Try our new research platform with insights from 80,000+ expert users

Aqua Cloud Security Platform vs Checkmarx One comparison

Aqua Security and Checkmarx are both solutions in the Container Security category. Aqua Security holds a 3.0% mindshare in Container Security, compared to Checkmarx’s 2.1% mindshare. Additionally, 93% of Aqua Security users are willing to recommend the solution, compared to 87% of Checkmarx users who would recommend it.
Aqua Cloud Security Platform
Read 16 Aqua Cloud Security Platform reviews
  • 5,459 Views
  • 4,695 Comparison Views
93% willing to recommend
Checkmarx One
Read 71 Checkmarx One reviews
    87% willing to recommend
     

    Comparison Buyer's Guide

    Download the report
    Executive SummaryUpdated on Jan 7, 2025

    Checkmarx One and Aqua Cloud Security Platform compete in the cybersecurity space, focusing on software development and container security, respectively. Based on feature sets, Checkmarx One appears to have an upper hand with its extensive language support and advanced code scanning, whereas Aqua stands out for container security and runtime protection.

    Features: Checkmarx One includes comprehensive code scanning, pinpointing vulnerabilities, and easy integration with diverse repositories and developer tools. It offers support for multiple programming languages and advanced static application security testing capabilities. Aqua Cloud Security Platform emphasizes container and runtime security, providing features like image assurance and sandboxing for open-source tools along with robust runtime protection for containers.

    Room for Improvement: Checkmarx One could benefit from reducing false positives and enhancing custom rule setup. Its pricing model could be more flexible. Aqua Cloud Security Platform might improve its reporting features and simplify its license model. Users often find Aqua's interface and role management confusing, while Checkmarx requires improved support for compiled code.

    Ease of Deployment and Customer Service: Checkmarx One offers varied deployment options, including on-premises and hybrid cloud, supported by a responsive technical team, though occasional delays are reported. Aqua Cloud Security Platform provides similar deployment environments but faces challenges in the consistency of customer service and technical support.

    Pricing and ROI: Checkmarx One is on the higher end of the pricing spectrum but is justified by its extensive features and security assurances, though its licensing may not suit smaller teams due to its rigidity. Aqua Cloud Security Platform offers competitive pricing structured around workload rather than users, making it more budget-friendly. Both platforms offer good ROI, enhancing development security, with Aqua being more cost-effective than Checkmarx.

    DOWNLOAD THE COMPLETE REPORT
    To learn more, read our detailed Aqua Cloud Security Platform vs. Checkmarx One Report (Updated: July 2025).
    Buyer's Guide
    Aqua Cloud Security Platform vs. Checkmarx One
    July 2025
    Download the complete report
    Helped 864,155 peers since 2012

    Review summaries and opinions

    We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
     

    Categories and Ranking

    Aqua Cloud Security Platform
    Ranking in DevSecOps
    8th
    Average Rating
    8.0
    Reviews Sentiment
    6.8
    Number of Reviews
    16
    Ranking in other categories
    Cloud and Data Center Security (12th), Container Security (14th), Cloud Workload Protection Platforms (CWPP) (16th), Cloud-Native Application Protection Platforms (CNAPP) (13th), Software Supply Chain Security (9th)
    Checkmarx One
    Ranking in DevSecOps
    5th
    Average Rating
    7.6
    Reviews Sentiment
    6.9
    Number of Reviews
    71
    Ranking in other categories
    Application Security Tools (3rd), Static Application Security Testing (SAST) (4th), Vulnerability Management (24th), Static Code Analysis (3rd), API Security (5th), Risk-Based Vulnerability Management (9th)
     

    Mindshare comparison

    As of August 2025, in the Container Security category, the mindshare of Aqua Cloud Security Platform is 3.0%, down from 4.7% compared to the previous year. The mindshare of Checkmarx One is 2.1%, down from 3.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
    Container Security
     

    Featured Reviews

    Burak AKCAGUN - PeerSpot reviewer
    A robust and cost-effective solution, excelling in scalability, on-premises support, and responsive technical support, making it well-suited for enterprises navigating stringent regulatory environment
    The most crucial aspect is runtime protection, specifically image scanning before preproduction and deployment. Customers find it invaluable to have the ability to check for vulnerabilities in an image before deployment, similar to a sandbox environment. This feature ensures that customers can identify any potential issues with the image, such as misconfigurations or vulnerabilities, before integrating it into their workloads and infrastructure. In their source pipeline, companies can identify issues before deploying changes. This is crucial because customers prefer resolving any problems or misconfigurations before the deployment process. Software change security, including GSPM Cloud, is a key feature customers seek in their infrastructure.
    Read full review
    Syed Hasan - PeerSpot reviewer
    Partner experiences excellent technical support and seamless initial setup
    In my opinion, if we are able to extract or show the report, and because everything is going towards agent tech and GenAI, it would be beneficial if it could get integrated with our code base and do the fix automatically. It could suggest how the code base is written and automatically populate the source code with three different solution options to choose from. This would be really helpful.
    Read full review

