# Burp Suite, Checkmarx vs GitLab Comparison | | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Star Rating** | 4.8 out of 5 | 4.2 out of 5 | 4.5 out of 5 | | **Total Reviews** | 129 | 36 | 890 | | **Largest Market Segment** | Mid-Market (40.0% of reviews) | Enterprise (53.1% of reviews) | Small-Business (37.0% of reviews) | | **Entry Level Price** | $475.00 1 User Per Year | No pricing available | No pricing available | --- ## Top Pros & Cons ### Burp Suite Pros: - Ease of Use (12 reviews) - User Interface (8 reviews) Cons: - Expensive (5 reviews) - Slow Performance (5 reviews) ### Checkmarx Pros: - Implementation Ease (2 reviews) - User Interface (2 reviews) Cons: - False Positives (1 reviews) - Lacking Features (1 reviews) ### GitLab Pros: - Ease of Use (43 reviews) - Features (42 reviews) Cons: - Complexity (21 reviews) - Difficult Learning (19 reviews) --- ## Ratings Comparison | Rating | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Meets Requirements** | 9.4 (105 reviews) | 8.6 (27 reviews) | 9.1 (677 reviews) | | **Ease of Use** | 8.8 (108 reviews) | 8.2 (27 reviews) | 8.7 (680 reviews) | | **Ease of Setup** | 9.3 (43 reviews) | 7.7 (13 reviews) | 8.7 (239 reviews) | | **Ease of Admin** | 9.2 (28 reviews) | 7.9 (13 reviews) | 8.6 (173 reviews) | | **Quality of Support** | 8.7 (94 reviews) | 8.3 (22 reviews) | 8.5 (539 reviews) | | **Has the product been a good partner in doing business?** | 9.7 (26 reviews) | 8.3 (12 reviews) | 8.8 (148 reviews) | | **Product Direction (% positive)** | 9.3 (104 reviews) | 7.5 (23 reviews) | 8.8 (642 reviews) | --- ## Pricing ### Burp Suite #### Entry-Level Pricing Plan: Burp Suite Professional Price: $475.00 1 User Per Year Description: Test, find and exploit vulnerabilities faster with the complete manual testing toolkit. Best for pentesters and hands-on security professionals. Key Features: - Map your entire attack surface, including hidden and dynamic content. - Intercept, inspect, and modify HTTP/S traffic in real time with Proxy. - Test protected areas and APIs including OpenAPI, GraphQL, and SOAP. [Browse all 2 editions](https://www.g2.com/products/burp-suite/pricing) #### Free Trial No ### Checkmarx #### Entry-Level Pricing No pricing available #### Free Trial Yes ### GitLab #### Entry-Level Pricing No pricing available #### Free Trial Yes --- ## Features Comparison By Category ### Application Release Orchestration | Product | Score | Reviews | |---|---|---| | **Burp Suite** | N/A | N/A | | **Checkmarx** | N/A | N/A | | **GitLab** | 8.7/10 | 147 | #### Administration | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Configuration Management** | Not enough data | Not enough data | 8.7 (125 reviews) | | **Access Control** | Not enough data | Not enough data | 8.9 (131 reviews) | | **Dashboards** | Not enough data | Not enough data | 8.6 (125 reviews) | #### Functionality | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Deployment Automation** | Not enough data | Not enough data | 9.0 (132 reviews) | | **Process Analytics** | Not enough data | Not enough data | 8.5 (115 reviews) | | **Plugins** | Not enough data | Not enough data | 8.5 (109 reviews) | | **APIs / Integrations** | Not enough data | Not enough data | 8.7 (114 reviews) | | **Feature Flags** | Not enough data | Not enough data | 8.6 (103 reviews) | #### Processes | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Pipelines** | Not enough data | Not enough data | 9.1 (135 reviews) | | **Orchestration** | Not enough data | Not enough data | 9.0 (122 reviews) | | **Workflow Visualization** | Not enough data | Not enough data | 8.7 (122 reviews) | ### Penetration Testing | Product | Score | Reviews | |---|---|---| | **Burp Suite** | 9.3/10 | 23 | | **Checkmarx** | N/A | N/A | | **GitLab** | N/A | N/A | #### Administration | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **API / Integrations** | 