• Home
  • Aqua Cloud Security Platform vs. Checkmarx One

Aqua Cloud Security Platform vs Checkmarx One comparison

Cancel
You must select at least 2 products to compare!
Aqua Security Logo
Aqua Cloud Security Platform
Read 16 Aqua Cloud Security Platform reviews
1,556 views|1,054 comparisons
93% willing to recommend
Checkmarx Logo
Checkmarx One
Read 67 Checkmarx One reviews
3,094 views|1,927 comparisons
86% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
DevSecOps
May 2024
Executive Summary

We performed a comparison between Aqua Cloud Security Platform and Checkmarx One based on real PeerSpot user reviews.

Find out what your peers are saying about Snyk, Checkmarx, GitLab and others in DevSecOps.
To learn more, read our detailed DevSecOps Report (Updated: May 2024).
Download the complete report
770,616 professionals have used our research since 2012.
Featured Review
Anonymous User
Provides workload protection and helps identify security misconfigurations, vulnerabilities, and risks
I use it to demonstrate to customers because I'm a sales engineer. Many customers want to protect their workloads and applications. For example,... Read more →
Anonymous User
Responsive support, useful code-checking module, and high availability
Checkmarx detected code sections that did not adhere to best practices. After being informed, the programmers were able to rectify some of the... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable feature is the security.""Valuable features include the ability to connect it to our Docker Hub where our images are stored, good integration with Slack, and the connection to the CV, to easily see which CVs are on each image.""The most valuable feature of Aqua Security is the scanner.""From what I understand, the initial setup is simple.""The CSPM product is great at securing our cloud accounts and I really like the runtime protection for containers and functions too.""The container security element of this product has been very valuable to our organization.""We use Aqua Security for the container security features.""Their sandboxing service is also really good."

More Aqua Cloud Security Platform Pros →

"The process of remediating software security vulnerabilities can now be performed (ongoing) as portions of the application are being built in advance of being compiled.""It is a stable product.""The solution has good performance, it is able to compute in 10 to 15 minutes.""The setup is fairly easy. We didn't struggle with the process at all.""The user interface is excellent. It's very user friendly.""Overall, the ability to find vulnerabilities in the code is better than the tool that we were using before.""The report function is the solution's greatest asset.""Both automatic and manual code review (CxQL) are valuable."

More Checkmarx One Pros →

Cons
"We would like to see an improvement in the overview visibility that this solution offers.""Aqua Security could provide more open documentation so that their learning resources can be more easily accessed and searched through online. Right now, a lot of the documentation is closed and not available to the public.""The solution could improve user-friendliness.""There's room for improvement, particularly in management capabilities as it may not be comprehensive enough for all customers, and it has been lacking in the realm of cloud security posture management.""They want to release improvements to their product to work with other servers because now there are more focused on the Kubernetes environment. They need to improve the normal servers. I would like to have more options.""Aqua Security lacks a lot in reporting.""In the next release, Aqua Security should add the ability to automatically send reports to customers.""The user interface could be improved, especially in terms of organization and clarity."

More Aqua Cloud Security Platform Cons →

"We can run only one project at a time.""I really would like to integrate it as a service along with the SAP HANA Cloud Platform. It will then be easy to use it directly as a service.""When we first ran it on a big project, there wasn't enough memory on the computer. It originally ran with eight gigabytes, and now it runs with 32. The software stopped at some point, and while I don't think it said it ran out of memory, it just said "stopped" and something else. We had to go to the logs and send them to the integrator, and eventually, they found a memory issue in the logs and recommended increasing the memory. We doubled it once, and it didn't seem enough. We doubled it again, and it helped.""Checkmarx could improve by reducing the price.""Checkmarx being Windows only is a hindrance. Another problem is: why can't I choose PostgreSQL?""I would like to see the tool’s pricing improved.""Checkmarx has a slightly difficult compilation with the CI/CD pipeline.""We want to have a holistic view of the portfolio-level dashboard and not just an individual technical project level."

More Checkmarx One Cons →

Pricing and Cost Advice
  • "They were reasonable with their pricing. They were pretty down-to-earth about the way they pitched their product and the way they tried to close the deal. They were one of the rare companies that approached the whole valuation in a way that made sense for our company, for our needs, and for their own requirements as well... They will accommodate your needs if they are able to understand them and they're stated clearly."
  • "Aqua Security is not cheap, and it's not very expensive, such as Splunk, they are in the middle."
  • "Dealing with licensing costs isn't my responsibility, but I know that the licenses don't depend on the number of users, but instead are priced according to your workload."
  • "The pricing of this solution could be improved."
  • "It comes at a reasonable cost."

