No more typing reviews! Try our Samantha, our new voice AI agent.

Apiiro vs Checkmarx Software Composition Analysis comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Nov 5, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Apiiro
Ranking in Software Composition Analysis (SCA)
19th
Average Rating
8.0
Reviews Sentiment
5.9
Number of Reviews
3
Ranking in other categories
Static Application Security Testing (SAST) (27th), API Security (17th), Software Supply Chain Security (11th), Risk-Based Vulnerability Management (21st), Application Security Posture Management (ASPM) (11th)
Checkmarx Software Composit...
Ranking in Software Composition Analysis (SCA)
12th
Average Rating
9.0
Reviews Sentiment
7.6
Number of Reviews
13
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Software Composition Analysis (SCA) category, the mindshare of Apiiro is 2.4%, up from 2.0% compared to the previous year. The mindshare of Checkmarx Software Composition Analysis is 2.7%, up from 2.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Software Composition Analysis (SCA) Mindshare Distribution
ProductMindshare (%)
Checkmarx Software Composition Analysis2.7%
Apiiro2.4%
Other94.9%
Software Composition Analysis (SCA)
 

Featured Reviews

Kunal M - PeerSpot reviewer
Capability Center Leader, ETRM Platforms at Shell
Comprehensive risk analysis helps identify key performance trends but report access needs improvement
My first feedback for Apiiro is that it is very slow, extremely slow. The moment I select from the entire list of repositories in my vertical, which is almost more than 400 repositories, it takes a lot of time for me to load the report. Sometimes it fails. I do not have Role-Based Access Control (RBAC). It's only given to the application security team, and Apiiro as a vendor does not have the rollback access control enabled for the clients, so that would have given me access to the reports tab, which would have made my life easier. Currently, I have to go to the risks tab to pull out all this information. I started exploring dashboards with Copilot. I need to reach out to the Apiiro teams to see if I can get an access token so that I can pull out a Power BI dashboard. I think Apiiro definitely has its own capabilities, but if there are access tokens that teams can use to build a custom dashboard, that would be great. This might already exist, but that is something which will ease the vulnerability management day-to-day activities.
Tharindu Malwenna - PeerSpot reviewer
Senior Application Security Engineer at a newspaper with 5,001-10,000 employees
Efficient library identification and upgrade suggestions improve application security
We have many third-party libraries in our organization. I used Checkmarx Software Composition Analysis to identify all the libraries we use and determine whether they are used or unused within the application Checkmarx Software Composition Analysis provides identification of libraries and…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The workflow automation is likely the best aspect of the solution."
"The positive impact I have seen from working with Apiiro for my company includes the metrics that we get from Apiiro, which have been extremely helpful."
"Apiiro's secrets detection feature has saved us several times, which we appreciate greatly."
"It is very easy and user friendly. It never requires any kind of technical support. You can do everything on your own."
"The tool's visual scan analysis shows me all the libraries' vulnerabilities and license types. It helps identify the most complex issues with licenses. It provides good visibility. SCA shows me all libraries that are vulnerable and the extent of their vulnerability."
"What's most valuable in Checkmarx Software Composition Analysis is that it provides security from the start. In the traditional approach, an enterprise or company validates the solution before launching to a production environment, but in the modern approach, security must be checked and provided from the beginning and from the design, and this is where Checkmarx Software Composition Analysis comes in. The solution helps you make sure that every open-source application that you use is secure, and that there's no vulnerability inside that open-source application."
"It has improved identification capabilities, scalability, and integration with AI, such as the AI-powered suggestions."
"We were able to reduce the number of vulnerable libraries by 50%, leading to significant operational improvement."
"One of the strong points of this solution is that it allows you to incorporate it into a CICB pipeline. It has the ability to do incremental scans. If you scan a very large application, it might take two hours to do the initial scan. The subsequent scans, as people are making changes to the app, scan the Delta and are very fast. That's a really nice implementation. The way they have incorporated the functionality of the incremental scans is something to be aware of. It is quite good. It has been very solid. We haven't really had any issues, and it does what it advertises to do very nicely."
"The product is stable and scalable."
"What's most valuable in Checkmarx Software Composition Analysis is its ability to identify vulnerabilities in open-source components, especially if some critical issues exist."
 