8.7 (18 reviews) | Not enough data | Not enough data | | **Extensibility** | 8.9 (19 reviews) | Not enough data | Not enough data | | **Reporting and Analytics** | 9.0 (19 reviews) | Not enough data | Not enough data | #### Analysis | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Issue Tracking** | 8.3 (15 reviews) | Not enough data | Not enough data | | **Reconnaissance** | 9.3 (23 reviews) | Not enough data | Not enough data | | **Vulnerability Scan** | 8.9 (23 reviews) | Not enough data | Not enough data | #### Testing | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Command-Line Tools** | 7.1 (14 reviews) | Not enough data | Not enough data | | **Manual Testing** | 9.4 (22 reviews) | Not enough data | Not enough data | | **Test Automation** | 8.1 (20 reviews) | Not enough data | Not enough data | | **Performance and Reliability** | 8.8 (22 reviews) | Not enough data | Not enough data | ### Static Application Security Testing (SAST) | Product | Score | Reviews | |---|---|---| | **Burp Suite** | N/A | N/A | | **Checkmarx** | 7.8/10 | 6 | | **GitLab** | 8.9/10 | 35 | #### Administration | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **API / Integrations** | Not enough data | 8.3 (5 reviews) | 9.3 (32 reviews) | | **Extensibility** | Not enough data | 8.3 (5 reviews) | 9.0 (29 reviews) | #### Analysis | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Reporting and Analytics** | Not enough data | 8.6 (6 reviews) | 8.7 (27 reviews) | | **Issue Tracking** | Not enough data | 8.1 (6 reviews) | 9.0 (29 reviews) | | **Static Code Analysis** | Not enough data | 8.3 (6 reviews) | 9.2 (28 reviews) | | **Code Analysis** | Not enough data | 8.7 (5 reviews) | 8.9 (27 reviews) | #### Testing | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Command-Line Tools** | Not enough data | 7.7 (5 reviews) | 8.8 (30 reviews) | | **Manual Testing** | Not enough data | 7.3 (5 reviews) | 8.7 (26 reviews) | | **Test Automation** | Not enough data | Not enough data | 9.2 (28 reviews) | | **Compliance Testing** | Not enough data | Not enough data | 8.8 (26 reviews) | | **Black-Box Scanning** | Not enough data | Not enough data | 8.8 (24 reviews) | | **Detection Rate** | Not enough data | Not enough data | 8.5 (25 reviews) | | **False Positives** | Not enough data | 5.3 (5 reviews) | 8.8 (24 reviews) | #### Agentic AI - Static Application Security Testing (SAST) | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | Not enough data | ### Dynamic Application Security Testing (DAST) | Product | Score | Reviews | |---|---|---| | **Burp Suite** | N/A | N/A | | **Checkmarx** | N/A | N/A | | **GitLab** | 9.0/10 | 27 | #### Administration | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **API / Integrations** | Not enough data | Not enough data | 9.2 (25 reviews) | | **Extensibility** | Not enough data | Not enough data | 8.9 (24 reviews) | #### Analysis | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Reporting and Analytics** | Not enough data | Not enough data | 8.5 (24 reviews) | | **Issue Tracking** | Not enough data | Not enough data | 9.2 (24 reviews) | | **Static Code Analysis** | Feature Not Available | Not enough data | 8.8 (24 reviews) | | **Vulnerability Scan** | Not enough data | Not enough data | 8.9 (24 reviews) | | **Code Analysis** | Feature Not Available | Not enough data | 9.0 (24 reviews) | #### Testing | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Manual Testing** | Feature Not Available | Not enough data | 8.6 (23 reviews) | | **Test Automation** | Not enough data | Not enough data | 9.1 (23 reviews) | | **Compliance Testing** | Not enough data | Not enough data | 8.9 (22 reviews) | | **Black-Box Scanning** | Not enough data | Not enough data | 9.0 (21 reviews) | | **Detection Rate** | Not enough data | Not enough data | 9.0 (20 reviews) | | **False Positives** | Not enough data | Not enough data | 9.1 (21 reviews) | ### Cloud Infrastructure Automation | Product | Score | Reviews | |---|---|---| | **Burp Suite** | N/A | N/A | | **Checkmarx** | N/A | N/A | | **GitLab** | 8.8/10 | 91 | #### Administration | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Administration Console** | Not enough data | Not enough data | 8.7 (77 reviews) | | **Task Management** | Not enough data | Not enough data | 8.7 (78 reviews) | | **Dashboards and Visualizations** | Not enough data | Not enough data | 8.7 (75 reviews) | | **Access Control** | Not enough data | Not enough data | 8.8 (81 reviews) | #### Automation | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Test Automation** | Not enough data | Not enough data | 8.9 (79 reviews) | | **Intelligent Automation** | Not enough data | Not enough data | 8.4 (72 reviews) | | **Release Automation** | Not enough data | Not enough data | 9.0 (79 reviews) | | **Automated Provisioning** | Not enough data | Not enough data | 8.7 (73 reviews) | #### IT Management | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Workflow Management** | Not enough data | Not enough data | 8.7 (74 reviews) | | **Infrastructure Management** | Not enough data | Not enough data | 8.9 (74 reviews) | | **IT Discovery** | Not enough data | Not enough data | 8.6 (71 reviews) | ### Vulnerability Scanner | Product | Score | Reviews | |---|---|---| | **Burp Suite** | 8.1/10 | 78 | | **Checkmarx** | N/A | N/A | | **GitLab** | N/A | N/A | #### Performance | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Issue Tracking** | 8.9 (65 reviews) ✓ Verified | Not enough data | Not enough data | | **Detection Rate** | 8.6 (69 reviews) ✓ Verified | Not enough data | Not enough data | | **False Positives** | 7.1 (69 reviews) ✓ Verified | Not enough data | Not enough data | | **Automated Scans** | 8.6 (69 reviews) | Not enough data | Not enough data | #### Network | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Compliance Testing** | 7.9 (57 reviews) ✓ Verified | Not enough data | Not enough data | | **Perimeter Scanning** | Feature Not Available | Not enough data | Not enough data | | **Configuration Monitoring** | Feature Not Available | Not enough data | Not enough data | #### Application | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Manual Application Testing** | 9.3 (73 reviews) ✓ Verified | Not enough data | Not enough data | | **Static Code Analysis** | 7.6 (60 reviews) | Not enough data | Not enough data | | **Black Box Testing** | 9.0 (68 reviews) ✓ Verified | Not enough data | Not enough data | #### Agentic AI - Vulnerability Scanner | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Autonomous Task Execution** | 6.3 (5 reviews) | Not enough data | Not enough data | | **Proactive Assistance** | Feature Not Available | Not enough data | Not enough data | ### Continuous Delivery | Product | Score | Reviews | |---|---|---| | **Burp Suite** | N/A | N/A | | **Checkmarx** | N/A | N/A | | **GitLab** | 8.3/10 | 247 | #### Functionality | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Deployment-Ready Staging** | Not enough data | Not enough data | 8.8 (218 reviews) | | **Integration** | Not enough data | Not enough data | 9.0 (222 reviews) | | **Extensible** | Not enough data | Not enough data | 8.7 (204 reviews) | #### Management | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Processes and Workflow** | Not enough data | Not enough data | 8.8 (206 reviews) | | **Reporting** | Not enough data | Not enough data | 8.3 (194 reviews) | | **Automation** | Not enough data | Not enough data | 8.9 (215 reviews) | #### Agentic AI - Continuous Delivery | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | 8.0 (9 reviews) | | **Cross-system Integration** | Not enough data | Not enough data | 8.3 (11 reviews) | | **Adaptive Learning** | Not enough data | Not enough data | 7.5 (10 