Try our new research platform with insights from 80,000+ expert users

Checkmarx One vs Rapid7 InsightVM comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Nov 6, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.5
Checkmarx One enhances security, speeds delivery, reduces costs, and returns ROI within six months for some users.
Sentiment score
6.8
Rapid7 InsightVM offers strong ROI and satisfaction by enhancing cybersecurity defenses and effectively managing vulnerabilities and updates.
 

Customer Service

Sentiment score
7.1
Checkmarx One provides generally positive support, but response delays and unresolved tickets challenge some users, despite skilled assistance.
Sentiment score
7.0
Rapid7 InsightVM customer service is well-rated, with accessible and knowledgeable support, despite occasional delays and language barriers.
Sometimes support requests coincide with holidays in their support region, causing slight delays.
 

Scalability Issues

Sentiment score
7.1
Checkmarx One offers strong scalability, supports automation, and manages scan engines, though may face processing time and licensing cost constraints.
Sentiment score
7.7
Rapid7 InsightVM is highly scalable, easily handling diverse enterprises and environments, with some report and network integration challenges.
According to the environment requirements, we can scale the solution as needed.
 

Stability Issues

Sentiment score
7.1
Checkmarx One is generally stable, but users report occasional crashes and performance issues, varying stability ratings from 4-10.
Sentiment score
8.2
Rapid7 InsightVM is highly stable and reliable, with minimal issues, strong integration, and consistently high stability ratings.
We have not faced any issues with stability, and I would rate it a nine out of ten.
The stability of Rapid7 InsightVM is excellent.
 

Room For Improvement

Checkmarx One requires enhancements in false positive reduction, language support, pricing, role management, UI, and support response time.
Rapid7 InsightVM needs enhanced reporting, integration, scanning, customization, API functionality, cloud coverage, pricing, support, and user interface.
Having the ability to build our own audit file, similar to a feature in Tenable, would be beneficial.
The platform could be more intuitive and user-friendly.
 

Setup Cost

Checkmarx One's pricing is costly but justified by its flexibility, competitive pricing, and enhanced security for enterprises.
Rapid7 InsightVM offers flexible, transparent pricing suited for large-scale deployments, with costs from $40,000 to over a million.
Rapid7 InsightVM is expensive, possibly one of the highest in pricing among similar products.
 

Valuable Features

Checkmarx One offers advanced code analysis, seamless repository integration, and user-friendly features for efficient security testing and vulnerability management.
Rapid7 InsightVM provides robust vulnerability management with dynamic asset tagging, customizable dashboards, and seamless SIEM integration, enhancing remediation efforts.
It's based on the CVSS risk scoring system, which is well-recognized and effective.
We have integrated our SIEM solutions and antivirus with each other through Rapid7.
 

Categories and Ranking

Checkmarx One
Ranking in Risk-Based Vulnerability Management
8th
Average Rating
7.6
Reviews Sentiment
6.9
Number of Reviews
70
Ranking in other categories
Application Security Tools (3rd), Static Application Security Testing (SAST) (3rd), Vulnerability Management (22nd), Static Code Analysis (2nd), API Security (2nd), DevSecOps (2nd)
Rapid7 InsightVM
Ranking in Risk-Based Vulnerability Management
4th
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
61
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of March 2025, in the Risk-Based Vulnerability Management category, the mindshare of Checkmarx One is 0.5%, up from 0.1% compared to the previous year. The mindshare of Rapid7 InsightVM is 14.2%, up from 14.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Risk-Based Vulnerability Management
 

Featured Reviews

ScottDenton - PeerSpot reviewer
Supports different languages, has excellent support, and easily expands
The interactive application security testing, or IAST, where code scans are being ran on an application that lives in a runtime environment on a server or virtual machine, needs improvement. There was limited support from different languages. It didn't support everything under the sun, so you would lose revenue since you didn't have support for Scala or some other language that your developer was fluent in. They needed to improve on language support. That is about it, really. The dev team did everything that they said they were going to do. If they said they were going to hit a mark, they'd hit a mark. That release would come out. Typically, they would do four major releases a year, quarterly, with two-point releases in between, or based on any additional hotfixes that may be needed. In most cases, however, IAST was the part of the product that needed to be improved the most. Codebashing is a really cool product from the aspect of teaching developers how to write secure code. However, it would be even cooler if you could not only point out and teach someone how to do it while also making the appropriate recommendation on how to rewrite the code itself, using machine learning or AI. Instead of you, the developer learning how to do it and then writing the code yourself, it'd be cooler if you could push a button, have it analyzed, scans the code, find the code, find the issue within the line of code, and then go ahead and automatically rewrite that code for you. Then, by repetition, it just teaches you through muscle memory how to do that as opposed to, "Hey, you've found this problem. This is where the problem's located, within this particular line of code." Right now, do you know how to rewrite Java? Well, if you're not familiar with how to do that, then go push on this button. Now, take this test and go through this exercise.” It doesn't make a recommendation. It's not like providing a script that fixes the problem. It's just teaching you on how to write the code in that form in that manner.
Mahmoud Elhamaymy - PeerSpot reviewer
Reliable scanning and integration strengthen security infrastructure
InsightVM has a very organized GUI with ease of use. The vulnerability scans are reliable, and the credential scan is a beneficial feature. The solution is efficient and trustworthy. It's based on the CVSS risk scoring system, which is well-recognized and effective. The integration capabilities through APIs allow easy integration with existing security infrastructure.
report
Use our free recommendation engine to learn which Risk-Based Vulnerability Management solutions are best for your needs.
841,302 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
21%
Computer Software Company
15%
Manufacturing Company
10%
Government
5%
Educational Organization
43%
Computer Software Company
9%
Financial Services Firm
7%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What alternatives are there for Fortify WebInspect and Fortify SCA?
I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as well. Veracode is only a cloud solution. Hope this helps.
What do you like most about Checkmarx?
Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%.
What is your experience regarding pricing and costs for Checkmarx?
The pricing is relatively expensive due to the product's quality and performance, but it is worth it.
How would you choose between Rapid7 InsightVM and Tenable Nessus?
You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. You can easily prioritize vulnerabilities using attacker analytics. Overall, Rapid...
What do you like most about Rapid7 InsightVM?
The product's initial setup phase was very easy.
What is your experience regarding pricing and costs for Rapid7 InsightVM?
Rapid7 InsightVM is expensive, possibly one of the highest in pricing among similar products.
 

Also Known As

No data available
InsightVM, NeXpose
 

Overview

 

Sample Customers

YIT, Salesforce, Coca-Cola, SAP, U.S. Army, Liveperson, Playtech Case Study: Liveperson Implements Innovative Secure SDLC
ACS, Acosta, AllianceData, amazon.com, biogen idec, CBRE, CATERPILLAR, Deloitte, COACH, GameStop, IBM
Find out what your peers are saying about Checkmarx One vs. Rapid7 InsightVM and other solutions. Updated: January 2025.
841,302 professionals have used our research since 2012.