We performed a comparison between Checkmarx One and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The setup is fairly easy. We didn't struggle with the process at all."
"Vulnerability details is valuable."
"Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%."
"It allows for SAST scanning of uncompiled code. Further, it natively integrates with all key repos formats (Git, TFS, SVN, Perforce, etc)."
"The most valuable features of Checkmarx are the SCA module and the code-checking module. Additionally, the solutions are explanatory and helpful."
"What I like best about Checkmarx is that it has fewer false positives than other products, giving you better results."
"Checkmarx pinpoints the vulnerability in the code and also presents the flow of malicious input across the application."
"Overall, the ability to find vulnerabilities in the code is better than the tool that we were using before."
"The initial setup is simple."
""The product is very good just the way it is; It has everything already well established and functions great. I can't see any way for this current version to be improved.""
"For pentesting scenarios, this is the number one tool. It can capture the request, and there are so many functions that are very good for that. For example, a black box satellite host."
"In my area of expertise, I feel like it has almost everything I could possibly require at this moment."
"The suite testing models are very good. It's very secure."
"The Spider is the most useful feature. It helps to analyze the entire web application, and it finds all the passes and offers an automated identification of security issues."
"PortSwigger Burp Suite Professional is one of the best user-friendly solutions for getting the proxy set up."
"The most valuable feature of PortSwigger Burp Suite Professional is the dashboard. It is very informative and you can receive all the information you need in one place. It's clear, well-defined, and organized. Anybody without any cybersecurity can use it."
"The solution sometimes reports a false auditable code or false positive."
"The lack of ability to review compiled source code. It would then be able to compete with other scanning tools, such as Veracode."
"The cost per user is high and should be reduced."
"It would be really helpful if the level of confidence was included, with respect to identified issues."
"Checkmarx could improve by reducing the price."
"Meta data is always needed."
"The reports are good, but they still need to be improved considering what the UI offers."
"The validation process needs to be sped up."
"The Iran market does not have after-sales support. PortSwigger Burp Suite Professional needs to provide after-sales support."
"The solution lacks sufficient stability."
"The reporting needs to be improved; it is very bad."
"One thing that is not up to the mark in PortSwigger is web application testing. I found some issues with its performance and reporting. They should work on these and give us a better outcome."
"The solution’s pricing could be improved."
"PortSwigger Burp Suite Professional could improve the static code review."
"The biggest drawback is reporting. It's not so good. I can download them, but they're not so informative."
"Scanning APIs using PortSwigger Burp Suite Professional takes a lot of time."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while PortSwigger Burp Suite Professional is ranked 10th in Application Security Tools with 57 reviews. Checkmarx One is rated 7.6, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Fortify on Demand. See our Checkmarx One vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.