Checkmarx vs. Fortify by OpenText

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Checkmarx
Score 8.2 out of 10
N/A
Checkmarx, an Israeli headquartered company with US offices, provides a suite of application security software delivered via the Checkmarx Software Security Platform. Individual modules and capabilities include Checkmarx Static Application Security Testing, Checkmarx Software Composition Analysis, Checkmarx Interactive Application Security Testing (CxIAST)N/A
Fortify by OpenText
Score 9.4 out of 10
N/A
An AppSec solution formerly from Micro Focus, spanning SCA, SAST and DAST that supports the breadth and management of any application portfolio, used to secure code. Features API discovery and testing for any application, throughout the software lifecycle.N/A
Pricing
CheckmarxFortify by OpenText
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
CheckmarxFortify by OpenText
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
CheckmarxFortify by OpenText
Considered Both Products
Checkmarx

No answer on this topic

Fortify by OpenText
Chose Fortify by OpenText
Micro Focus Fortify WebInspect is better when it comes to speed, integration and detection capabilities as compared to Insight Appsec. What I loved the most is the broad coverage of vulnerabilities it identified as against Insight Appsec. Apart from detection capabilities the …
Top Pros

No answers on this topic

Top Cons

No answers on this topic

Best Alternatives
CheckmarxFortify by OpenText
Small Businesses
GitLab
GitLab
Score 8.9 out of 10
GitLab
GitLab
Score 8.9 out of 10
Medium-sized Companies
GitLab
GitLab
Score 8.9 out of 10
GitLab
GitLab
Score 8.9 out of 10
Enterprises
GitLab
GitLab
Score 8.9 out of 10
GitLab
GitLab
Score 8.9 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
CheckmarxFortify by OpenText
Likelihood to Recommend
7.0
(3 ratings)
9.8
(5 ratings)
Likelihood to Renew
-
(0 ratings)
10.0
(1 ratings)
Support Rating
-
(0 ratings)
10.0
(1 ratings)
User Testimonials
CheckmarxFortify by OpenText
Likelihood to Recommend
Checkmarx
Chechmarx is really suited for finding wide range of security risks. It although identifies false positives which can be confusing at times. It can do better in terms of scan duration. They are better alternate competitors in the market who can do equally good or even better. It all depends on the scope of the problem you want to address
Read full review
OpenText
SDLC deployment is simple. simple to use The coverage is thorough and complete as a DAST product.
Read full review
Pros
Checkmarx
  • Reporting
  • Language support
  • Fix recommendations
Read full review
OpenText
  • Detection of vulnerabilities
  • Scanning pipelines
  • Integration is super easy
  • Scanned cloud based applications
Read full review
Cons
Checkmarx
  • Lots of false positives
  • Hard to integrate with CI
Read full review
OpenText
  • Reporting could be better
  • Can be an involved setup if your organization is not using common build tools
  • Users get spammed with a lot of email updates from the service
Read full review
Likelihood to Renew
Checkmarx
No answers on this topic
OpenText
Since every firm needs to perform static code analysis on their applications, I believe Micro Focus Fortify WebInspect would work well for them (they also offer dynamic scanning, although I haven't used it myself). Different static analysis tools scan code in different ways, and Micro Focus Fortify WebInspect asks you to submit a complete build of the application along with debugging files. Depending on how your company builds its apps, this requirement may be simple or challenging.
Read full review
Support Rating
Checkmarx
No answers on this topic
OpenText
Always receive excellent support from the vendor. No issues there.
Read full review
Alternatives Considered
Checkmarx
We actually use Checkmarx along with the other tools. However, the reason we chose Checkmarx is its wide support for languages and useful fix recommendations. The flowcharts help better understand the data flow and give a clear picture of what needs to be fixed and how. Also, developers can make a note of what should be avoided in the future. Overall, it's a great tool and would be a good investment to make.
Read full review
OpenText
Fortify Application Defender is a little more timely and upfront with a lot of their information on cyber security. we like what they provide and how they communicate with our users. I think they have a good understanding and practice in their field. they seem best suited for us and the best fit.
Read full review
Return on Investment
Checkmarx
  • Improved ability to provide high level of IA confidence
  • Improved confidence in application-level security
Read full review
OpenText
  • DevSecOps helped in reducing efforts
  • License cost was less
  • We could roll out double the count of applications with implementation of WebInspect
Read full review
ScreenShots