We performed a comparison between Checkmarx One and Fortify Software Security Center based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We use the solution to validate the source code and do SAST and security analysis."
"The main advantage of this solution is its centralized reporting functionality, which lets us track issues, then see and report on the priorities via a web portal."
"The report function is the solution's greatest asset."
"The process of remediating software security vulnerabilities can now be performed (ongoing) as portions of the application are being built in advance of being compiled."
"It is a stable product."
"The setup is very easy. There is a lot of information in the documents which makes the install not difficult at all."
"I like that you don't have to compile the code in order to execute static code analysis. So, it's very handy."
"It gives the proper code flow of vulnerabilities and the number of occurrences."
"You can easily download the tool's rule packs and update them."
"The reporting is very useful because you can always view an entire list of the issues that you have."
"This is a stable solution at the end of the day."
"Integration into the SDLC (i.e. support for last version of SonarQube) could be added."
"Creating and editing custom rules in Checkmarx is difficult because the license for the editor comes at an additional cost, and there is a steep learning curve."
"The pricing can get a bit expensive, depending on the company's size."
"The integration could improve by including, for example, DevSecOps."
"Implementing a blackout time for any user or teams: Needs improvement."
"I would like the product to include more debugging and developed tools. It needs to also add enhancements on the coding side."
"Micro-services need to be included in the next release."
"Checkmarx could improve the REST APIs by including automation."
"This solution is difficult to implement, and it should be made more comfortable for the end-users."
"We are having issues with false positives that need to be resolved."
"Fortify Software Security Center's setup is really painful."
More Fortify Software Security Center Pricing and Cost Advice →
Checkmarx One is ranked 3rd in Static Application Security Testing (SAST) with 67 reviews while Fortify Software Security Center is ranked 27th in Static Application Security Testing (SAST) with 3 reviews. Checkmarx One is rated 7.6, while Fortify Software Security Center is rated 7.4. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Fortify Software Security Center writes "A fair-priced solution that helps with application security testing ". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Fortify Software Security Center is most compared with Fortify on Demand, Tricentis Tosca and Fortify WebInspect. See our Checkmarx One vs. Fortify Software Security Center report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.