Checkmarx vs. Mobile Security Framework (MobSF)

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Checkmarx
Score 8.1 out of 10
N/A
Checkmarx, an Israeli headquartered company with US offices, provides a suite of application security software delivered via the Checkmarx Software Security Platform. Individual modules and capabilities include Checkmarx Static Application Security Testing, Checkmarx Software Composition Analysis, Checkmarx Interactive Application Security Testing (CxIAST)N/A
Mobile Security Framework (MobSF)
Score 8.0 out of 10
N/A
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. MobSF support mobile app binaries (APK, IPA & APPX) along with zipped source code and provides REST APIs for integration with CI/CD or DevSecOps pipeline. The Dynamic Analyzer helps you to perform runtime security assessment and interactive instrumented testing.N/A
Pricing
CheckmarxMobile Security Framework (MobSF)
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
CheckmarxMobile Security Framework (MobSF)
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
CheckmarxMobile Security Framework (MobSF)
Top Pros

No answers on this topic

Top Cons

No answers on this topic

Best Alternatives
CheckmarxMobile Security Framework (MobSF)
Small Businesses
GitLab
GitLab
Score 8.9 out of 10

No answers on this topic

Medium-sized Companies
GitLab
GitLab
Score 8.9 out of 10
Veracode
Veracode
Score 8.6 out of 10
Enterprises
GitLab
GitLab
Score 8.9 out of 10
Veracode
Veracode
Score 8.6 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
CheckmarxMobile Security Framework (MobSF)
Likelihood to Recommend
7.0
(3 ratings)
8.0
(1 ratings)
User Testimonials
CheckmarxMobile Security Framework (MobSF)
Likelihood to Recommend
Checkmarx
Chechmarx is really suited for finding wide range of security risks. It although identifies false positives which can be confusing at times. It can do better in terms of scan duration. They are better alternate competitors in the market who can do equally good or even better. It all depends on the scope of the problem you want to address
Read full review
Open Source
MobSF is good for checking for vulnerabilities in your app. It will also give suggestions on how to address them. Another thing is can do is find code that may be incorrect. It is not, however, a substitute for a system that actually checks your code for proper use. It really is concentrated on security.
Read full review
Pros
Checkmarx
  • Reporting
  • Language support
  • Fix recommendations
Read full review
Open Source
  • Scan for vulnerabilities
  • Scan for bad coding
  • Give suggestions on fixes for security issues
Read full review
Cons
Checkmarx
  • Lots of false positives
  • Hard to integrate with CI
Read full review
Open Source
  • The UI is not that user friendly
  • The documentation could be easier to understand
  • An easier method of deploying MobSF would be appreciated
Read full review
Alternatives Considered
Checkmarx
We actually use Checkmarx along with the other tools. However, the reason we chose Checkmarx is its wide support for languages and useful fix recommendations. The flowcharts help better understand the data flow and give a clear picture of what needs to be fixed and how. Also, developers can make a note of what should be avoided in the future. Overall, it's a great tool and would be a good investment to make.
Read full review
Open Source
In my opinion, MobSF is not as comprehensive as SonarQube. Both, however, do a very good job in scanning your code for vulnerabilities. Both do roughly the same things. The reports of SonarQube are more detailed though. The advantage that MobSF has over SonarQube is the price. One is free while the other is a paid solution (with several tiers). However, we use them together to get a more comprehensive scan.
Read full review
Return on Investment
Checkmarx
  • Improved ability to provide high level of IA confidence
  • Improved confidence in application-level security
Read full review
Open Source
  • It has allowed our apps to pass a security vetting requirement of a third party to deploy our app
  • We can see where we can improve on the development of our app
  • The deployment can take a while, especially with teams not familiar with the software
Read full review
ScreenShots