Try our new research platform with insights from 80,000+ expert users

Checkmarx One vs Fortify Software Security Center comparison

Checkmarx and OpenText are both solutions in the Static Application Security Testing (SAST) category. Checkmarx is ranked #3 with an average rating of 7.9, while OpenText is ranked #27 with an average rating of 8.5. Checkmarx holds a 12.8% mindshare in SAST, compared to OpenText’s 0.3% mindshare. Additionally, 86% of Checkmarx users are willing to recommend the solution, compared to 100% of OpenText users who would recommend it.
Checkmarx One
Read 70 Checkmarx One reviews
  • 26,318 Views
  • 17,016 Comparison Views
86% willing to recommend
Fortify Software Security C...
Read 4 Fortify Software Security Center reviews
  • 421 Views
  • 336 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 8, 2024

Fortify Software Security Center and Checkmarx One are two prominent solutions competing in application security. Checkmarx One appears to have the upper hand due to its comprehensive features and ease of use.

Features: Fortify offers comprehensive vulnerability coverage, numerous integration options, and strong support. Checkmarx One is known for its intuitive functionality, robust scanning capabilities, and support for multiple programming languages.

Room for Improvement: Fortify users point out the need for improved reporting, faster scanning speeds, and enhanced analytics. Checkmarx One could benefit from better scan accuracy, a more user-friendly installation, and further optimization of its accuracy.

Ease of Deployment and Customer Service: Fortify's deployment is stable but has a steep learning curve. Customer service is proactive yet needs faster response times. Checkmarx One offers a smoother deployment and consistent customer support.

Pricing and ROI: Fortify has a manageable initial setup cost, though its ROI is questioned due to optimization time. Checkmarx One is more expensive but justifies its ROI with streamlined processes and faster integration.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Checkmarx One vs. Fortify Software Security Center Report (Updated: October 2024).
Buyer's Guide
Checkmarx One vs. Fortify Software Security Center
October 2024
Download the complete report
Helped 814,649 peers since 2012
 

Categories and Ranking

Checkmarx One
Ranking in Static Application Security Testing (SAST)
3rd
Average Rating
7.6
Reviews Sentiment
7.9
Number of Reviews
70
Ranking in other categories
Application Security Tools (3rd), Vulnerability Management (16th), Static Code Analysis (2nd), API Security (2nd), DevSecOps (2nd), Risk-Based Vulnerability Management (5th)
Fortify Software Security C...
Ranking in Static Application Security Testing (SAST)
27th
Average Rating
7.8
Number of Reviews
4
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of November 2024, in the Static Application Security Testing (SAST) category, the mindshare of Checkmarx One is 12.8%, down from 13.8% compared to the previous year. The mindshare of Fortify Software Security Center is 0.3%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Static Application Security Testing (SAST)
 

Featured Reviews

Rohit Kesharwani - PeerSpot reviewer
Feb 19, 2024
Provides good security analysis and security identification within the source code
We use the solution to validate the source code and do SAST and security analysis. Checkmarx dynamics code analysis improved our software security posture by showcasing vulnerabilities within the code and identifying or providing recommendations on how to improve The solution's user interface…
Read full review
Kibeom Kim - PeerSpot reviewer
Jun 11, 2024
Has a good collaboration function and is a centralized software solution
We use the product to scan results, store and display data from Azure, identify scan results, analyze, report, and access company data The platform's most effective for identifying vulnerabilities features are the Fortify audit workbench and the collaboration module, which allow developers and…
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution improved the efficiency of our code security reviews. It helps tremendously because it finds hundreds of potential problems sometimes."
"We were using HPE Security Fortify to scan code for security vulnerabilities, but it can scan only after a successful compile. If the code has dependencies or build errors, the scan fails. With Checkmarx, pre-compile scanning is seamless. This allows us to scan more code."
"One of the most valuable features is it is flexible."
"Vulnerability details is valuable."
"It can integrate very well with DAST solutions. So both of them are combined into an integrated solution for customers running application security."
"The setup is very easy. There is a lot of information in the documents which makes the install not difficult at all."
"Checkmarx has helped us deliver more secure products. We are able to do static code analysis with the tool before shipping our code to production. When the integration is in the pipeline, this tool gives us early notifications on code fixes."
"From my point of view, it is the best product on the market."
More Checkmarx One pros
"Fortify Analytics' AI function helps scan and provides more detailed explanations and recommendations about vulnerabilities."
"The reporting is very useful because you can always view an entire list of the issues that you have."
"This is a stable solution at the end of the day."
"You can easily download the tool's rule packs and update them."
 

Cons

"The resolutions should also be provided. For example, if the user faces any problem regarding an installation due to the internal security policies of their company, there should be a resolution offered."
"I would like to see the DAST solution in the future."
"Checkmarx being Windows only is a hindrance. Another problem is: why can't I choose PostgreSQL?"
"Meta data is always needed."
"They could work to improve the user interface. Right now, it really is lacking."
"We can run only one project at a time."
"The cost per user is high and should be reduced."
"Checkmarx needs to be more scalable for large enterprise companies."
More Checkmarx One cons
"Fortify Software Security Center's setup is really painful."
"This solution is difficult to implement, and it should be made more comfortable for the end-users."
"The product's overlap feature is restrictive and requires more customization efforts, which can be expensive."
"We are having issues with false positives that need to be resolved."
 