    Quotes from Members

    We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
     

    Pros

    "The most valuable feature is the security."
    "Valuable features include the ability to connect it to our Docker Hub where our images are stored, good integration with Slack, and the connection to the CV, to easily see which CVs are on each image."
    "The DTA, which stands for Dynamic Threat Analysis, allows me to analyze Docker images in a sandbox environment before deployment, helping me anticipate risks."
    "The most helpful feature of Aqua Security is Drift Prevention, which is a feature that allows images to be immutable. In addition, one of the main reasons we went with Aqua Security is because it provides strong protection when it comes to runtime security."
    "We use Aqua Security for the container security features."
    "The container security element of this product has been very valuable to our organization."
    "The most valuable features are that it's easy to use and manage."
    "The most valuable feature of Aqua Security is the scanner."
    More Aqua Cloud Security Platform pros
    "The feature that I have found most valuable is that its number of false positives is less than the other security application platforms. Its ease of use is another good feature. It also supports most of the languages."
    "The only thing I like is that Checkmarx does not need to compile."
    "The process of remediating software security vulnerabilities can now be performed (ongoing) as portions of the application are being built in advance of being compiled."
    "The identification of verification-related security vulnerabilities is really important and one of the key things. It also identifies vulnerabilities for any kind of third-party tool coming into the system or any third-party tools that you are using, which is very useful for avoiding random hacking."
    "I like that you don't have to compile the code in order to execute static code analysis. So, it's very handy."
    "From my point of view, it is the best product on the market."
    "The most valuable feature is the simple user interface."
    "Our static operation security has been able to identify more security issues since implementing this solution."
    More Checkmarx One pros
     

    Cons

    "I would like Aqua Security to look into is the development of a web security portal."
    "In the next release, Aqua Security should add the ability to automatically send reports to customers."
    "There's room for improvement, particularly in management capabilities as it may not be comprehensive enough for all customers, and it has been lacking in the realm of cloud security posture management."
    "The integrations on CICD could be improved. If Aqua had more plugins or container images to integrate and automate more easily on CICD, it would be better."
    "Aqua Security lacks a lot in reporting."
    "Since we are working from home, we would like to have the proper training for Aqua."
    "We would like to see an improvement in the overview visibility that this solution offers."
    "Sometimes I got stressed with the UI."
    More Aqua Cloud Security Platform cons
    "They could work to improve the user interface. Right now, it really is lacking."
    "With Checkmarx, normally you need to use one tool for quality and you need to use another tool for security. I understand that Checkmarx is not in the parity space because it's totally different, but they could include some free features or recommendations too."
    "Checkmarx has a slightly difficult compilation with the CI/CD pipeline."
    "It would be really helpful if the level of confidence was included, with respect to identified issues."
    "I really would like to integrate it as a service along with the SAP HANA Cloud Platform. It will then be easy to use it directly as a service."
    "Checkmarx is not good because it has too many false positive issues."
    "There is nothing particular that I don't like in this solution. It can have more integrations, but the integrations that we would like are in the roadmap anyway, and they just need to deliver the roadmap. What I like about the roadmap is that it is going where it needs to go. If I were to look at the roadmap, there is nothing that is jumping out there that says to me, "Yeah. I'd like something else on the roadmap." What they're looking to deliver is what I would expect and forecast them to deliver."
    "We have received some feedback from our customers who are receiving a large number of false positives."
    More Checkmarx One cons
     

