We performed a comparison between Checkmarx One and Fortify Software Security Center based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Testing (AST)."The SAST component was absolutely 100% stable."
"The most valuable features of Checkmarx are the automation and information that it provides in the reports."
"We use the solution for dynamic application testing."
"The most valuable feature of Checkmarx is the user interface, it is very easy to use. We do not need to configure anything, we only have to scan to see the results."
"Helps us check vulnerabilities in our SAP Fiori application."
"The setup is very easy. There is a lot of information in the documents which makes the install not difficult at all."
"The process of remediating software security vulnerabilities can now be performed (ongoing) as portions of the application are being built in advance of being compiled."
"The most valuable features of Checkmarx are difficult to pinpoint because of the way the functionalities and the features are intertwined, it's difficult to say which part of them I prefer most. You initiate the scan, you have a scan, you have the review set, and reporting, they all work together as one whole process. It's not like accounting software, where you have the different features, et cetera."
"You can easily download the tool's rule packs and update them."
"This is a stable solution at the end of the day."
"The reporting is very useful because you can always view an entire list of the issues that you have."
"They could work to improve the user interface. Right now, it really is lacking."
"If it is a very large code base then we have a problem where we cannot scan it."
"I would like the product to include more debugging and developed tools. It needs to also add enhancements on the coding side."
"The tool is currently quite static in terms of finding security vulnerabilities. It would be great if it was more dynamic and we had even more tools at our disposal to keep us safe. It would help if there was more scanning or if the process was more automated."
"Its pricing model can be improved. Sometimes, it is a little complex to understand its pricing model."
"You can't use it in the continuous delivery pipeline because the scanning takes too much time."
"I would like to see the DAST solution in the future."
"The pricing can get a bit expensive, depending on the company's size."
"This solution is difficult to implement, and it should be made more comfortable for the end-users."
"We are having issues with false positives that need to be resolved."
"Fortify Software Security Center's setup is really painful."
More Fortify Software Security Center Pricing and Cost Advice →
Checkmarx One is ranked 3rd in Application Security Testing (AST) with 67 reviews while Fortify Software Security Center is ranked 27th in Application Security Testing (AST) with 3 reviews. Checkmarx One is rated 7.6, while Fortify Software Security Center is rated 7.4. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Fortify Software Security Center writes "A fair-priced solution that helps with application security testing ". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Fortify Software Security Center is most compared with Fortify on Demand, Tricentis Tosca and Fortify WebInspect.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.