We performed a comparison between Acunetix and Checkmarx One based on real PeerSpot user reviews.
Find out in this report how the two DevSecOps solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."There is a lot of documentation on their website which makes setting it up and using it quite simple."
"The scalability is good. The scalability is more than good because it can operate both as a standalone and it can be integrated as part of applications. So that really makes it a very, very versatile solution to have."
"It comes equipped with an internal applicator, which automatically identifies and addresses vulnerabilities within the program."
"Their technical support has been very active. If I have an issue, I can reach out to them and get an answer pretty quick."
"The most valuable feature of Acunetix is the UI and the scan results are simple."
"The vulnerability scanning option for analyzing the security loopholes on the websites is the most valuable feature of this solution."
"The automated approach to these repetitive discovery attempts would take days to do manually and therefore it helps reduce the time needed to do an assessment."
"Overall, it's a very good tool and a very good engine."
"The product's most valuable feature is static code and supply chain effect analysis. It provides a lot of visibility."
"Less false positive errors as compared to any other solution."
"It's not an obstacle for developers. They can easily write their code and make it more secure with Checkmarx."
"The solution has good performance, it is able to compute in 10 to 15 minutes."
"I like that you don't have to compile the code in order to execute static code analysis. So, it's very handy."
"The administration in Checkmarx is very good."
"The most valuable features of Checkmarx are difficult to pinpoint because of the way the functionalities and the features are intertwined, it's difficult to say which part of them I prefer most. You initiate the scan, you have a scan, you have the review set, and reporting, they all work together as one whole process. It's not like accounting software, where you have the different features, et cetera."
"Overall, the ability to find vulnerabilities in the code is better than the tool that we were using before."
"Acunetix needs to be dynamic with JavaScript code, unlike Netsparker which can scan complex agents."
"Acunetix needs to improve its cost."
"Acunetix needs to include agent analysis."
"We have had issues during upgrades where their scans worked on some apps better with previous versions. Then, we had to work with their tech support, who were great, to get it fixed for the next version."
"I had some issues with the JSON parameters where it found some strange vulnerabilities, but it didn't alert the person using it or me about these vulnerabilities, e.g., an error for SQL injection."
"Tools that would allow us to work more efficiently with the mobile environment, with Android and iOS."
"The solution can be improved by adding the ability to scan subdomains automatically, and by providing reports that can be exported to external databases to share with other solutions."
"Currently only supports web scanning."
"It provides us with quite a handful of false positive issues. If Checkmarx could reduce this number, it would be a great tool to use."
"With Checkmarx, normally you need to use one tool for quality and you need to use another tool for security. I understand that Checkmarx is not in the parity space because it's totally different, but they could include some free features or recommendations too."
"I expect application security vendors to cover all aspects of application security, including SAST, DAST, and even mobile application security testing. And it would be much better if they provided an on-premises and cloud option for all these main application security features."
"I would like to see the rate of false positives reduced."
"The integration could improve by including, for example, DevSecOps."
"Implementing a blackout time for any user or teams: Needs improvement."
"Its user interface could be improved and made more friendly."
"The tool is currently quite static in terms of finding security vulnerabilities. It would be great if it was more dynamic and we had even more tools at our disposal to keep us safe. It would help if there was more scanning or if the process was more automated."
Acunetix is ranked 5th in DevSecOps with 26 reviews while Checkmarx One doesn't meet the minimum requirements to be ranked in DevSecOps with 67 reviews. Acunetix is rated 7.6, while Checkmarx One is rated 7.6. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, PortSwigger Burp Suite Professional, HCL AppScan and Qualys Web Application Scanning, whereas Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and GitLab. See our Acunetix vs. Checkmarx One report.
See our list of best Application Security Testing (AST) vendors, best Vulnerability Management vendors, and best DevSecOps vendors.
We monitor all DevSecOps reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.