We performed a comparison between Amazon Inspector and Checkmarx One based on real PeerSpot user reviews.
Find out in this report how the two Vulnerability Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The vulnerability discovery is valuable, and they also rank those vulnerabilities for you. So, you could rapidly attack some of the higher, severe vulnerabilities as they pop up, if they do pop up."
"The automated vulnerability detection aspect is most valuable."
"The findings dashboards are neat and easy to understand, offering clear demarcations for different types of findings and detailed insights into specific vulnerabilities and their associated instances. It is not a place where everything is dumped together. It offers an easy-to-understand layout."
"The integration of Amazon Inspector with other AWS services has enhanced our security. Security Hub is a major asset because it allows us to centralize data from various AWS services. We can integrate third-party tools as well. It is just a single-click option."
"Overall, the ability to find vulnerabilities in the code is better than the tool that we were using before."
"The setup is very easy. There is a lot of information in the documents which makes the install not difficult at all."
"I like that you don't have to compile the code in order to execute static code analysis. So, it's very handy."
"The solution improved the efficiency of our code security reviews. It helps tremendously because it finds hundreds of potential problems sometimes."
"Checkmarx pinpoints the vulnerability in the code and also presents the flow of malicious input across the application."
"The most valuable features of Checkmarx are difficult to pinpoint because of the way the functionalities and the features are intertwined, it's difficult to say which part of them I prefer most. You initiate the scan, you have a scan, you have the review set, and reporting, they all work together as one whole process. It's not like accounting software, where you have the different features, et cetera."
"The solution is scalable, but other solutions are better."
"Most valuable features include: ease of use, dashboard. interface and the ability to report."
"One major area for improvement is remediation. My team works on remediating findings over time, likely using available patches. However, easier integration with Amazon's patching services would be very helpful."
"It has a limited scope. So, AWS Inspector primarily focuses on the security of the EC2 instance. So, if your architecture includes other AWS services, then you may need to use additional tools for your comprehensive security assessment. So that is one con. Another is, like, we have a dependency on agents."
"There isn't too much to improve right now. Scanning on demand or as a part of the pipeline versus a post pipeline solution would be good, but it is not a deal breaker by any means."
"There is room for improvement in the scanning capabilities. I'd like to see broader coverage in terms of the vulnerabilities detected."
"I would like to see the DAST solution in the future."
"Checkmarx could improve the REST APIs by including automation."
"Checkmarx being Windows only is a hindrance. Another problem is: why can't I choose PostgreSQL?"
"I think the CxAudit tool has room for improvement. At the beginning you can choose a scan of a project, but in any event the project must be scanned again (wasting time)."
"You can't use it in the continuous delivery pipeline because the scanning takes too much time."
"The interactive application security testing, or IAST, the interactive part where you're looking at an application that lives in a runtime environment on a server or virtual machine, needs improvement."
"I expect application security vendors to cover all aspects of application security, including SAST, DAST, and even mobile application security testing. And it would be much better if they provided an on-premises and cloud option for all these main application security features."
"Integration into the SDLC (i.e. support for last version of SonarQube) could be added."
Amazon Inspector is ranked 25th in Vulnerability Management with 4 reviews while Checkmarx One is ranked 11th in Vulnerability Management with 67 reviews. Amazon Inspector is rated 7.8, while Checkmarx One is rated 7.6. The top reviewer of Amazon Inspector writes "Primarily focuses on security of EC2 instances, provides point-in-time assessments rather than real time protection but provides automated vulnerability detection". On the other hand, the top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". Amazon Inspector is most compared with Tenable Vulnerability Management, Tenable Nessus, Microsoft Defender for Cloud, Tenable Cloud Security and JFrog Xray, whereas Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity. See our Amazon Inspector vs. Checkmarx One report.
See our list of best Vulnerability Management vendors.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