reviews) | | **Natural Language Interaction** | Not enough data | Not enough data | 7.5 (10 reviews) | | **Proactive Assistance** | Not enough data | Not enough data | 7.2 (9 reviews) | ### Bug Tracking | Product | Score | Reviews | |---|---|---| | **Burp Suite** | N/A | N/A | | **Checkmarx** | N/A | N/A | | **GitLab** | 8.5/10 | 169 | #### Bug Reporting | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **User Reports & Feedback** | Not enough data | Not enough data | 8.6 (139 reviews) | | **Tester Reports & Feedback** | Not enough data | Not enough data | 8.5 (134 reviews) | | **Team Reports & Comments** | Not enough data | Not enough data | 8.6 (142 reviews) | #### Bug Monitoring | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Analytics** | Not enough data | Not enough data | 8.5 (139 reviews) | | **Bug History** | Not enough data | Not enough data | 8.8 (147 reviews) | | **Data Retention** | Not enough data | Not enough data | 8.8 (136 reviews) | #### Agentic AI - Bug Tracking | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Adaptive Learning** | Not enough data | Not enough data | 8.3 (9 reviews) | | **Natural Language Interaction** | Not enough data | Not enough data | 8.1 (9 reviews) | | **Proactive Assistance** | Not enough data | Not enough data | 8.3 (8 reviews) | ### Software Composition Analysis | Product | Score | Reviews | |---|---|---| | **Burp Suite** | N/A | N/A | | **Checkmarx** | N/A | N/A | | **GitLab** | 8.9/10 | 78 | #### Functionality - Software Composition Analysis | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Language Support** | Not enough data | Not enough data | 8.7 (66 reviews) | | **Integration** | Not enough data | Not enough data | 8.8 (72 reviews) | | **Transparency** | Not enough data | Not enough data | 8.7 (67 reviews) | #### Effectiveness - Software Composition Analysis | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Remediation Suggestions** | Not enough data | Not enough data | 8.8 (64 reviews) | | **Continuous Monitoring** | Not enough data | Not enough data | 9.0 (64 reviews) | | **Thorough Detection** | Not enough data | Not enough data | 9.0 (62 reviews) | ### DevOps Platforms | Product | Score | Reviews | |---|---|---| | **Burp Suite** | N/A | N/A | | **Checkmarx** | N/A | N/A | | **GitLab** | 8.8/10 | 180 | #### Management | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Configuration Management** | Not enough data | Not enough data | 8.8 (150 reviews) | | **Access Control** | Not enough data | Not enough data | 8.8 (152 reviews) | | **Orchestration** | Not enough data | Not enough data | 8.5 (139 reviews) | #### Functionality | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Automation** | Not enough data | Not enough data | 8.8 (157 reviews) | | **Integrations** | Not enough data | Not enough data | 8.8 (155 reviews) | | **Extensibility** | Not enough data | Not enough data | 8.6 (141 reviews) | #### Processes | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Pipeline Control** | Not enough data | Not enough data | 9.0 (160 reviews) | | **Workflow Visualization** | Not enough data | Not enough data | 8.5 (144 reviews) | | **Continuous Deployment** | Not enough data | Not enough data | 9.0 (161 reviews) | ### Continuous Integration | Product | Score | Reviews | |---|---|---| | **Burp Suite** | N/A | N/A | | **Checkmarx** | N/A | N/A | | **GitLab** | 8.1/10 | 247 | #### Functionality | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Integrations** | Not enough data | Not enough data | 8.9 (228 reviews) ✓ Verified | | **Extensibility** | Not enough data | Not enough data | 8.6 (210 reviews) ✓ Verified | | **Test Customization** | Not enough data | Not enough data | 8.4 (204 reviews) ✓ Verified | #### Management | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Automation** | Not enough data | Not enough data | 8.9 (217 reviews) ✓ Verified | | **Processes and Workflow** | Not enough data | Not enough data | 8.7 (215 reviews) ✓ Verified | | **Reporting** | Not enough data | Not enough data | 8.4 (199 reviews) ✓ Verified | #### Agentic AI - Continuous Integration | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | 7.3 (11 reviews) | | **Cross-system Integration** | Not enough data | Not enough data | 7.8 (13 reviews) | | **Adaptive Learning** | Not enough data | Not enough data | 7.4 (11 reviews) | | **Natural Language Interaction** | Not enough data | Not enough data | 7.1 (11 reviews) | | **Proactive Assistance** | Not enough data | Not enough data | 7.6 (11 reviews) | ### Secure Code Review | Product | Score | Reviews | |---|---|---| | **Burp Suite** | N/A | N/A | | **Checkmarx** | N/A | N/A | | **GitLab** | 8.5/10 | 133 | #### Documentation | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Feedback** | Not enough data | Not enough data | 8.8 (117 reviews) | | **Prioritization** | Not enough data | Not enough data | 8.6 (112 reviews) | | **Remediation Suggestions** | Not enough data | Not enough data | 8.4 (112 reviews) | #### Security | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **False Positives** | Not enough data | Not enough data | 8.0 (101 reviews) | | **Custom Compliance** | Not enough data | Not enough data | 8.4 (101 reviews) | | **Agility** | Not enough data | Not enough data | 9.0 (110 reviews) | ### AI Code Generation | Product | Score | Reviews | |---|---|---| | **Burp Suite** | N/A | N/A | | **Checkmarx** | N/A | N/A | | **GitLab** | N/A | N/A | #### Functionality | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Accuracy** | Not enough data | Not enough data | Not enough data | | **Input processing** | Not enough data | Not enough data | Not enough data | | **Interface** | Not enough data | Not enough data | Not enough data | | **Code quality** | Not enough data | Not enough data | Not enough data | #### Support | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Community** | Not enough data | Not enough data | Not enough data | | **Update schedule** | Not enough data | Not enough data | Not enough data | | **Documentation** | Not enough data | Not enough data | Not enough data | #### Agentic AI - AI Code Generation | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Cross-system Integration** | Not enough data | Not enough data | Not enough data | | **Adaptive Learning** | Not enough data | Not enough data | Not enough data | | **Natural Language Interaction** | Not enough data | Not enough data | Not enough data | | **Proactive Assistance** | Not enough data | Not enough data | Not enough data | | **Decision Making** | Not enough data | Not enough data | Not enough data | ### Static Code Analysis | Product | Score | Reviews | |---|---|---| | **Burp Suite** | N/A | N/A | | **Checkmarx** | N/A | N/A | | **GitLab** | N/A | N/A | #### Agentic AI - Static Code Analysis | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Adaptive Learning** | Not enough data | Not enough data | Not enough data | | **Natural Language Interaction** | Not enough data | Not enough data | Not enough data | | **Proactive Assistance** | Not enough data | Not enough data | Not enough data | ### AI AppSec Assistants | Product | Score | Reviews | |---|---|---| | **Burp Suite** | N/A | N/A | | **Checkmarx** | N/A | N/A | | **GitLab** | N/A | N/A | #### Performance - AI AppSec Assistants | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Remediation** | Not enough data | Not enough data | Not enough data | | **Real-time Vulnerability Detection** | Not enough data | Not enough data | Not enough data | | **Accuracy** | Not enough data | Not enough data | Not enough data | #### Integration - AI AppSec Assistants | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Stack Integration** | Not enough data | Not enough data | Not