• Home
  • Checkmarx One vs. Fortra Tripwire IP360

Checkmarx One vs Fortra Tripwire IP360 comparison

Cancel
You must select at least 2 products to compare!
Checkmarx Logo

Checkmarx One

Read 67 Checkmarx One reviews
387 views|265 comparisons
86% willing to recommend
Fortra Logo

Fortra Tripwire IP360

Read 6 Fortra Tripwire IP360 reviews
433 views|322 comparisons
60% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Vulnerability Management
April 2024
Executive Summary

We performed a comparison between Checkmarx One and Fortra Tripwire IP360 based on real PeerSpot user reviews.

Find out what your peers are saying about Tenable, Wiz, Check Point Software Technologies and others in Vulnerability Management.
To learn more, read our detailed Vulnerability Management Report (Updated: April 2024).
Download the complete report
769,236 professionals have used our research since 2012.
Featured Review
Anonymous User
No need to compile the code to execute static code analysis, but should be more container-friendly and optimized for...
I use both the static code analysis and the open-source analysis engine. It gives visibility into weaknesses and the software that may be there in... Read more →
Corey Cole
The solution helps users to manage their entire IP range, but it's unreliable and very expensive to maintain
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Checkmarx has helped us deliver more secure products. We are able to do static code analysis with the tool before shipping our code to production. When the integration is in the pipeline, this tool gives us early notifications on code fixes.""The best thing about Checkmarx is the amount of vulnerabilities that it can find compared to other free tools.""What I like best about Checkmarx is that it has fewer false positives than other products, giving you better results.""From my point of view, it is the best product on the market.""Apart from software scanning, software composition scanning is valuable.""It has all the features we need.""Most valuable features include: ease of use, dashboard. interface and the ability to report.""It shows in-depth code of where actual vulnerabilities are."

More Checkmarx One Pros →

"It's become the pinnacle point for anything that enters the network or anything that's passing through to production to first be affected by IP360, hardened, and up to standard. For our integrity management, one was deployed in the bank about two years ago and that's still going to expand the usage and the product itself. That will go hand in hand with training and expanding the product as for where it's deployed.""We could manage our entire IP range with the solution.""Tripwire IP360 is a very stable solution."

More Fortra Tripwire IP360 Pros →

Cons
"Its user interface could be improved and made more friendly.""I would like to see the rate of false positives reduced.""The plugins for the development environment have room for improvements such as for Android Studio and X code.""The lack of ability to review compiled source code. It would then be able to compete with other scanning tools, such as Veracode.""Checkmarx could improve the solution reports and false positives. The false positives could be reduced. For example, we have alerts that are tagged as vulnerabilities but when you drill down they are not.""Implementing a blackout time for any user or teams: Needs improvement.""The statistics module has a function that allows you to show some statistics, but I think it's limited. Maybe it needs more information.""This product requires you to create your own rulesets. You have to do a lot of customization."

More Checkmarx One Cons →

"The reporting functions can use improvement. There is room for growth because reporting functions differ a lot depending on what you're going to output. It depends on whether it's for technical or senior management and how it's interpreted. There could be growth within the reporting functionality side.""I am not very impressed by the technical support.""We need to dedicate time and resources to keep it running."

More Fortra Tripwire IP360 Cons →

Pricing and Cost Advice
  • "It is the right price for quality delivery."
  • "I believe pricing is better compared to other commercial tools."
  • "The pricing was not very good. This is just a framework which shouldn’t cost so much."
  • "The pricing is competitive and provides a lower TCO (total cost of ownership) for achieving application security."
  • "It is a good product but a little overpriced."
  • "The license has a vague language around P1 issues and the associated support. Make sure to review these in order to align them with your organizational policies."
  • "​Checkmarx is not a cheap scanning tool, but none of the security tools are cheap. Checkmarx is a powerful scanning tool, and it’s essential to have one of these products."
  • "We got a special offer for a 30% reduction for three years, after our first year. I think for a real source-code scanning tool, you have to add a lot of money for Open Source Analysis, and AppSec Coach (160 Euro per user per year)."

    • More Checkmarx One Pricing and Cost Advice →

  • "I believe the price compares well within the market."
  • "The product was expensive for us."

    • More Fortra Tripwire IP360 Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
    See Recommendations
    769,236 professionals have used our research since 2012.
    Questions from the Community
    What alternatives are there for Fortify WebInspect and Fortify SCA?
    Top Answer:I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as well. Veracode is only a cloud solution. Hope this helps.
    Read all 4 answers   →
    What do you like most about Checkmarx?
    Top Answer:Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%.
    Read all 38 answers   →
    What is your experience regarding pricing and costs for Checkmarx?
    Top Answer:The solution's price is high and you pay based on the number of users.
    Read all 25 answers   →
    What do you like most about Tripwire IP360?
    Top Answer:We could manage our entire IP range with the solution.
    Read all 3 answers   →
    What is your experience regarding pricing and costs for Tripwire IP360?
    Top Answer:The product was expensive for us. It was not cost-effective for how we used it to do the job. We didn't think it was worth the money.
    Read all 3 answers   →
    What needs improvement with Tripwire IP360?
    Top Answer:It's an enterprise-level tool. If we’re not putting it in everything, it's very expensive to maintain in terms of people and time. We need to dedicate time and resources to keep it running. It was… more »
    Read all 4 answers   →
    Ranking
    11th
    out of 112 in Vulnerability Management
    Views
    387
    Comparisons
    265
    Reviews
    21
    Average Words per Review
    513
    Rating
    7.7
    39th
    out of 112 in Vulnerability Management
    Views
    433
    Comparisons
    322
    Reviews
    1
    Average Words per Review
    592
    Rating
    6.0
    Comparisons
    Also Known As
    IP360
    Learn More
    Checkmarx
    Fortra
    Overview

