We performed a comparison between Checkmarx One and Fortra Tripwire IP360 based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Wiz, Check Point Software Technologies and others in Vulnerability Management."Checkmarx has helped us deliver more secure products. We are able to do static code analysis with the tool before shipping our code to production. When the integration is in the pipeline, this tool gives us early notifications on code fixes."
"The best thing about Checkmarx is the amount of vulnerabilities that it can find compared to other free tools."
"What I like best about Checkmarx is that it has fewer false positives than other products, giving you better results."
"From my point of view, it is the best product on the market."
"Apart from software scanning, software composition scanning is valuable."
"It has all the features we need."
"Most valuable features include: ease of use, dashboard. interface and the ability to report."
"It shows in-depth code of where actual vulnerabilities are."
"It's become the pinnacle point for anything that enters the network or anything that's passing through to production to first be affected by IP360, hardened, and up to standard. For our integrity management, one was deployed in the bank about two years ago and that's still going to expand the usage and the product itself. That will go hand in hand with training and expanding the product as for where it's deployed."
"We could manage our entire IP range with the solution."
"Tripwire IP360 is a very stable solution."
"Its user interface could be improved and made more friendly."
"I would like to see the rate of false positives reduced."
"The plugins for the development environment have room for improvements such as for Android Studio and X code."
"The lack of ability to review compiled source code. It would then be able to compete with other scanning tools, such as Veracode."
"Checkmarx could improve the solution reports and false positives. The false positives could be reduced. For example, we have alerts that are tagged as vulnerabilities but when you drill down they are not."
"Implementing a blackout time for any user or teams: Needs improvement."
"The statistics module has a function that allows you to show some statistics, but I think it's limited. Maybe it needs more information."
"This product requires you to create your own rulesets. You have to do a lot of customization."
"The reporting functions can use improvement. There is room for growth because reporting functions differ a lot depending on what you're going to output. It depends on whether it's for technical or senior management and how it's interpreted. There could be growth within the reporting functionality side."
"I am not very impressed by the technical support."
"We need to dedicate time and resources to keep it running."
Checkmarx One is ranked 11th in Vulnerability Management with 67 reviews while Fortra Tripwire IP360 is ranked 39th in Vulnerability Management with 6 reviews. Checkmarx One is rated 7.6, while Fortra Tripwire IP360 is rated 7.0. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Fortra Tripwire IP360 writes "The solution helps users to manage their entire IP range, but it's unreliable and very expensive to maintain". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Fortra Tripwire IP360 is most compared with Tenable Nessus.
See our list of best Vulnerability Management vendors.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.