enough data | | **Workflow Integration** | Not enough data | Not enough data | Not enough data | | **Codebase Contextual Awareness** | Not enough data | Not enough data | Not enough data | ### Value Stream Management | Product | Score | Reviews | |---|---|---| | **Burp Suite** | N/A | N/A | | **Checkmarx** | N/A | N/A | | **GitLab** | 8.8/10 | 49 | #### Value Analysis | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Metric Relevance** | Not enough data | Not enough data | 8.9 (40 reviews) | | **Insight** | Not enough data | Not enough data | 8.7 (41 reviews) | | **Impact Predictions** | Not enough data | Not enough data | 8.6 (36 reviews) | | **Report Generation** | Not enough data | Not enough data | 8.9 (38 reviews) | #### Value Management | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Planning Tools** | Not enough data | Not enough data | 9.0 (39 reviews) | | **Communication Tools** | Not enough data | Not enough data | 8.7 (42 reviews) | | **Control** | Not enough data | Not enough data | 8.9 (40 reviews) | ### Interactive Application Security Testing (IAST) | Product | Score | Reviews | |---|---|---| | **Burp Suite** | N/A | N/A | | **Checkmarx** | N/A | N/A | | **GitLab** | N/A | N/A | #### Agentic AI - Interactive Application Security Testing (IAST) | Feature | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | Not enough data | --- ## Categories **Shared Categories (1):** [Dynamic Application Security Testing (DAST) Software](https://www.g2.com/categories/dynamic-application-security-testing-dast) **Unique to Burp Suite (2):** [Vulnerability Scanner Software](https://www.g2.com/categories/vulnerability-scanner), [Penetration Testing Tools](https://www.g2.com/categories/penetration-testing-tools) **Unique to Checkmarx (5):** [AI AppSec Assistants](https://www.g2.com/categories/ai-appsec-assistants), [Static Application Security Testing (SAST) Software](https://www.g2.com/categories/static-application-security-testing-sast), [Secure Code Review Software](https://www.g2.com/categories/secure-code-review), [Static Code Analysis Tools](https://www.g2.com/categories/static-code-analysis), [Interactive Application Security Testing (IAST) Software](https://www.g2.com/categories/interactive-application-security-testing-iast) **Unique to GitLab (13):** [Secure Code Review Software](https://www.g2.com/categories/secure-code-review), [DevOps Platforms](https://www.g2.com/categories/devops-platforms), [Value Stream Management Software](https://www.g2.com/categories/value-stream-management), [Software Composition Analysis Tools](https://www.g2.com/categories/software-composition-analysis), [Cloud Infrastructure Automation Software](https://www.g2.com/categories/cloud-infrastructure-automation), [Static Application Security Testing (SAST) Software](https://www.g2.com/categories/static-application-security-testing-sast), [Application Release Orchestration (ARO) Tools](https://www.g2.com/categories/application-release-orchestration), [Version Control Hosting Software](https://www.g2.com/categories/version-control-hosting), [Peer Code Review Software](https://www.g2.com/categories/peer-code-review), [Continuous Delivery Tools](https://www.g2.com/categories/continuous-delivery-tools), [Bug Tracking Software](https://www.g2.com/categories/bug-tracking), [Continuous Integration Tools](https://www.g2.com/categories/continuous-integration), [AI Code Generation Software](https://www.g2.com/categories/ai-code-generation) --- ## Reviewer Demographics ### By Company Size | Segment | Burp Suite | Checkmarx | GitLab | |---|---|---|---| | **Small-Business** | 31.2% | 18.8% | 37.0% | | **Mid-Market** | 40.0% | 28.1% | 36.6% | | **Enterprise** | 28.8% | 53.1% | 26.4% | ### By Industry #### Burp Suite - **Information Technology and Services:** 28.8% - **Computer & Network Security:** 27.2% - **Computer Software:** 15.2% - **Financial