    Checkmarx is a highly accurate and flexible static code analysis product that allows organizations to automatically scan uncompiled code and identify hundreds of security vulnerabilities in all major coding languages and software frameworks. Checkmarx is available as a standalone product and can be effectively integrated into the software development lifecycle (SDLC) to streamline vulnerability detection and remediation. Checkmarx is trusted by leading organizations such as SAP, Samsung, and Salesforce.com.

    Checkmarx is a global leader in software security solutions for modern software development. Checkmarx delivers a comprehensive software security platform that unites with DevOps by scanning uncompiled source code for security vulnerabilities early in the development life cycle to reduce and remediate risk from software vulnerabilities. Using Checkmarx, teams avoid software security vulnerabilities managed via a single and unified dashboard without slowing down their delivery schedule.

    Checkmarx balances the needs of the entire organization, delivering seamless security from the start and throughout the entire software development life cycle. Checkmarx can be deployed on-premises in a private data center or hosted via a public cloud.

    Checkmarx Features

    Some of Checkmarx’s features include:

    • Source code scanning: Detect and repair more vulnerabilities before you release your code.

    • Open-source scanning: Find and eliminate the risks in your open-source code.

    • Interactive code scanning: Scan for vulnerabilities and runtime threats.

    • Open-source security for infrastructure as code: Identify and fix insecure IaC configurations that put your application at risk.

    Reviews from Real Users

    Checkmarx stands out among its competitors for a number of reasons. Two major ones are its ability to enable developers to secure their code with a single management dashboard and its high-speed scanning abilities.

    PeerSpot users note the effectiveness of these features. A CEO at a tech services company writes, “The most valuable features are the easy-to-understand interface, and it’s very user-friendly. We spend some time tuning to start scanning a new project, which is only a few clicks. A few simple tunes for custom rules and we can start our scan. We can do the work quickly and we don't need to compile the source code because Checkmarx does the work without compiling the project. The scanning is very quick. It's about 20,000 lines per hour, which is a good speed for scanning.”

    A director at a tech services company notes, “The features and technologies are very good. The flexibility and the roadmap have also been very good. They're at the forefront of delivering the additional capabilities that are required with cloud delivery, etc. Their ability to deliver what customers require and when they require is very important.”

    A senior manager at a manufacturing company writes, “The identification of verification-related security vulnerabilities is really important and one of the key things. It also identifies vulnerabilities for any kind of third-party tool coming into the system or any third-party tools that you are using, which is very useful for avoiding random hacking."

    Tripwire IP360 is a powerful vulnerability management solution that identifies and prioritizes network vulnerabilities for remediation. It is highly effective in scanning devices and applications, improving security posture, ensuring compliance, and managing risks. 

    Users value its detailed reporting, user-friendly interface, and seamless integration with other security tools for efficient security management.

    Sample Customers
    YIT, Salesforce, Coca-Cola, SAP, U.S. Army, Liveperson, Playtech Case Study: Liveperson Implements Innovative Secure SDLC
    1. Aetna 2. Accenture 3. Adidas 4. AIG 5. Airbus 6. Akamai 7. Amazon 8. American Express 9. Aon 10. Apple 11. ATT 12. Autodesk 13. Bank of America 14. Barclays 15. Bayer 16. Bechtel 17. BlackRock 18. Boeing 19. BNP Paribas 20. Cisco 21. CocaCola 22. Comcast 23. Dell 24. Deutsche Bank 25. eBay 26. ExxonMobil 27. FedEx 28. Ford 29. General Electric 30. Google 31. HP 32. IBM
    Top Industries
    REVIEWERS
    Computer Software Company31%
    Financial Services Firm19%
    Manufacturing Company9%
    Comms Service Provider9%
    VISITORS READING REVIEWS
    Financial Services Firm21%
    Computer Software Company15%
    Manufacturing Company9%
    Insurance Company5%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Financial Services Firm18%
    Government9%
    Energy/Utilities Company8%
    Company Size
    REVIEWERS
    Small Business38%
    Midsize Enterprise13%
    Large Enterprise50%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise11%
    Large Enterprise72%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise11%
    Large Enterprise73%
    Buyer's Guide
    Vulnerability Management
    April 2024
    Download Free Report
    Find out what your peers are saying about Tenable, Wiz, Check Point Software Technologies and others in Vulnerability Management. Updated: April 2024.
    DOWNLOAD NOW
    769,236 professionals have used our research since 2012.

    Checkmarx One is ranked 11th in Vulnerability Management with 67 reviews while Fortra Tripwire IP360 is ranked 39th in Vulnerability Management with 6 reviews. Checkmarx One is rated 7.6, while Fortra Tripwire IP360 is rated 7.0. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Fortra Tripwire IP360 writes "The solution helps users to manage their entire IP range, but it's unreliable and very expensive to maintain". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Fortra Tripwire IP360 is most compared with Tenable Nessus.

    See our list of best Vulnerability Management vendors.

    We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.