Pricing and Cost Advice

"The solution's price is high and you pay based on the number of users."
"Checkmarx is comparatively costlier than other products, which is why some of the customers feel reluctant to go for it, though performance-wise, Checkmarx can compete with other products."
"We have a subscription license that is on a yearly basis, and it's a pretty competitive solution."
"It is a good product but a little overpriced."
"Before implementing the product I would evaluate if it is really necessary to scan so many different languages and frameworks. If not, I think there must be a cheaper solution for scanning Java-only applications (which are 90% of our applications)."
"We have purchased an annual license to use this solution. The price is reasonable."
"I would rate the solution’s pricing an eight out of ten. The tool’s pricing is higher than others and it is for the license alone."
"The average deal size was usually anywhere between $120K to $175K on an annual basis, which could be divided across 12 months."
More Checkmarx One pricing and cost advice
"As a Fortify partner company providing technical support, I find the product expensive in our country, where local, inexpensive products are available."
"This is a costly solution that could be cheaper."
"The solution is priced fair."
report
See which vendors are best for you
Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
See recommendations
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
21%
Computer Software Company
15%
Manufacturing Company
10%
Government
5%
Manufacturing Company
20%
Financial Services Firm
14%
Computer Software Company
10%
Educational Organization
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What alternatives are there for Fortify WebInspect and Fortify SCA?
I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as well. Veracode is only a cloud solution. Hope this helps.
See all answers
What do you like most about Checkmarx?
Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%.
See all answers
What is your experience regarding pricing and costs for Checkmarx?
The pricing is relatively expensive due to the product's quality and performance, but it is worth it.
See all answers
What do you like most about Micro Focus Software Security Center?
You can easily download the tool's rule packs and update them.
See all answers
What is your experience regarding pricing and costs for Micro Focus Software Security Center?
As a Fortify partner company providing technical support, I find the product expensive in our country, where local, inexpensive products are available. I would rate the pricing a seven.
See all answers
What needs improvement with Micro Focus Software Security Center?
The product's overlap feature is restrictive and requires more customization efforts, which can be expensive.
See all answers
 

Comparisons

SonarQube Server (formerly SonarQube) vs Checkmarx One Logo
SonarQube Server (formerly SonarQube) vs Checkmarx One
Compared 50% of the time
Veracode vs Checkmarx One Logo
Veracode vs Checkmarx One
Compared 14% of the time
Fortify on Demand vs Checkmarx One Logo
Fortify on Demand vs Checkmarx One
Compared 6% of the time
Coverity vs Checkmarx One Logo
Coverity vs Checkmarx One
Compared 4% of the time
Snyk vs Checkmarx One Logo
Snyk vs Checkmarx One
Compared 4% of the time
More Checkmarx One Competitors
Fortify on Demand vs Fortify Software Security Center Logo
Fortify on Demand vs Fortify Software Security Center
Compared 62% of the time
Acunetix vs Fortify Software Security Center Logo
Acunetix vs Fortify Software Security Center
Compared 20% of the time
More Fortify Software Security Center Competitors
 

Product Reports

Buyer's Guide
Checkmarx One
November 2024
Checkmarx One reportDownload Checkmarx One product report
Buyer's Guide
Static Application Security Testing (SAST)
October 2024
Fortify Software Security Center reportDownload Fortify Software Security Center product report
 

Also Known As

No data available
Micro Focus Software Security Center, Application Security Center, HPE Application Security Center, WebInspect
 

Learn More

Checkmarx
OpenText
 

Overview

Checkmarx One is an enterprise cloud-native application security platform focused on providing cross-tool, correlated results to help AppSec and developer teams prioritize where to focus time and resources.

Checkmarx One offers comprehensive application scanning across the SDLC:

  • Static Application Security Testing (SAST)
  • Software Composition Analysis (SCA)
  • API security
  • Dynamic Application Security Testing (DAST)
  • Container security
  • IaC security
  • Correlation, prioritization, and risk management
  • Codebashing secure code training
  • AI security
  • Tech partnerships extending AppSec into runtime analysis
  • Developer tool integrations including: CI/CD tools, development frameworks, feedback tools, IDEs, programming languages and SCMs

Checkmarx One provides everything you need to secure application development from the first line of code through deployment and runtime in the cloud. With an ever-evolving set of AppSec engines, correlation and prioritization features, and AI capabilities, Checkmarx One helps consolidate expanding lists of AppSec tools and make better sense of results. Its capabilities are designed to provide an improved developer experience to build trust with development teams and ensure the success of your AppSec program investment.

Software Security Center enables management, development, and security teams to work together to triage, track, validate, automate, and manage software security activities.
 

Sample Customers

YIT, Salesforce, Coca-Cola, SAP, U.S. Army, Liveperson, Playtech Case Study: Liveperson Implements Innovative Secure SDLC
Neosecure, Acxiom, Skandinavisk Data Center A/S, Parkeon
Buyer's Guide
Checkmarx One vs. Fortify Software Security Center
October 2024
Free Report: Checkmarx One vs. Fortify Software Security Center
Find out what your peers are saying about Checkmarx One vs. Fortify Software Security Center and other solutions. Updated: October 2024.
DOWNLOAD NOW
814,649 professionals have used our research since 2012.
See our Checkmarx One vs. Fortify Software Security Center report.
See our list of best Static Application Security Testing (SAST) vendors.

We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.