    • More Aqua Cloud Security Platform Pricing and Cost Advice →

  • "It is the right price for quality delivery."
  • "I believe pricing is better compared to other commercial tools."
  • "The pricing was not very good. This is just a framework which shouldn’t cost so much."
  • "The pricing is competitive and provides a lower TCO (total cost of ownership) for achieving application security."
  • "It is a good product but a little overpriced."
  • "The license has a vague language around P1 issues and the associated support. Make sure to review these in order to align them with your organizational policies."
  • "​Checkmarx is not a cheap scanning tool, but none of the security tools are cheap. Checkmarx is a powerful scanning tool, and it’s essential to have one of these products."
  • "We got a special offer for a 30% reduction for three years, after our first year. I think for a real source-code scanning tool, you have to add a lot of money for Open Source Analysis, and AppSec Coach (160 Euro per user per year)."

    • More Checkmarx One Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which DevSecOps solutions are best for your needs.
    See Recommendations
    770,616 professionals have used our research since 2012.
    Questions from the Community
    What do you think of Aqua Security vs Prisma Cloud?
    Top Answer:Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valuable feature and their speed of integration is very good. The initial setup was… more »
    What do you like most about Aqua Security?
    Top Answer:Customers find it invaluable to have the ability to check for vulnerabilities in an image before deployment, similar to a sandbox environment.
    Read all 13 answers   →
    What is your experience regarding pricing and costs for Aqua Security?
    Top Answer:It comes at a reasonable cost. When compared to Prisma Cloud, it is more budget-friendly.
    Read all 9 answers   →
    What alternatives are there for Fortify WebInspect and Fortify SCA?
    Top Answer:I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as well. Veracode is only a cloud solution. Hope this helps.
    Read all 4 answers   →
    What do you like most about Checkmarx?
    Top Answer:Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%.
    Read all 38 answers   →
    What is your experience regarding pricing and costs for Checkmarx?
    Top Answer:The solution's price is high and you pay based on the number of users.
    Read all 25 answers   →
    Ranking
    5th
    out of 15 in DevSecOps
    Views
    1,556
    Comparisons
    1,054
    Reviews
    11
    Average Words per Review
    469
    Rating
    7.7
    2nd
    out of 15 in DevSecOps
    Views
    3,094
    Comparisons
    1,927
    Reviews
    21
    Average Words per Review
    513
    Rating
    7.7
    Comparisons
    Also Known As
    Aqua Security Platform, CloudSploit, Argon
    Learn More
    Aqua Security
    Checkmarx
    Overview

    Aqua Security stops cloud native attacks, preventing them before they happen and stopping them when they happen. Dedicated cloud native threat research and the most loved cloud native security open source community in the world put innovation at your fingertips so you can transform your business. Born cloud native, The Aqua Platform is the most integrated Cloud Native Application Protection Platform (CNAPP), securing from day one and protecting in real-time. Aqua has been stopping real cloud native attacks on hundreds of thousands of production nodes across the world since 2015.

    Aqua Security Features

    Aqua Security has many valuable key features. Some of the most useful ones include:

    • Vulnerability scanning
    • Dynamic threat analysis
    • Automates DevSecOps
    • CI/CD integrations
    • Cloud security posture management
    • Kubernetes security
    • Hybrid and multi-cloud
    • Container security
    • Serverless security
    • VM security
    • Cloud workloads protection

    Aqua Security Benefits

    There are many benefits to implementing Aqua Security. Some of the biggest advantages the solution offers include:

