Try our new research platform with insights from 80,000+ expert users

Checkmarx One vs SentinelOne Singularity Cloud Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Zafran Security
Sponsored
Ranking in Vulnerability Management
18th
Average Rating
9.6
Reviews Sentiment
7.8
Number of Reviews
6
Ranking in other categories
Continuous Threat Exposure Management (CTEM) (2nd)
Checkmarx One
Ranking in Vulnerability Management
24th
Average Rating
7.6
Reviews Sentiment
6.9
Number of Reviews
71
Ranking in other categories
Application Security Tools (3rd), Static Application Security Testing (SAST) (4th), Static Code Analysis (3rd), API Security (5th), DevSecOps (5th), Risk-Based Vulnerability Management (9th)
SentinelOne Singularity Clo...
Ranking in Vulnerability Management
5th
Average Rating
8.8
Reviews Sentiment
7.9
Number of Reviews
114
Ranking in other categories
Cloud and Data Center Security (3rd), Container Security (3rd), Cloud Workload Protection Platforms (CWPP) (4th), Cloud Security Posture Management (CSPM) (3rd), Cloud-Native Application Protection Platforms (CNAPP) (3rd), Compliance Management (1st)
 

Mindshare comparison

As of July 2025, in the Vulnerability Management category, the mindshare of Zafran Security is 0.8%, up from 0.0% compared to the previous year. The mindshare of Checkmarx One is 0.8%, up from 0.4% compared to the previous year. The mindshare of SentinelOne Singularity Cloud Security is 2.1%, up from 0.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management
 

Featured Reviews

Israel Cavazos Landini - PeerSpot reviewer
Weekly insights and risk analysis facilitate informed security decisions
I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.
Syed Hasan - PeerSpot reviewer
Partner experiences excellent technical support and seamless initial setup
In my opinion, if we are able to extract or show the report, and because everything is going towards agent tech and GenAI, it would be beneficial if it could get integrated with our code base and do the fix automatically. It could suggest how the code base is written and automatically populate the source code with three different solution options to choose from. This would be really helpful.
Andrew W - PeerSpot reviewer
Tells us about vulnerabilities as well as their impact and helps to focus on real issues
Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Zafran is an excellent tool."
"We are able to see the real risk of a vulnerability on our environment with our security tools."
"Zafran has become an indispensable tool in our cybersecurity arsenal."
"Overall, we have seen about eighty-seven percent reduction of the number of vulnerabilities that require urgency to remediate, specifically the number of criticals."
"We saw benefits from Zafran Security almost immediately after deploying it."
"The most valuable features of Checkmarx are its integration with multiple SCM solutions and CICD tools, its ability to scale according to user licenses, and the quick scanning process."
"Scan reviews can occur during the development lifecycle."
"The solution has good performance, it is able to compute in 10 to 15 minutes."
"The solution communicates where to fix the issue for the purpose of less iterations."
"It can integrate very well with DAST solutions. So both of them are combined into an integrated solution for customers running application security."
"The ability to track the vulnerabilities inside the code (origin and destination of weak variables or functions)."
"What I like best about Checkmarx is that it has fewer false positives than other products, giving you better results."
"It has all the features we need."
"For Singularity, the task capability is easy to use and it has a very intuitive dashboard, which streamlines the processes."
"We noted immediate benefits from using the solution."
"I would rate SentinelOne Singularity Cloud Security a ten out of ten."
"SentinelOne Singularity Cloud Security's most valuable feature is its unified console."
"The most valuable aspect of Singularity Cloud Security is its unified dashboard."
"The compliance monitoring feature of SentinelOne Singularity Cloud Security gives us a report with a compliance score to ensure we meet certain regulatory standards."
"SentinelOne Singularity Cloud Security released a new security graph tool that helps us identify the root issue. Other tools give you a pass/fail type of profile on all misconfigurations, and those will run into the thousands. SentinelOne Singularity Cloud Security's graphing algorithm connects various components together and tries to identify what is severe and what is not. It can correlate various vulnerabilities and datasets to test them on the back end to pinpoint the real issue."
"Singularity Cloud Workload Security provides us with better security detection and more visibility. It is another resource that we can use to detect vulnerabilities in our company's systems. For example, it can help us detect new file processes that we are not familiar with, which could be used by attackers to exploit our systems. Singularity Cloud Workload Security can also help us diagnose and analyze data to determine whether it is malicious or not. Singularity Cloud Workload Security is like another pair of eyes that can help us protect our systems from cyberattacks."
 