    Pricing and Cost Advice

    "The pricing of this solution could be improved."
    "Dealing with licensing costs isn't my responsibility, but I know that the licenses don't depend on the number of users, but instead are priced according to your workload."
    "It comes at a reasonable cost."
    "They were reasonable with their pricing. They were pretty down-to-earth about the way they pitched their product and the way they tried to close the deal. They were one of the rare companies that approached the whole valuation in a way that made sense for our company, for our needs, and for their own requirements as well... They will accommodate your needs if they are able to understand them and they're stated clearly."
    "Aqua Security is not cheap, and it's not very expensive, such as Splunk, they are in the middle."
    "The number of users and coverage for languages will have an impact on the cost of the license."
    "Checkmarx is comparatively costlier than other products, which is why some of the customers feel reluctant to go for it, though performance-wise, Checkmarx can compete with other products."
    "The license has a vague language around P1 issues and the associated support. Make sure to review these in order to align them with your organizational policies."
    "Be cautious of the one-year subscription date. Once it expires, your price will go up."
    "It is an expensive solution."
    "The pricing was not very good. This is just a framework which shouldn’t cost so much."
    "Its price is fair. It is in or around the right spot. Ultimately, if the price is wrong, customers won't commit, but they do tend to commit. It is neither too cheap nor too expensive."
    "​Checkmarx is not a cheap scanning tool, but none of the security tools are cheap. Checkmarx is a powerful scanning tool, and it’s essential to have one of these products."
    More Checkmarx One pricing and cost advice
    report
    See which vendors are best for you
    Use our free recommendation engine to learn which Container Security solutions are best for your needs.
    See recommendations
    864,155 professionals have used our research since 2012.
     

    Top Industries

    By visitors reading reviews
    Financial Services Firm
    23%
    Computer Software Company
    12%
    Manufacturing Company
    11%
    Government
    9%
    Financial Services Firm
    20%
    Computer Software Company
    14%
    Manufacturing Company
    10%
    Government
    6%
     

    Company Size

    By reviewers
    Large Enterprise
    Midsize Enterprise
    Small Business
     

    Questions from the Community

    What do you think of Aqua Security vs Prisma Cloud?
    Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valuable feature and their speed of integration is very good. The initial setup was ...
    See all answers
    What do you like most about Aqua Security?
    Customers find it invaluable to have the ability to check for vulnerabilities in an image before deployment, similar to a sandbox environment.
    See all answers
    What is your experience regarding pricing and costs for Aqua Security?
    It comes at a reasonable cost. When compared to Prisma Cloud, it is more budget-friendly.
    See all answers
    What alternatives are there for Fortify WebInspect and Fortify SCA?
    I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as well. Veracode is only a cloud solution. Hope this helps.
    See all answers
    What do you like most about Checkmarx?
    Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%.
    See all answers
    What is your experience regarding pricing and costs for Checkmarx?
    The pricing is relatively expensive due to the product's quality and performance, but it is worth it.
    See all answers
     

    Comparisons

    Prisma Cloud by Palo Alto Networks vs Aqua Cloud Security Platform Logo
    Prisma Cloud by Palo Alto Networks vs Aqua Cloud Security Platform
    Compared 21% of the time
    Wiz vs Aqua Cloud Security Platform Logo
    Wiz vs Aqua Cloud Security Platform
    Compared 17% of the time
    SUSE NeuVector vs Aqua Cloud Security Platform Logo
    SUSE NeuVector vs Aqua Cloud Security Platform
    Compared 5% of the time
    Red Hat Advanced Cluster Security for Kubernetes vs Aqua Cloud Security Platform Logo
    Red Hat Advanced Cluster Security for Kubernetes vs Aqua Cloud Security Platform
    Compared 5% of the time
    Orca Security vs Aqua Cloud Security Platform Logo
    Orca Security vs Aqua Cloud Security Platform
    Compared 5% of the time
    More Aqua Cloud Security Platform Competitors
    SonarQube Server (formerly SonarQube) vs Checkmarx One Logo
    SonarQube Server (formerly SonarQube) vs Checkmarx One
    Compared 39% of the time
    Veracode vs Checkmarx One Logo
    Veracode vs Checkmarx One
    Compared 10% of the time
    Checkmarx SAST vs Checkmarx One Logo
    Checkmarx SAST vs Checkmarx One
    Compared 7% of the time
    OpenText Core Application Security vs Checkmarx One Logo
    OpenText Core Application Security vs Checkmarx One
    Compared 5% of the time
    OWASP Zap vs Checkmarx One Logo
    OWASP Zap vs Checkmarx One
    Compared 5% of the time
    More Checkmarx One Competitors
     

    Product Reports

    Buyer's Guide
    Aqua Cloud Security Platform
    July 2025
    Aqua Cloud Security Platform reportDownload Aqua Cloud Security Platform product report
    Buyer's Guide
    Checkmarx One
    July 2025
    Checkmarx One reportDownload Checkmarx One product report
     

    Also Known As

    Aqua Security Platform, CloudSploit, Argon
    No data available
     

    Overview

    Aqua Security stops cloud native attacks, preventing them before they happen and stopping them when they happen. Dedicated cloud native threat research and the most loved cloud native security open source community in the world put innovation at your fingertips so you can transform your business. Born cloud native, The Aqua Platform is the most integrated Cloud Native Application Protection Platform (CNAPP), securing from day one and protecting in real-time. Aqua has been stopping real cloud native attacks on hundreds of thousands of production nodes across the world since 2015.