    • Designed for scale and performance: The Aqua Security platform was designed to scale to the largest environments in order to protect huge clusters and massive DevOps pipelines.
    • Empowers DevOps to detect issues early and fix them fast: The solution was designed to help you solve issues immediately - before they cause greater damage to your organization. It helps you gain insight into your vulnerability posture and prioritize remediation and mitigation according to contextual risk.
    • Automated compliance and security posture: Aqua Security checks your cloud services, Infrastructure-as-code templates, and Kubernetes setup against best practices and standards. This way, you can ensure the infrastructure you run your applications on is securely configured and in compliance.
    • Artifact scanning: The Aqua Security platform scans artifacts for vulnerabilities, malware, and other risks during development and staging. It allows you to set flexible and dynamic policies to control deployment into your runtime environments.
    • Minimizes false positives: Aqua Security relies on a variety of sources and proprietary research to curate and present vulnerabilities in the most accurate way, which helps to minimize false positives and unnecessary noise in the pipeline.
    • Automated security testing: The Aqua Security platform automates security testing in your CI/CD pipeline, and continuously scans registries and serverless function stores to detect emerging risks. By implementing the platform, you can get actionable feedback within your CI environments to empower your organization’s developers to fix issues rapidly.
    • Granular controls: The solution provides protection for your VM, container, and serverless workloads using granular controls with instant visibility and real-time detection and response.
    • Sandboxed environment: With Aqua Security, you can run images in a secure sandboxed environment that traces indicators of compromise (IOCs) such as container escapes, reverse shell backdoors, malware drops, code injection backdoors, and network anomalies.

    Reviews from Real Users

    Lizeth Z., Cloud Security Specialist at Telstra, says, “Aqua Security is the most advanced solution in the market for container security. Aqua Security allows us to check for vulnerabilities in the CI/CD pipeline, so application teams can remediate issues before going into production. Aqua Security helps us to check the vulnerability of image assurance and check for malware.”

    Checkmarx One is an enterprise cloud-native application security platform focused on providing cross-tool, correlated results to help AppSec and developer teams prioritize where to focus time and resources.

    Checkmarx One offers comprehensive application scanning across the SDLC:

    • Static Application Security Testing (SAST)
    • Software Composition Analysis (SCA)
    • API security
    • Dynamic Application Security Testing (DAST)
    • Container security
    • IaC security
    • Correlation, prioritization, and risk management
    • Codebashing secure code training
    • AI security
    • Tech partnerships extending AppSec into runtime analysis
    • Developer tool integrations including: CI/CD tools, development frameworks, feedback tools, IDEs, programming languages and SCMs

    Checkmarx One provides everything you need to secure application development from the first line of code through deployment and runtime in the cloud. With an ever-evolving set of AppSec engines, correlation and prioritization features, and AI capabilities, Checkmarx One helps consolidate expanding lists of AppSec tools and make better sense of results. Its capabilities are designed to provide an improved developer experience to build trust with development teams and ensure the success of your AppSec program investment.

    Sample Customers
    HPE Salesforce Telstra Ellie Mae Cathay Pacific HomeAway
    YIT, Salesforce, Coca-Cola, SAP, U.S. Army, Liveperson, Playtech Case Study: Liveperson Implements Innovative Secure SDLC
    Top Industries
    REVIEWERS
    Computer Software Company43%
    Comms Service Provider14%
    Insurance Company14%
    Financial Services Firm14%
    VISITORS READING REVIEWS
    Financial Services Firm22%
    Computer Software Company16%
    Manufacturing Company11%
    Government6%
    REVIEWERS
    Computer Software Company31%
    Financial Services Firm19%
    Comms Service Provider9%
    Manufacturing Company9%
    VISITORS READING REVIEWS
    Financial Services Firm21%
    Computer Software Company15%
    Manufacturing Company9%
    Insurance Company5%
    Company Size
    REVIEWERS
    Small Business38%
    Midsize Enterprise6%
    Large Enterprise56%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise11%
    Large Enterprise70%
    REVIEWERS
    Small Business38%
    Midsize Enterprise13%
    Large Enterprise50%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise12%
    Large Enterprise72%
    Buyer's Guide
    DevSecOps
    May 2024
    Download Free Report
    Find out what your peers are saying about Snyk, Checkmarx, GitLab and others in DevSecOps. Updated: May 2024.
    DOWNLOAD NOW
    770,616 professionals have used our research since 2012.

    Aqua Cloud Security Platform is ranked 5th in DevSecOps with 16 reviews while Checkmarx One is ranked 2nd in DevSecOps with 67 reviews. Aqua Cloud Security Platform is rated 8.0, while Checkmarx One is rated 7.6. The top reviewer of Aqua Cloud Security Platform writes "Reliable with good container scanning and a straightforward setup". On the other hand, the top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". Aqua Cloud Security Platform is most compared with Prisma Cloud by Palo Alto Networks, Wiz, Snyk, Red Hat Advanced Cluster Security for Kubernetes and SUSE NeuVector, whereas Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity.

    See our list of best DevSecOps vendors.

    We monitor all DevSecOps reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.