We performed a comparison between Checkmarx One and PortSwigger Burp Suite Enterprise Edition based on real PeerSpot user reviews.
Find out in this report how the two Vulnerability Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The setup is very easy. There is a lot of information in the documents which makes the install not difficult at all."
"The setup is fairly easy. We didn't struggle with the process at all."
"Overall, the ability to find vulnerabilities in the code is better than the tool that we were using before."
"The most valuable feature is the application tracking reporting."
"It has all the features we need."
"We were using HPE Security Fortify to scan code for security vulnerabilities, but it can scan only after a successful compile. If the code has dependencies or build errors, the scan fails. With Checkmarx, pre-compile scanning is seamless. This allows us to scan more code."
"We use the solution to validate the source code and do SAST and security analysis."
"The most valuable feature is that it actually identifies the different criteria you can set to meet whatever standards you're trying to get your system accredited for."
"The tool is loaded with many features that give us ROI."
"I like normal dynamic scanning, general web applications scanning, and vulnerability assessments."
"Parallel scans can be done with PortSwigger Burp Suite Enterprise Edition."
"We are in the early stage of using the solution making it difficult to fully determine the best features. However, we have noticed the CMDB and device discovery features look valuable at this time."
"The most valuable features of PortSwigger Burp Suite Enterprise Edition are the vast amount of options and ease of use. They frequently improve the solution every six months to a year. Additionally, if we want any more features we can upload a custom script to meet our needs."
"The initial setup is straightforward."
"The product's initial setup phase was super easy."
"The product is easy to use."
"Checkmarx being Windows only is a hindrance. Another problem is: why can't I choose PostgreSQL?"
"The product can be improved by continuing to expand the application languages and frameworks that can be scanned for vulnerabilities. This includes expanded coverage for mobile applications as well as open-source development tools."
"The tool is currently quite static in terms of finding security vulnerabilities. It would be great if it was more dynamic and we had even more tools at our disposal to keep us safe. It would help if there was more scanning or if the process was more automated."
"The product's reporting feature could be better. The feature works well for developers, but reports generated to be shared with external parties are poor, it lacks the details one gets when viewing the results directly from the Checkmarx One platform."
"The lack of ability to review compiled source code. It would then be able to compete with other scanning tools, such as Veracode."
"We can run only one project at a time."
"I would like to see the rate of false positives reduced."
"The reports are good, but they still need to be improved considering what the UI offers."
"The stability of the scans could be improved."
"The product needs to have the ability to evaluate more."
"The solution is a bit expensive."
"The implementation of the solution is quite complicated and could be easier."
"There are features or functionality missing, but PortSwigger Burp Suite Enterprise Edition does try to update frequently to alleviate the shortcomings."
"It would be better if the solution is cloud-based."
"There's definitely room for improvement. There are lots of false positives. Once I do the manual assessment, it comes as a false positive. They need to improve the Enterprise Edition, especially the part that gives false positives."
"The cost per license per user could be cheaper, specifically for individual licensing."
More PortSwigger Burp Suite Enterprise Edition Pricing and Cost Advice →
Checkmarx One is ranked 11th in Vulnerability Management with 67 reviews while PortSwigger Burp Suite Enterprise Edition is ranked 13th in Vulnerability Management with 8 reviews. Checkmarx One is rated 7.6, while PortSwigger Burp Suite Enterprise Edition is rated 8.0. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of PortSwigger Burp Suite Enterprise Edition writes " With a super easy initial setup phase, the tool also offers regular updates". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas PortSwigger Burp Suite Enterprise Edition is most compared with Acunetix, Tenable Nessus, Rapid7 Metasploit, Tenable Vulnerability Management and Wiz. See our Checkmarx One vs. PortSwigger Burp Suite Enterprise Edition report.
See our list of best Vulnerability Management vendors.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.