We performed a comparison between Checkmarx One and Rapid7 AppSpider based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."What I like best about Checkmarx is that it has fewer false positives than other products, giving you better results."
"The administration in Checkmarx is very good."
"Vulnerability details is valuable."
"It's not an obstacle for developers. They can easily write their code and make it more secure with Checkmarx."
"The most valuable feature is the application tracking reporting."
"The best thing about Checkmarx is the amount of vulnerabilities that it can find compared to other free tools."
"The most valuable feature of Checkmarx is the user interface, it is very easy to use. We do not need to configure anything, we only have to scan to see the results."
"The identification of verification-related security vulnerabilities is really important and one of the key things. It also identifies vulnerabilities for any kind of third-party tool coming into the system or any third-party tools that you are using, which is very useful for avoiding random hacking."
"The entire solution is interactive and has a point-and-click user experience, which makes it easy to find items or drill down on information. You don't need specialized skills to use the product."
"The initial deployment is very straightforward and simple. The product is stable if configured properly."
"The most valuable feature of Rapid7 AppSpider is the vulnerability reporting data. Additionally, the data is reported in a convenient way rather than seeing them as a PDF. We are able to generate all the reports exactly what we want in a flexible way."
"I would say that it is stable, as I am not aware of any major issues."
"AppSpider's most valuable feature is reporting - everything is stored in the local database so it can be sent to other machines."
"When it is set up properly, it can do scanning on web apps with multiple engines automatically."
"The setup is usually straightforward."
"What I like most about AppSpider is that it's easy to use and its automated scan gives me all the details I need to know when it comes to vulnerabilities and their solutions."
"Checkmarx could be improved with more integration with third-party software."
"One area for improvement in Checkmarx is pricing, as it's more expensive than other products."
"They can support the remaining languages that are currently not supported. They can also create a different model that can identify zero-day attacks. They can work on different patterns to identify and detect zero-day vulnerability attacks."
"Checkmarx reports many false positives that we need to manually segregate and mark “Not exploitable”."
"Checkmarx needs to be more scalable for large enterprise companies."
"Meta data is always needed."
"As the solution becomes more complex and feature rich, it takes more time to debug and resolve problems. Feature-wise, we have no complaints, but Checkmarx becomes harder to maintain as the product becomes more complex. When I talk to support, it takes them longer to fix the problem than it used to."
"It is an expensive solution."
"The dashboard and interface are crucial and they need some improvement."
"The enterprise interface is too simple. It should be more customizable."
"It needs better integration with mobile applications."
"Support response times are slow and can be improved."
"AppSpider could improve in the area of integration. They need to add more integration opportunities."
"AppSpider has some problems with the RAM needed while scanning."
"The tech support is responsive but issues remain unresolved."
"The solution is too slow. It could take a full day to scan. Competitors are much faster."
Checkmarx One is ranked 3rd in Static Application Security Testing (SAST) with 67 reviews while Rapid7 AppSpider is ranked 25th in Static Application Security Testing (SAST) with 13 reviews. Checkmarx One is rated 7.6, while Rapid7 AppSpider is rated 7.8. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Rapid7 AppSpider writes "Useful vulnerability reporting data, flexible, and simple implementation". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Rapid7 AppSpider is most compared with Rapid7 InsightAppSec, OWASP Zap, Acunetix, Invicti and Cloudflare. See our Checkmarx One vs. Rapid7 AppSpider report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.