Services:** 4.8% - **Retail:** 3.2% - **Electrical/Electronic Manufacturing:** 2.4% - **Education Management:** 2.4% - **Telecommunications:** 1.6% - **Medical Practice:** 1.6% - **Management Consulting:** 1.6% - **Other:** 11.2% #### Checkmarx - **Computer Software:** 15.6% - **Information Technology and Services:** 15.6% - **Banking:** 9.4% - **Computer & Network Security:** 9.4% - **Automotive:** 6.3% - **Investment Banking:** 3.1% - **Internet:** 3.1% - **International Trade and Development:** 3.1% - **Insurance:** 3.1% - **Legal Services:** 3.1% - **Other:** 28.1% #### GitLab - **Computer Software:** 33.4% - **Information Technology and Services:** 24.4% - **Internet:** 3.9% - **Financial Services:** 3.5% - **Telecommunications:** 2.4% - **Computer & Network Security:** 2.2% - **Marketing and Advertising:** 2.0% - **Retail:** 1.8% - **Banking:** 1.7% - **Program Development:** 1.6% - **Other:** 23.1% --- ## Alternatives ### Alternatives to Burp Suite - [Intruder](https://www.g2.com/products/intruder/reviews) — 4.8/5 stars (206 reviews) - [Acunetix by Invicti](https://www.g2.com/products/acunetix-by-invicti/reviews) — 4.1/5 stars (105 reviews) - [Invicti (formerly Netsparker)](https://www.g2.com/products/invicti-formerly-netsparker/reviews) — 4.6/5 stars (69 reviews) - [Veracode Application Security Platform](https://www.g2.com/products/veracode-application-security-platform/reviews) — 3.8/5 stars (25 reviews) - [Tenable Nessus](https://www.g2.com/products/tenable-nessus/reviews) — 4.5/5 stars (301 reviews) - [Detectify](https://www.g2.com/products/detectify/reviews) — 4.5/5 stars (51 reviews) - [Pentest-Tools.com](https://www.g2.com/products/pentest-tools-com/reviews) — 4.8/5 stars (100 reviews) - [Tenable Vulnerability Management](https://www.g2.com/products/tenable-vulnerability-management/reviews) — 4.5/5 stars (122 reviews) - [HCL AppScan](https://www.g2.com/products/hcl-appscan/reviews) — 4.1/5 stars (76 reviews) - [Metasploit](https://www.g2.com/products/metasploit/reviews) — 4.6/5 stars (55 reviews) ### Alternatives to Checkmarx - [Veracode Application Security Platform](https://www.g2.com/products/veracode-application-security-platform/reviews) — 3.8/5 stars (25 reviews) - [SonarQube](https://www.g2.com/products/sonarqube/reviews) — 4.4/5 stars (141 reviews) - [GitHub](https://www.g2.com/products/github/reviews) — 4.7/5 stars (2347 reviews) - [HCL AppScan](https://www.g2.com/products/hcl-appscan/reviews) — 4.1/5 stars (76 reviews) - [Coverity](https://www.g2.com/products/coverity/reviews) — 4.2/5 stars (55 reviews) - [OpenText Core Application Security](https://www.g2.com/products/opentext-core-application-security/reviews) — 4.1/5 stars (34 reviews) - [Invicti (formerly Netsparker)](https://www.g2.com/products/invicti-formerly-netsparker/reviews) — 4.6/5 stars (69 reviews) - [Snyk](https://www.g2.com/products/snyk/reviews) — 4.5/5 stars (132 reviews) - [Mend.io](https://www.g2.com/products/mend-io/reviews) — 4.3/5 stars (112 reviews) - [Tenable Nessus](https://www.g2.com/products/tenable-nessus/reviews) — 4.5/5 stars (301 reviews) ### Alternatives to GitLab - [GitHub](https://www.g2.com/products/github/reviews) — 4.7/5 stars (2347 reviews) - [CloudBees](https://www.g2.com/products/cloudbees/reviews) — 4.4/5 stars (622 reviews) - [Red Hat Ansible Automation Platform](https://www.g2.com/products/red-hat-ansible-automation-platform/reviews) — 4.6/5 stars (377 reviews) - [Harness Platform](https://www.g2.com/products/harness-platform/reviews) — 4.6/5 stars (281 reviews) - [Jenkins](https://www.g2.com/products/jenkins/reviews) — 4.4/5 stars (561 reviews) - [CircleCI](https://www.g2.com/products/circleci/reviews) — 4.4/5 stars (509 reviews) - [Azure Pipelines](https://www.g2.com/products/azure-pipelines/reviews) — 4.3/5 stars (373 reviews) - [Copado DevOps](https://www.g2.com/products/copado-devops/reviews) — 