Try our new research platform with insights from 80,000+ expert users

Checkmarx One vs CrowdStrike Falcon Cloud Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Checkmarx One
Ranking in Application Security Tools
3rd
Average Rating
7.6
Reviews Sentiment
6.9
Number of Reviews
70
Ranking in other categories
Static Application Security Testing (SAST) (3rd), Vulnerability Management (21st), Static Code Analysis (2nd), API Security (3rd), DevSecOps (2nd), Risk-Based Vulnerability Management (8th)
CrowdStrike Falcon Cloud Se...
Ranking in Application Security Tools
13th
Average Rating
8.2
Reviews Sentiment
7.5
Number of Reviews
29
Ranking in other categories
Container Security (6th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), Cloud-Native Application Protection Platforms (CNAPP) (7th), Cloud Infrastructure Entitlement Management (CIEM) (2nd), Application Security Posture Management (ASPM) (5th)
 

Mindshare comparison

As of April 2025, in the Application Security Tools category, the mindshare of Checkmarx One is 10.7%, down from 15.1% compared to the previous year. The mindshare of CrowdStrike Falcon Cloud Security is 0.8%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

Rohit Kesharwani - PeerSpot reviewer
Provides good security analysis and security identification within the source code
We integrate Checkmarx into our software development cycle using GitLab's CI/CD pipeline. Checkmark has been the most helpful for us in the development stage. The solution's incremental scanning feature has impacted our development speed. The solution's vulnerability detection is around 80% to 90% accurate. I would recommend Checkmarx to other users because it is one of the good tools for doing security analysis and security identification within the source code. Overall, I rate Checkmarx a nine out of ten.
Saif Ullah Khan - PeerSpot reviewer
Boosts security by automatically blocking applications or activities, but query responses have been slower recently
For the past six months, we have been facing some issues. Because it is a cloud-based infrastructure, it has been getting slower. There are no bugs because they release updates continuously. We highly appreciate that, but during hunting or running a query on different logs, the time frame has increased in the past six months. It takes longer to give us the results. Another issue is the lack of proper documentation. During investigations, there is no proper documentation available. This is a problem because many people are saying there should be proper documentation explaining what CrowdStrike captures from the machine and the meaning of it.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We were using HPE Security Fortify to scan code for security vulnerabilities, but it can scan only after a successful compile. If the code has dependencies or build errors, the scan fails. With Checkmarx, pre-compile scanning is seamless. This allows us to scan more code."
"The solution improved the efficiency of our code security reviews. It helps tremendously because it finds hundreds of potential problems sometimes."
"The feature that I have found most valuable is that its number of false positives is less than the other security application platforms. Its ease of use is another good feature. It also supports most of the languages."
"The administration in Checkmarx is very good."
"The main benefit to using this solution is that we find vulnerabilities in our software before the development cycle is complete."
"The user interface is excellent. It's very user friendly."
"Checkmarx has helped us deliver more secure products. We are able to do static code analysis with the tool before shipping our code to production. When the integration is in the pipeline, this tool gives us early notifications on code fixes."
"The only thing I like is that Checkmarx does not need to compile."
"The most valuable features are the real-time response, which allows me to log into a machine to pull files and check signatures for malicious activities, and the ability to restrict USB block storage usage on endpoints by policy."
"The most valuable features of CrowdStrike Falcon Cloud Security are Cloud Security Posture Management and Cloud Workload Protection, offering more visibility and protection across our cloud environment."
"Cloud security is one valuable feature. Spotlight is the other one. There is also vulnerability management and a couple of more features."
"It helps us by automatically blocking certain applications or activities."
"The most valuable features of CrowdStrike Falcon include its automation capabilities, efficacy, and lower risk."
"Technical support is helpful."
"We like the solution's management and monitoring tools for our network. We use it to monitor our network between workstations and outside our organization. The AI provides useful visualizations of our network on a dashboard."
"I have contacted customer service, and they are fast."
 