Cons

"The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvements."
"I think the ability to have some enhanced reporting capabilities is something they can improve on, as they have good reports but we have asked for some specific reporting enhancements."
"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."
"The lack of ability to review compiled source code. It would then be able to compete with other scanning tools, such as Veracode."
"Checkmarx has a slightly difficult compilation with the CI/CD pipeline."
"I would like to see the tool’s pricing improved."
"As the solution becomes more complex and feature rich, it takes more time to debug and resolve problems. Feature-wise, we have no complaints, but Checkmarx becomes harder to maintain as the product becomes more complex. When I talk to support, it takes them longer to fix the problem than it used to."
"Updating and debugging of queries is not very convenient."
"If it is a very large code base then we have a problem where we cannot scan it."
"The reports are good, but they still need to be improved considering what the UI offers."
"The Dynamic Application Security Testing (DAST) feature should be better."
"One area for improvement could be the internal analysis process, specifically the guidance provided for remediation."
"For vulnerabilities, they are showing CVE ID. The naming convention should be better so that it indicates the container where a vulnerability is present. Currently, they are only showing CVE ID, but the same CVE ID might be present in multiple containers. We would like to have the container name so that we can easily fix the issue."
"SentinelOne Singularity Cloud Security is an excellent CSPM tool, but its CWPP features need improvement, and there is scope for more application security posture management features."
"To enhance the notification system's efficiency, resolved issues should be promptly removed from the portal."
"Cloud Native Security's reporting could be better. We are unable to see which images are impacted. Several thousand images have been deployed, so if we can see some application-specific information in the dashboard, we can directly send that report to the team that owns the application. We'd also like the option to download the report from the portal instead of waiting for the report to be sent to our email."
"When we get a new finding from SentinelOne Singularity Cloud Security, I wish we could get an alert in the console, so we can work on it before we see it in the report. It would be very useful for the team that is actively working on the SentinelOne Singularity Cloud Security platform, so we can close the issue the same day before it appears in the daily report."
"We had a glitch in SentinelOne Singularity Cloud Security where it fed us false positives in the past."
"The area of improvement is the cost, which is high compared to other traditional endpoint protections."
 

Pricing and Cost Advice

Information not available
"I would rate the solution’s pricing an eight out of ten. The tool’s pricing is higher than others and it is for the license alone."
"It is not expensive, but sometimes, their pricing model or licensing model is not very clear. There are similar variables, such as projects or developers, and sometimes, it is a little bit confusing."
"​Checkmarx is not a cheap scanning tool, but none of the security tools are cheap. Checkmarx is a powerful scanning tool, and it’s essential to have one of these products."
"The tool's pricing is fine."
"It's relatively expensive."
"We got a special offer for a 30% reduction for three years, after our first year. I think for a real source-code scanning tool, you have to add a lot of money for Open Source Analysis, and AppSec Coach (160 Euro per user per year)."
"The average deal size was usually anywhere between $120K to $175K on an annual basis, which could be divided across 12 months."
"Most of my customers opted for a perpetual license. They prefer to pay the highest amount up front for the perpetual license and then pay for additional support annually."
"PingSafe falls somewhere in the middle price range, neither particularly cheap nor expensive."
"I would rate the cost a seven out of ten with ten being the most costly."
"SentinelOne is quite costly compared to other security platforms."
"The licensing is easy to understand and implement, with some flexibility to accommodate dynamic environments."
"Its pricing was a little less than other providers."
"I wasn't sure what to expect from the pricing, but I was pleasantly surprised to find that it was a little less than I thought."
"It is not that expensive. There are some tools that are double the cost of PingSafe. It is good on the pricing side."
"The pricing tends to be high."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
864,053 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
11%
Financial Services Firm
11%
Manufacturing Company
7%
Healthcare Company
6%
Financial Services Firm
20%
Computer Software Company
14%
Manufacturing Company
10%
Government
6%
Computer Software Company
16%
Financial Services Firm
15%
Manufacturing Company
9%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?
Since we stood Zafran Security up in our private cloud, we handle the maintenance on our side. As we opted not to use...
What needs improvement with Zafran Security?
In terms of areas for improvement, Zafran Security is doing a really great job as a new and emerging company. Oftenti...
What is your primary use case for Zafran Security?
My use cases for Zafran Security revolve around two primary areas. One is around vulnerability management and priorit...
What alternatives are there for Fortify WebInspect and Fortify SCA?
I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as ...
What do you like most about Checkmarx?
Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%.
What is your experience regarding pricing and costs for Checkmarx?
The pricing is relatively expensive due to the product's quality and performance, but it is worth it.
What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
I don't handle the price part, but it isn't more expensive than Palo Alto Prisma Cloud. It's not cheap, but it is wor...
What needs improvement with PingSafe?
There is scope for more application security posture management features. Additionally, the runtime protection needs ...
 

Also Known As

No data available
No data available
PingSafe
 

Overview

 

Sample Customers

Information Not Available
YIT, Salesforce, Coca-Cola, SAP, U.S. Army, Liveperson, Playtech Case Study: Liveperson Implements Innovative Secure SDLC
Information Not Available
Find out what your peers are saying about Checkmarx One vs. SentinelOne Singularity Cloud Security and other solutions. Updated: July 2025.
864,053 professionals have used our research since 2012.