4.4/5 stars (329 reviews) - [Azure DevOps Server](https://www.g2.com/products/azure-devops-server/reviews) — 4.2/5 stars (198 reviews) - [Bitbucket](https://www.g2.com/products/bitbucket/reviews) — 4.4/5 stars (1004 reviews) --- ## Top Discussions ### Burp Suite - Title: [Is BurpSuite free?](https://www.g2.com/discussions/is-burpsuite-free) — 2 comments > **Top comment:** "You can have Burpsuite for free as the community edition however there will be certain features which cannot be used in the community edition. To get full..." - Title: [How do i intercept network that i am connected to?](https://www.g2.com/discussions/12021-how-do-i-intercept-network-that-i-am-connected-to) — 2 comments, 1 upvote > **Top comment:** "Check wether the network ip is accessable with the browser. If yes then you can use the same steps as you are using to intersept web applications." - Title: [What is Burp Suite Professional?](https://www.g2.com/discussions/what-is-burp-suite-professional) — 1 comment > **Top comment:** "Burp Suite professional is a security testing tool. Security testing professional or penetration testing professional use this tool for find security..." - Title: [What is BurpSuite used for?](https://www.g2.com/discussions/what-is-burpsuite-used-for) — 1 comment > **Top comment:** "To identify vulnerability" - Title: [You're go to extenion in Burp?](https://www.g2.com/discussions/you-re-go-to-extenion-in-burp) — 1 comment, 1 upvote > **Top comment:** "Intruder, XSSValidator, Sequencer, Encoder, Decoder" ### Checkmarx - Title: [What is Checkmarx used for?](https://www.g2.com/discussions/what-is-checkmarx-used-for) — 2 comments > **Top comment:** "Checkmarx is a static code analysis tool used for SAST (Static application security testing)" - Title: [What is Checkmarx used for?](https://www.g2.com/discussions/checkmarx-what-is-checkmarx-used-for) — 1 comment, 1 upvote > **Top comment:** "Checkmarx is an ultimate tool for Static code scan and analysis through code vulnerability testing, SCA and secret detections. They have a prebuilt engine to..." - Title: [Which testing method does Checkmarx support?](https://www.g2.com/discussions/which-testing-method-does-checkmarx-support) — 1 comment > **Top comment:** "Checkmarx does support all these testing methodologies -Sast, Dast, IAST, SCA " - Title: [Does Checkmarx support DAST?](https://www.g2.com/discussions/does-checkmarx-support-dast) — 1 comment > **Top comment:** "You cannot test DAST Testing using Checkmarx" ### GitLab - Title: [Is GitLab paid?](https://www.g2.com/discussions/is-gitlab-paid) — 5 comments, 2 upvotes > **Top comment:** "Yes, Gitlab is paid as it provides the flexibility to use all the features of the GitHub and Git as well as the freedom to use your own DataBase so that you..." - Title: [Is GitLab free software?](https://www.g2.com/discussions/is-gitlab-free-software) — 4 comments, 1 upvote > **Top comment:** "Yes most of the functinalities are" - Title: [What is GitLab used for?](https://www.g2.com/discussions/what-is-gitlab-used-for) — 2 comments > **Top comment:** "It is an alternative to GitHub or BitBucket, it handles code versioning and also deployments among other things" - Title: [What can GitLab do?](https://www.g2.com/discussions/what-can-gitlab-do) — 2 comments > **Top comment:** "Gitlab can keep your source on cloud, It can run continuous deployment, continuous integration pipelines, It can even track issues." - Title: [Why does GitLab Server goes down?](https://www.g2.com/discussions/why-does-gitlab-server-goes-down) — 2 comments, 1 upvote > **Top comment:** "-We determine if the GitLab server is returning an error message that indicates some sort of problem. These types of errors generally mean that a visitor --..." --- **Source:** [G2.com](https://www.g2.com) | [Comparison Page](https://www.g2.com/compare/burp-suite-vs-checkmarx-vs-gitlab)