DAST) feature should be better."
"Checkmarx could improve by reducing the price."
"Integration into the SDLC (i.e. support for last version of SonarQube) could be added."
 

Pricing and Cost Advice

Information not available
"This solution is expensive. The customized package allows you to buy additional users at any time."
"We got a special offer for a 30% reduction for three years, after our first year. I think for a real source-code scanning tool, you have to add a lot of money for Open Source Analysis, and AppSec Coach (160 Euro per user per year)."
"I believe pricing is better compared to other commercial tools."
"The solution is costly."
"We're using a commercial version of Checkmarx, and we paid for the solution for one year. The price is high and could be reduced."
"For around 250 users or committers, the cost is approximately $500,000."
"Most of my customers opted for a perpetual license. They prefer to pay the highest amount up front for the perpetual license and then pay for additional support annually."
"It is an expensive solution."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
18%
Computer Software Company
17%
Educational Organization
8%
Manufacturing Company
7%
Financial Services Firm
21%
Computer Software Company
15%
Manufacturing Company
10%
Government
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

How does Cequence Security establish a baseline of normal application behavior and detect anomalies?
Cequence Security employs advanced machine learning and AI techniques to analyze the behavior of our applications in real-time. By continuously monitoring and processing data from user interactions...
What is Cequence Security's API Spartan and how can it help defend our company's infrastructure from bot attacks?
Cequence Security's behavior-based bot defense relies on the industry's largest threat database of bot behaviors, enabling users to track and block automated attacks with unparalleled efficacy rate...
What is API inventory and how does Cequence Security utilize it?
API inventory processes are essential, and Cequence Security recognizes their significance, both from a security and management perspective. The developers of the solution understand that you canno...
What alternatives are there for Fortify WebInspect and Fortify SCA?
I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as well. Veracode is only a cloud solution. Hope this helps.
What do you like most about Checkmarx?
Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%.
What is your experience regarding pricing and costs for Checkmarx?
The pricing is relatively expensive due to the product's quality and performance, but it is worth it.
 

Also Known As

Cequence ASP, Cequence Unified API Protection Platform
No data available
 

Overview

 

Sample Customers

American Express, Lbrands, Ulta Beauty
YIT, Salesforce, Coca-Cola, SAP, U.S. Army, Liveperson, Playtech Case Study: Liveperson Implements Innovative Secure SDLC
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools. Updated: March 2025.
845,040 professionals have used our research since 2012.