Try our new research platform with insights from 80,000+ expert users

Checkmarx One vs CucumberStudio comparison

Checkmarx and SmartBear are both solutions in the Dynamic Application Security Testing (DAST) category. Checkmarx is ranked #4 with an average rating of 8.3, while SmartBear is ranked #8 with an average rating of 7.5. Checkmarx holds a 13.0% mindshare in DAST, compared to SmartBear’s 0.5% mindshare. Additionally, 87% of Checkmarx users are willing to recommend the solution, compared to 91% of SmartBear users who would recommend it.
Checkmarx One
Read 71 Checkmarx One reviews
  • 18,550 Views
  • 557 Comparison Views
87% willing to recommend
CucumberStudio
Read 12 CucumberStudio reviews
  • 418 Views
  • 29 Comparison Views
91% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Checkmarx One and CucumberStudio based on real PeerSpot user reviews.

Find out in this report how the two Dynamic Application Security Testing (DAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Checkmarx One vs. CucumberStudio Report (Updated: September 2025).
Buyer's Guide
Checkmarx One vs. CucumberStudio
September 2025
Download the complete report
Helped 869,566 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Checkmarx One
Ranking in Dynamic Application Security Testing (DAST)
4th
Average Rating
7.6
Reviews Sentiment
6.9
Number of Reviews
71
Ranking in other categories
Application Security Tools (3rd), Static Application Security Testing (SAST) (3rd), Vulnerability Management (22nd), Container Security (23rd), Static Code Analysis (3rd), API Security (6th), DevSecOps (5th), Risk-Based Vulnerability Management (10th), Application Security Posture Management (ASPM) (3rd)
CucumberStudio
Ranking in Dynamic Application Security Testing (DAST)
8th
Average Rating
8.0
Reviews Sentiment
7.1
Number of Reviews
12
Ranking in other categories
Rapid Application Development Software (25th)
 

Mindshare comparison

As of October 2025, in the Dynamic Application Security Testing (DAST) category, the mindshare of Checkmarx One is 13.0%, down from 18.1% compared to the previous year. The mindshare of CucumberStudio is 0.5%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Dynamic Application Security Testing (DAST) Market Share Distribution
ProductMarket Share (%)
Checkmarx One13.0%
CucumberStudio0.5%
Other86.5%
Dynamic Application Security Testing (DAST)
 

Featured Reviews

Syed Hasan - PeerSpot reviewer
Partner experiences excellent technical support and seamless initial setup
In my opinion, if we are able to extract or show the report, and because everything is going towards agent tech and GenAI, it would be beneficial if it could get integrated with our code base and do the fix automatically. It could suggest how the code base is written and automatically populate the source code with three different solution options to choose from. This would be really helpful.
Read full review
Walter Wirch - PeerSpot reviewer
Facilitates integration of test scenarios while needing modernization of components
CucumberStudio is primarily used for designing test scenarios and automating testing. We have implemented it in conjunction with our own routines for integration into our infrastructure CucumberStudio aligns with our strategy for data-driven testing. It supports our product owners in designing…
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We use the solution to validate the source code and do SAST and security analysis."
"The feature that I have found most valuable is that its number of false positives is less than the other security application platforms. Its ease of use is another good feature. It also supports most of the languages."
"Apart from software scanning, software composition scanning is valuable."
"The most valuable features of Checkmarx are the Best Fix Location and the Payments option because you can save a lot of time trying to mitigate the configuration. Using these tools can save you a lot of time."
"Scan reviews can occur during the development lifecycle."
"The product's most valuable feature is static code and supply chain effect analysis. It provides a lot of visibility."
"The reports are very good because they include details on the code level, and make suggestions about how to fix the problems."
"It gives the proper code flow of vulnerabilities and the number of occurrences."
More Checkmarx One pros
"CucumberStudio aligns with our strategy for data-driven testing."
"The URL is very useful, and it has a very good UI for deploying information of the scenarios created."
"CucumberStudio has a very user-friendly interface."
"The most valuable feature of CucumberStudio is its use of action words, which allows me to avoid writing test cases from scratch for the most common scenarios."
"The best thing is that a person without knowledge about the program can easily understand what happened in our testing process."
"CucumberStudio aligns with our strategy for data-driven testing."
"The solution is stable."
"The data table that helps in converting a single script to multiple test cases is very helpful."
 

Cons

"Checkmarx needs to be more scalable for large enterprise companies."
"I would like to see the rate of false positives reduced."
"They should make it more container-friendly and optimized for the CI pipeline. They should make it a little less heavy. Right now, it requires a SQL database, and the way the tool works is that it has an engine and then it has an analysis database in which it stores the information. So, it is pretty heavy from that perspective because you have to have a full SQL Server. They're working on something called Checkmarx Light, which is a slim-down version. They haven't released it yet, but that's what we need. There should be something a little more slimmed down that can just run the analysis and output the results in a format that's readable as opposed to having a full, really big, and thick deployment with a full database server."
"Its user interface could be improved and made more friendly."
"As the solution becomes more complex and feature rich, it takes more time to debug and resolve problems. Feature-wise, we have no complaints, but Checkmarx becomes harder to maintain as the product becomes more complex. When I talk to support, it takes them longer to fix the problem than it used to."
"Micro-services need to be included in the next release."
"Checkmarx has a slightly difficult compilation with the CI/CD pipeline."
"The plugins for the development environment have room for improvements such as for Android Studio and X code."
More Checkmarx One cons
"The reporting needs to be improved."
"I think it would be better if we could also do the reporting with CucumberStudio."
"A key area for improvement is to revamp outdated components such as HipTest publisher."
"Another kind of deployment might be useful, perhaps an option to install the tool in a local deployment."
"I would like to see better customer support."
"CucumberStudio's API integration could be improved both in terms of reliability and design."
"A key area for improvement is to revamp outdated components such as HipTest publisher."
 