    Aqua Security Features

    Aqua Security has many valuable key features. Some of the most useful ones include:

    • Vulnerability scanning
    • Dynamic threat analysis
    • Automates DevSecOps
    • CI/CD integrations
    • Cloud security posture management
    • Kubernetes security
    • Hybrid and multi-cloud
    • Container security
    • Serverless security
    • VM security
    • Cloud workloads protection

    Aqua Security Benefits

    There are many benefits to implementing Aqua Security. Some of the biggest advantages the solution offers include:

    • Designed for scale and performance: The Aqua Security platform was designed to scale to the largest environments in order to protect huge clusters and massive DevOps pipelines.
    • Empowers DevOps to detect issues early and fix them fast: The solution was designed to help you solve issues immediately - before they cause greater damage to your organization. It helps you gain insight into your vulnerability posture and prioritize remediation and mitigation according to contextual risk.
    • Automated compliance and security posture: Aqua Security checks your cloud services, Infrastructure-as-code templates, and Kubernetes setup against best practices and standards. This way, you can ensure the infrastructure you run your applications on is securely configured and in compliance.
    • Artifact scanning: The Aqua Security platform scans artifacts for vulnerabilities, malware, and other risks during development and staging. It allows you to set flexible and dynamic policies to control deployment into your runtime environments.
    • Minimizes false positives: Aqua Security relies on a variety of sources and proprietary research to curate and present vulnerabilities in the most accurate way, which helps to minimize false positives and unnecessary noise in the pipeline.
    • Automated security testing: The Aqua Security platform automates security testing in your CI/CD pipeline, and continuously scans registries and serverless function stores to detect emerging risks. By implementing the platform, you can get actionable feedback within your CI environments to empower your organization’s developers to fix issues rapidly.
    • Granular controls: The solution provides protection for your VM, container, and serverless workloads using granular controls with instant visibility and real-time detection and response.
    • Sandboxed environment: With Aqua Security, you can run images in a secure sandboxed environment that traces indicators of compromise (IOCs) such as container escapes, reverse shell backdoors, malware drops, code injection backdoors, and network anomalies.

    Reviews from Real Users

    Lizeth Z., Cloud Security Specialist at Telstra, says, “Aqua Security is the most advanced solution in the market for container security. Aqua Security allows us to check for vulnerabilities in the CI/CD pipeline, so application teams can remediate issues before going into production. Aqua Security helps us to check the vulnerability of image assurance and check for malware.”

    Aqua Security

    Checkmarx One is an enterprise cloud-native application security platform focused on providing cross-tool, correlated results to help AppSec and developer teams prioritize where to focus time and resources.

    Checkmarx One offers comprehensive application scanning across the SDLC:

    • Static Application Security Testing (SAST)
    • Software Composition Analysis (SCA)
    • API security
    • Dynamic Application Security Testing (DAST)
    • Container security
    • IaC security
    • Correlation, prioritization, and risk management
    • Codebashing secure code training
    • AI security
    • Tech partnerships extending AppSec into runtime analysis
    • Developer tool integrations including: CI/CD tools, development frameworks, feedback tools, IDEs, programming languages and SCMs

    Checkmarx One provides everything you need to secure application development from the first line of code through deployment and runtime in the cloud. With an ever-evolving set of AppSec engines, correlation and prioritization features, and AI capabilities, Checkmarx One helps consolidate expanding lists of AppSec tools and make better sense of results. Its capabilities are designed to provide an improved developer experience to build trust with development teams and ensure the success of your AppSec program investment.

    Checkmarx
     

    Sample Customers

    HPE Salesforce Telstra Ellie Mae Cathay Pacific HomeAway
    YIT, Salesforce, Coca-Cola, SAP, U.S. Army, Liveperson, Playtech Case Study: Liveperson Implements Innovative Secure SDLC
    Buyer's Guide
    Aqua Cloud Security Platform vs. Checkmarx One
    July 2025
    Free Report: Aqua Cloud Security Platform vs. Checkmarx One
    Find out what your peers are saying about Aqua Cloud Security Platform vs. Checkmarx One and other solutions. Updated: July 2025.
    DOWNLOAD NOW
    864,155 professionals have used our research since 2012.
    See our Aqua Cloud Security Platform vs. Checkmarx One report.
    See our list of best Container Security vendors and best DevSecOps vendors.

    We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.