No more typing reviews! Try our Samantha, our new voice AI agent.

Checkmarx One vs Kore.ai comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Checkmarx One
Ranking in AI Security
3rd
Average Rating
7.8
Reviews Sentiment
6.6
Number of Reviews
81
Ranking in other categories
Application Security Tools (2nd), Static Application Security Testing (SAST) (2nd), Vulnerability Management (15th), Container Security (14th), Static Code Analysis (2nd), API Security (4th), Dynamic Application Security Testing (DAST) (2nd), DevSecOps (2nd), Risk-Based Vulnerability Management (11th), Application Security Posture Management (ASPM) (3rd)
Kore.ai
Ranking in AI Security
7th
Average Rating
7.8
Number of Reviews
15
Ranking in other categories
AI Agent Builders (7th), AI Customer Experience Personalization (5th), AI Customer Support (2nd), AI IT Support (7th)
 

Mindshare comparison

As of July 2026, in the AI Security category, the mindshare of Checkmarx One is 1.5%, down from 3.5% compared to the previous year. The mindshare of Kore.ai is 0.5%. It is calculated based on PeerSpot user engagement data.
AI Security Mindshare Distribution
ProductMindshare (%)
Checkmarx One1.5%
Kore.ai0.5%
Other98.0%
AI Security
 

Featured Reviews

Shahzad Shahzad - PeerSpot reviewer
Senior Solution Architect | L3+ Systems & Cloud Engineer | SRE Specialist at Canada Cloud Solution
Enable secure development workflows while identifying opportunities for faster scans and improved AI guidance
Checkmarx One is a very strong platform, but there are several areas where it can improve to support modern DevSecOps workflows even better. For example, better real-time developer guidance is needed. The IDE plugin should offer richer AI-powered auto-fixes similar to SNYK Code or GitHub Copilot Security, as current guidance is good but not deeply contextual for large-scale enterprise codebases. This matters because it reduces developer friction and accelerates shift-left adoption. More transparency control over the correlation engines is another need. The correlation engine is powerful but not fully transparent. Users want to understand why vulnerabilities were correlated or de-prioritized, which helps AppSec teams trust the prioritization logic. Faster SAST scan and more language coverage is needed since SAST scan can still be slow for very large mono-repos and there is limited deep support for new language frameworks like Rust and Go, along with advanced coverage for serverless-specific frameworks. This matters because large organizations want sub-minute scans in CI/CD as cloud-native ecosystems evolve fast. A strong API security module is another area for enhancement. API security scanning could be improved with active testing, API discovery, full Swagger, OpenAPI, drift detection, and schema-based fuzzing. This is important as API attacks are one of the biggest AppSec risks in 2025. Checkmarx One is strong, but I see a few areas for improvement including faster SAST scanning for large mono-repos, deeper language framework support, more transparent correlation logic, and stronger API security that includes discovery and runtime context. The IDE plugin could offer more AI-assisted fixes, and the SBOM lifecycle tracking can evolve further. Enhancing integration with SIEM and SOAR would also make enterprise adoption smoother, and these improvements would help developers and AppSec teams move faster with more accuracy.
Judin Augustin - PeerSpot reviewer
Associate Data Scientist at Guide House
Automation has reduced large call centers and provides real-time outbound support for patients
Kore.ai is a low-code platform, and you do not necessarily have to be an expert in artificial intelligence or generative AI to use this platform. However, if you have that experience, it will be a valuable add-on. The main advantage is that it has almost every kind of plugin available to use, whether for live agents or if you want to use it as a call center. You have real-time capabilities and the most useful plugins available, with almost every kind of model available with configurations. We can configure the ML models and train them. The platform is very user-friendly with explanatory features and a great UI. One significant feature is the live testing platform with Kore.ai. When you are creating a workflow, you have an interactive, real-time testing platform that reflects every change you make. This makes it easy to debug errors or add new features. Additionally, Kore.ai has many different tools and platforms that cater to different needs, whether for a call center, normal workflow, or machine learning workflow, which is really useful. Because of Kore.ai, it was much easier than creating something manually. A low-code platform always helps, and when that platform has this much capability, it provides far more value than manual development. It was particularly helpful for our team that we could create a POC and get that project into production. Kore.ai helped our team build a generative AI outbound calling chatbot, and it truly helped our customers. If you have a hospital with a thousand employees in a call center, you might consider outsourcing. However, with Kore.ai's outbound calling capabilities, you can eliminate the outsourcing part. You do not need a thousand call center employees. You can accomplish this through automation with just one or two employees if people need to switch to agents. This represented a significant cost reduction.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"In my opinion, Checkmarx gives better results, and its protection is better than SonarQube."
"It allows for SAST scanning of uncompiled code. Further, it natively integrates with all key repos formats (Git, TFS, SVN, Perforce, etc)."
"The setup is very easy. There is a lot of information in the documents which makes the install not difficult at all."
"The features and technologies are very good. The flexibility and the roadmap have also been very good. They're at the forefront of delivering the additional capabilities that are required with cloud delivery, etc. Their ability to deliver what customers require and when they require is very important."
"The ability to track the vulnerabilities inside the code (origin and destination of weak variables or functions)."
"Overall, the ability to find vulnerabilities in the code is better than the tool that we were using before."
"The UI is very intuitive and simple to use."
"The license is fairly costly but worth the investment."
"Kore.ai has positively impacted my organization by simplifying the process of responding to emails and streamlining the workflow, saving me considerable time."
"Kore.ai has positively impacted my organization because we are implementors, and I would say that approximately 80% of our income comes from developed projects with Kore.ai."
"Kore.ai has positively impacted my organization by being a big money saver because before having our chatbot, the use case was that every time some of our customers needed help, they used to call a number."
"Kore.ai offers multiple support and services, including API integration, webhook integration, and multiple channels, making it easy to design your own layout, integrate with multiple channels and webhooks, deploy quickly, and track any errors that occur, so it is a good way to start and easy to learn."
"Because of Kore.ai, it was much easier than creating something manually, and when that platform has this much capability, it provides far more value than manual development."
"Kore.ai helped us integrate a lot through documentation and trial and error, making it straightforward to integrate overall, resulting in a very good experience for first-timers."
"Kore.ai offers many valuable features, particularly its extensive array of connectors, allowing easy integration with various ERP systems and the straightforward implementation of webhooks and APIs."
"Kore.ai has positively impacted my organization, as it saved a lot of time in implementation and the proof of concept was very fast to implement and easy to develop."
 