Cons

"I would like support for our self-hosted Git server, other than GitHub, just regular Git."
"My first feedback for Apiiro is that it is very slow, extremely slow."
"User management is a little bit clunky."
"I would rate the scalability a seven out of ten."
"API security is an area with shortcomings that needs improvement."
"Personally, I currently use it as a standalone tool without integrating it with other systems, and it meets my needs adequately. As a suggestion, I request on considering to add a "what if" feature to the application. Currently, when the tool identifies issues and suggests updates, if I want to explore different scenarios, I need to prepare another file, turn it into a ZIP, and run the analysis again. It would be more convenient if there was a "what if" option in the GUI. This feature could simulate a run, allowing me to quickly check the impact of changing one or more files or versions without the need for a full rerun."
"Some of the recommendations provided by the product are generic. Even if the recommendations provided by the product are of low level, the appropriate ones can help users deal with vulnerabilities."
"I have received complaints from my customers that the pricing could be improved."
"Instant updates for end users to identify vulnerabilities as soon as possible will make Checkmarx Software Composition Analysis better. The UI of the solution could also be improved."
"It can have better licensing models."
"The performance of Checkmarx Software Composition Analysis also needs improvement because sometimes, it's slow, and in particular, scanning could take several hours."
 

Pricing and Cost Advice

Information not available
"Pricing for Checkmarx Software Composition Analysis needs to be competitive."
"The license model is somewhat perplexing as it comprises multiple aspects that can be confusing for customers. The model is determined by the number of registered users and the number of projects being scanned, along with a third component that adds to the complexity."
"My customers need to pay for the licensing part, and they need to opt for an annual subscription."
"We don't have a license. The usage is limited to one, two, three, five, or ten people. It is currently used for all projects, and there are plans to increase its usage."
"It is a little bit high priced. It would be better if it was a little less expensive."
report
Use our free recommendation engine to learn which Software Composition Analysis (SCA) solutions are best for your needs.
902,894 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
17%
Manufacturing Company
11%
Construction Company
8%
Energy/Utilities Company
7%
Financial Services Firm
20%
Construction Company
9%
Manufacturing Company
8%
Insurance Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business7
Large Enterprise8
 

Questions from the Community

What needs improvement with Apiiro?
One area Apiiro could improve is reporting customization and dashboard flexibility with more advanced filtering and easier communication.
What is your primary use case for Apiiro?
Apiiro is primarily used for code scanning and integration with source code control. The main use cases include code scanning and code snippet analysis. Apiiro provides security and visibility by h...
What advice do you have for others considering Apiiro?
I would highly recommend Apiiro and a clear understanding of the API landscape and integration requirements before implementing it. Apiiro provides the most value to organizations that have multipl...
What is your experience regarding pricing and costs for Checkmarx Software Composition Analysis?
Pricing is complex and high for small organizations but offers great benefits for larger organizations. It is notably different compared to competitors like GitHub Advanced Security.
What needs improvement with Checkmarx Software Composition Analysis?
The solution could improve by determining the success factor of an upgrade, which is currently lacking.
What is your primary use case for Checkmarx Software Composition Analysis?
We have many third-party libraries in our organization. I used Checkmarx Software Composition Analysis to identify all the libraries we use and determine whether they are used or unused within the ...
 

Also Known As

Apiiro Control Plane (ASOC), Apiiro API Security (SAST), Apiiro Open Source (SCA)
CxSCA
 

Overview

 

Sample Customers

Morgan Stanley, Rakuten, Jack Henry, SoFi, Colgate, Navan
AXA, Liveperson, Aaron's, Playtech, Morningstar
Find out what your peers are saying about Apiiro vs. Checkmarx Software Composition Analysis and other solutions. Updated: June 2026.
902,894 professionals have used our research since 2012.