# Checkmarx vs Synopsys Static Application Security Testing Comparison | | Checkmarx | Synopsys Static Application Security Testing | |---|---|---| | **Star Rating** | 4.2 out of 5 | 4.4 out of 5 | | **Total Reviews** | 36 | 10 | | **Largest Market Segment** | Enterprise (53.1% of reviews) | Mid-Market (77.8% of reviews) | | **Entry Level Price** | No pricing available | No pricing available | --- ## Top Pros & Cons ### Checkmarx Pros: - Implementation Ease (2 reviews) - User Interface (2 reviews) Cons: - False Positives (1 reviews) - Lacking Features (1 reviews) ### Synopsys Static Application Security Testing Pros: - Efficiency (2 reviews) - Integration Support (2 reviews) Cons: - Confusing Interface (1 reviews) - Difficulty for Beginners (1 reviews) --- ## Ratings Comparison | Rating | Checkmarx | Synopsys Static Application Security Testing | |---|---|---| | **Meets Requirements** | 8.6 (27 reviews) | 9.1 (9 reviews) | | **Ease of Use** | 8.2 (27 reviews) | 8.7 (9 reviews) | | **Ease of Setup** | 7.7 (13 reviews) | 8.3 (8 reviews) | | **Ease of Admin** | 7.9 (13 reviews) | 9.3 (7 reviews) | | **Quality of Support** | 8.3 (22 reviews) | 9.0 (8 reviews) | | **Has the product been a good partner in doing business?** | 8.3 (12 reviews) | 9.3 (7 reviews) | | **Product Direction (% positive)** | 7.5 (23 reviews) | 10.0 (10 reviews) | --- ## Pricing ### Checkmarx #### Entry-Level Pricing No pricing available #### Free Trial Yes ### Synopsys Static Application Security Testing #### Entry-Level Pricing No pricing available #### Free Trial No information available --- ## Features Comparison By Category ### Static Application Security Testing (SAST) | Product | Score | Reviews | |---|---|---| | **Checkmarx** | 7.8/10 | 6 | | **Synopsys Static Application Security Testing** | 8.2/10 | 8 | #### Administration | Feature | Checkmarx | Synopsys Static Application Security Testing | |---|---|---| | **API / Integrations** | 8.3 (5 reviews) | 9.0 (7 reviews) | | **Extensibility** | 8.3 (5 reviews) | 8.3 (7 reviews) | #### Analysis | Feature | Checkmarx | Synopsys Static Application Security Testing | |---|---|---| | **Reporting and Analytics** | 8.6 (6 reviews) | 8.8 (8 reviews) | | **Issue Tracking** | 8.1 (6 reviews) | 9.0 (7 reviews) | | **Static Code Analysis** | 8.3 (6 reviews) | 8.8 (7 reviews) | | **Code Analysis** | 8.7 (5 reviews) | 8.8 (7 reviews) | #### Testing | Feature | Checkmarx | Synopsys Static Application Security Testing | |---|---|---| | **Command-Line Tools** | 7.7 (5 reviews) | 8.9 (6 reviews) | | **Manual Testing** | 7.3 (5 reviews) | 6.7 (7 reviews) | | **Test Automation** | Not enough data | 7.3 (8 reviews) | | **Compliance Testing** | Not enough data | 7.6 (7 reviews) | | **Black-Box Scanning** | Not enough data | 6.4 (6 reviews) | | **Detection Rate** | Not enough data | 9.3 (7 reviews) | | **False Positives** | 5.3 (5 reviews) | 7.8 (6 reviews) | #### Agentic AI - Static Application Security Testing (SAST) | Feature | Checkmarx | Synopsys Static Application Security Testing | |---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | ### Dynamic Application Security Testing (DAST) | Product | Score | Reviews | |---|---|---| | **Checkmarx** | N/A | N/A | | **Synopsys Static Application Security Testing** | N/A | N/A | #### Administration | Feature | Checkmarx | Synopsys Static Application Security Testing | |---|---|---| | **API / Integrations** | Not enough data | Not enough data | | **Extensibility** | Not enough data | Not enough data | #### Analysis | Feature | Checkmarx | Synopsys Static Application Security Testing | |---|---|---| | **Reporting and Analytics** | Not