Cons

"I would like to see the DAST solution in the future."
"The product can be improved by continuing to expand the application languages and frameworks that can be scanned for vulnerabilities. This includes expanded coverage for mobile applications as well as open-source development tools."
"Presently they support micro-services, but the supporting methodology of the micro-services is not good enough at the moment."
"Its pricing model can be improved. Sometimes, it is a little complex to understand its pricing model."
"They can support the remaining languages that are currently not supported. They can also create a different model that can identify zero-day attacks. They can work on different patterns to identify and detect zero-day vulnerability attacks."
"The pricing can get a bit expensive, depending on the company's size."
"Checkmarx could improve the solution reports and false positives. The false positives could be reduced. For example, we have alerts that are tagged as vulnerabilities but when you drill down they are not."
"The product's reporting feature could be better. The feature works well for developers, but reports generated to be shared with external parties are poor, it lacks the details one gets when viewing the results directly from the Checkmarx One platform."
"Customer support is where Kore.ai has significant room for improvement. Post-implementation support is a particularly discouraging aspect for me."
"I choose 7.5 out of 10 for Kore.ai because a few things already need to be improved, one of which I have mentioned."
"I rated Kore.ai eight out of ten because of the potential for these additional improvements."
"One thing I have learned is the unpredictability of LLMs and how buggy Kore.ai is as a software."
"The two points I deduct relate to the integrations, which were not as extensive as I initially expected."
"Customer support is okay, I guess. We get what we want from them whenever there is an issue or something, but sometimes when we had issues, it was delayed a lot."
"In support, the team is not the greatest, but it works."
"I would suggest incorporating pre-recorded videos in the tutorials and enhancing the documentation area to make it more user-friendly."
 

Pricing and Cost Advice

"Before implementing the product I would evaluate if it is really necessary to scan so many different languages and frameworks. If not, I think there must be a cheaper solution for scanning Java-only applications (which are 90% of our applications)."
"We're using a commercial version of Checkmarx, and we paid for the solution for one year. The price is high and could be reduced."
"The pricing is competitive and provides a lower TCO (total cost of ownership) for achieving application security."
"It is a good product but a little overpriced."
"It's relatively expensive."
"We have a subscription license that is on a yearly basis, and it's a pretty competitive solution."
"It is an expensive solution."
"For around 250 users or committers, the cost is approximately $500,000."
Information not available
report
Use our free recommendation engine to learn which AI Security solutions are best for your needs.
902,894 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
16%
Manufacturing Company
9%
Computer Software Company
8%
Government
5%
Construction Company
12%
Manufacturing Company
12%
Outsourcing Company
9%
Financial Services Firm
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business32
Midsize Enterprise9
Large Enterprise46
By reviewers
Company SizeCount
Small Business1
Midsize Enterprise3
Large Enterprise14
 

Questions from the Community

What alternatives are there for Fortify WebInspect and Fortify SCA?
I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as well. Veracode is only a cloud solution. Hope this helps.
What is the biggest difference between Veracode and Checkmarx?
According to my experience of using both the tools in different organizations Veracode is a Cloud-native, managed AppSec platform with strong focus on ease of use, it is SaaS delivery, and provide...
What is your experience regarding pricing and costs for Checkmarx?
Checkmarx One is a premium solution, so budget accordingly. Make sure you understand how licensing scales with additional applications and users. I advise negotiating multi-year contracts or bundle...
What is your experience regarding pricing and costs for Kore.ai?
The experience with pricing, setup cost, and licensing of Kore.ai is that the price is low, and the licensing is also not costly.
What needs improvement with Kore.ai?
I do not have much to add regarding how Kore.ai can be improved since it has been a long time since we last used it. There are other platforms that offer more features, but those come at a higher p...
What is your primary use case for Kore.ai?
In my past organization, I used Kore.ai for one of the projects over a period of approximately six to eight months. Our main use case for Kore.ai involved building a Gen AI plus conversational AI p...
 

Comparisons

 

Overview

 

Sample Customers

YIT, Salesforce, Coca-Cola, SAP, U.S. Army, Liveperson, Playtech Case Study: Liveperson Implements Innovative Secure SDLC
Leading banks & Enterprise Companies
Find out what your peers are saying about Checkmarx One vs. Kore.ai and other solutions. Updated: June 2026.
902,894 professionals have used our research since 2012.