Pricing and Cost Advice

"We're using a commercial version of Checkmarx, and we paid for the solution for one year. The price is high and could be reduced."
"Before implementing the product I would evaluate if it is really necessary to scan so many different languages and frameworks. If not, I think there must be a cheaper solution for scanning Java-only applications (which are 90% of our applications)."
"We have purchased an annual license to use this solution. The price is reasonable."
"The pricing was not very good. This is just a framework which shouldn’t cost so much."
"The tool's pricing is fine."
"The average deal size was usually anywhere between $120K to $175K on an annual basis, which could be divided across 12 months."
"It is the right price for quality delivery."
"Checkmarx is comparatively costlier than other products, which is why some of the customers feel reluctant to go for it, though performance-wise, Checkmarx can compete with other products."
More Checkmarx One pricing and cost advice
Information not available
report
See which vendors are best for you
Use our free recommendation engine to learn which Dynamic Application Security Testing (DAST) solutions are best for your needs.
See recommendations
869,566 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
19%
Computer Software Company
13%
Manufacturing Company
10%
Government
6%
No data available
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business30
Midsize Enterprise9
Large Enterprise38
By reviewers
Company SizeCount
Small Business3
Midsize Enterprise3
Large Enterprise4
 

Questions from the Community

What alternatives are there for Fortify WebInspect and Fortify SCA?
I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as well. Veracode is only a cloud solution. Hope this helps.
See all answers
What do you like most about Checkmarx?
Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%.
See all answers
What is your experience regarding pricing and costs for Checkmarx?
The pricing is relatively expensive due to the product's quality and performance, but it is worth it.
See all answers
What needs improvement with Hiptest?
CucumberStudio's API integration could be improved both in terms of reliability and design. The API requires data to be sent in a specific format, which takes time to build. Additionally, the repor...
See all answers
What is your primary use case for Hiptest?
I use CucumberStudio as a test case repository. All of our test cases are stored there. It is also part of our test planning process. For every sprint, we plan the test cases in CucumberStudio and ...
See all answers
What advice do you have for others considering Hiptest?
For teams following a BDD style software development approach, CucumberStudio is a great collaborative tool that covers all the basic requirements of a test management tool. I would rate CucumberSt...
See all answers
 

Comparisons

SonarQube Server (formerly SonarQube) vs Checkmarx One Logo
SonarQube Server (formerly SonarQube) vs Checkmarx One
Compared 44% of the time
Veracode vs Checkmarx One Logo
Veracode vs Checkmarx One
Compared 7% of the time
Checkmarx SAST vs Checkmarx One Logo
Checkmarx SAST vs Checkmarx One
Compared 7% of the time
OpenText Core Application Security vs Checkmarx One Logo
OpenText Core Application Security vs Checkmarx One
Compared 5% of the time
GitHub Advanced Security vs Checkmarx One Logo
GitHub Advanced Security vs Checkmarx One
Compared 4% of the time
More Checkmarx One Competitors
TestRail vs CucumberStudio Logo
TestRail vs CucumberStudio
Compared 58% of the time
GitHub CoPilot vs CucumberStudio Logo
GitHub CoPilot vs CucumberStudio
Compared 42% of the time
More CucumberStudio Competitors
 

Product Reports

Buyer's Guide
Checkmarx One
October 2025
Checkmarx One reportDownload Checkmarx One product report
Buyer's Guide
Rapid Application Development Software
September 2025
CucumberStudio reportDownload CucumberStudio product report
 

Also Known As

No data available
Hiptest
 

Overview

Checkmarx One is an enterprise cloud-native application security platform focused on providing cross-tool, correlated results to help AppSec and developer teams prioritize where to focus time and resources.

Checkmarx One offers comprehensive application scanning across the SDLC:

  • Static Application Security Testing (SAST)
  • Software Composition Analysis (SCA)
  • API security
  • Dynamic Application Security Testing (DAST)
  • Container security
  • IaC security
  • Correlation, prioritization, and risk management
  • Codebashing secure code training
  • AI security
  • Tech partnerships extending AppSec into runtime analysis
  • Developer tool integrations including: CI/CD tools, development frameworks, feedback tools, IDEs, programming languages and SCMs

Checkmarx One provides everything you need to secure application development from the first line of code through deployment and runtime in the cloud. With an ever-evolving set of AppSec engines, correlation and prioritization features, and AI capabilities, Checkmarx One helps consolidate expanding lists of AppSec tools and make better sense of results. Its capabilities are designed to provide an improved developer experience to build trust with development teams and ensure the success of your AppSec program investment.

Checkmarx

Formerly HipTest: CucumberStudio is the leading collaboration platform for BDD - an easy-to-use tool to define ideas, test code, and learn in production from real-time insight.

SmartBear
 

Sample Customers

YIT, Salesforce, Coca-Cola, SAP, U.S. Army, Liveperson, Playtech Case Study: Liveperson Implements Innovative Secure SDLC
Cisco, Cardinal Health, Intuit, Smartbox, Accenture, Deliveroo
Buyer's Guide
Checkmarx One vs. CucumberStudio
September 2025
Free Report: Checkmarx One vs. CucumberStudio
Find out what your peers are saying about Checkmarx One vs. CucumberStudio and other solutions. Updated: September 2025.
DOWNLOAD NOW
869,566 professionals have used our research since 2012.
See our Checkmarx One vs. CucumberStudio report.
See our list of best Dynamic Application Security Testing (DAST) vendors.

We monitor all Dynamic Application Security Testing (DAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.