Cons

"The product can be improved by continuing to expand the application languages and frameworks that can be scanned for vulnerabilities. This includes expanded coverage for mobile applications as well as open-source development tools."
"Its user interface could be improved and made more friendly."
"I would like to see the rate of false positives reduced."
"It would be really helpful if the level of confidence was included, with respect to identified issues."
"Creating and editing custom rules in Checkmarx is difficult because the license for the editor comes at an additional cost, and there is a steep learning curve."
"The cost per user is high and should be reduced."
"I would like to see the DAST solution in the future."
"Checkmarx has a slightly difficult compilation with the CI/CD pipeline."
"There should be cloud storage scanning. We would like to have cloud storage vulnerability and threat management on any cloud storage."
"The only challenge lies in token verification."
"The file integrity monitoring feature should be enhanced and offered more control"
"For the past six months, we have been facing some issues. Because it is a cloud-based infrastructure, it has been getting slower."
"The SIEM needs to be more developed."
"The tool is expensive."
"The tool's scalability is low."
"There is room for improvement in the solution's ability to handle Linux systems."
 

Pricing and Cost Advice

"We got a special offer for a 30% reduction for three years, after our first year. I think for a real source-code scanning tool, you have to add a lot of money for Open Source Analysis, and AppSec Coach (160 Euro per user per year)."
"The pricing is competitive and provides a lower TCO (total cost of ownership) for achieving application security."
"​Checkmarx is not a cheap scanning tool, but none of the security tools are cheap. Checkmarx is a powerful scanning tool, and it’s essential to have one of these products."
"Checkmarx is comparatively costlier than other products, which is why some of the customers feel reluctant to go for it, though performance-wise, Checkmarx can compete with other products."
"I believe pricing is better compared to other commercial tools."
"It is a good product but a little overpriced."
"We're using a commercial version of Checkmarx, and we paid for the solution for one year. The price is high and could be reduced."
"It is an expensive solution."
"I am not the one who handled the pricing. A different team worked on it, but it is pretty expensive."
"It's an expensive product"
"CrowdStrike Falcon Cloud Security is pricy."
"The price is not too high, it is okay."
"The pricing is fair for what you get. I'd rate them a solid nine out of ten in terms of pricing."
"CrowdStrike Falcon Cloud Security is very expensive for us. Last month, we had a big issue that took much time and money to resolve. It slowed down our business and required our management team to get involved. We had a problem similar to the "Blue Screen of Death" issue many US companies faced. This incident used up many of our IT resources in just a few months. That's why we're looking for a replacement tool now."
"CrowdStrike Falcon is very expensive."
"It is expensive, but it adds value."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
21%
Computer Software Company
15%
Manufacturing Company
10%
Government
5%
Computer Software Company
15%
Financial Services Firm
15%
Manufacturing Company
8%
Insurance Company
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What alternatives are there for Fortify WebInspect and Fortify SCA?
I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as well. Veracode is only a cloud solution. Hope this helps.
What do you like most about Checkmarx?
Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%.
What is your experience regarding pricing and costs for Checkmarx?
The pricing is relatively expensive due to the product's quality and performance, but it is worth it.
What do you like most about CrowdStrike Falcon Cloud Security?
It's easy to gather insights and conduct analysis about existing threats.
What is your experience regarding pricing and costs for CrowdStrike Falcon Cloud Security?
It's an expensive product. The solution costs around $60 for a single user on a yearly basis. I would rate the pricing a four out of ten.
What needs improvement with CrowdStrike Falcon Cloud Security?
I am not part of the current monitoring team, so I do not know how they feel about the tool. I am sharing information related to the tool based on the feedback and on my experience deploying it fou...
 

Also Known As

No data available
CrowdStrike Falcon ASPM
 

Overview

 

Sample Customers

YIT, Salesforce, Coca-Cola, SAP, U.S. Army, Liveperson, Playtech Case Study: Liveperson Implements Innovative Secure SDLC
Information Not Available
Find out what your peers are saying about Checkmarx One vs. CrowdStrike Falcon Cloud Security and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.