enough data | Not enough data | | **Issue Tracking** | Not enough data | Not enough data | | **Static Code Analysis** | Not enough data | Not enough data | | **Vulnerability Scan** | Not enough data | Not enough data | | **Code Analysis** | Not enough data | Not enough data | #### Testing | Feature | Checkmarx | Synopsys Static Application Security Testing | |---|---|---| | **Manual Testing** | Not enough data | Not enough data | | **Test Automation** | Not enough data | Not enough data | | **Compliance Testing** | Not enough data | Not enough data | | **Black-Box Scanning** | Not enough data | Not enough data | | **Detection Rate** | Not enough data | Not enough data | | **False Positives** | Not enough data | Not enough data | ### Secure Code Review | Product | Score | Reviews | |---|---|---| | **Checkmarx** | N/A | N/A | | **Synopsys Static Application Security Testing** | N/A | N/A | #### Documentation | Feature | Checkmarx | Synopsys Static Application Security Testing | |---|---|---| | **Feedback** | Not enough data | Not enough data | | **Prioritization** | Not enough data | Not enough data | | **Remediation Suggestions** | Not enough data | Not enough data | #### Security | Feature | Checkmarx | Synopsys Static Application Security Testing | |---|---|---| | **False Positives** | Not enough data | Not enough data | | **Custom Compliance** | Not enough data | Not enough data | | **Agility** | Not enough data | Not enough data | ### Static Code Analysis | Product | Score | Reviews | |---|---|---| | **Checkmarx** | N/A | N/A | | **Synopsys Static Application Security Testing** | N/A | N/A | #### Agentic AI - Static Code Analysis | Feature | Checkmarx | Synopsys Static Application Security Testing | |---|---|---| | **Adaptive Learning** | Not enough data | Not enough data | | **Natural Language Interaction** | Not enough data | Not enough data | | **Proactive Assistance** | Not enough data | Not enough data | ### AI AppSec Assistants | Product | Score | Reviews | |---|---|---| | **Checkmarx** | N/A | N/A | | **Synopsys Static Application Security Testing** | N/A | N/A | #### Performance - AI AppSec Assistants | Feature | Checkmarx | Synopsys Static Application Security Testing | |---|---|---| | **Remediation** | Not enough data | Not enough data | | **Real-time Vulnerability Detection** | Not enough data | Not enough data | | **Accuracy** | Not enough data | Not enough data | #### Integration - AI AppSec Assistants | Feature | Checkmarx | Synopsys Static Application Security Testing | |---|---|---| | **Stack Integration** | Not enough data | Not enough data | | **Workflow Integration** | Not enough data | Not enough data | | **Codebase Contextual Awareness** | Not enough data | Not enough data | ### Interactive Application Security Testing (IAST) | Product | Score | Reviews | |---|---|---| | **Checkmarx** | N/A | N/A | | **Synopsys Static Application Security Testing** | N/A | N/A | #### Agentic AI - Interactive Application Security Testing (IAST) | Feature | Checkmarx | Synopsys Static Application Security Testing | |---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | --- ## Categories **Shared Categories (1):** [Static Application Security Testing (SAST) Software](https://www.g2.com/categories/static-application-security-testing-sast) **Unique to Checkmarx (5):** [AI AppSec Assistants](https://www.g2.com/categories/ai-appsec-assistants), [Dynamic Application Security Testing (DAST) Software](https://www.g2.com/categories/dynamic-application-security-testing-dast), [Secure Code Review Software](https://www.g2.com/categories/secure-code-review), [Static Code Analysis Tools](https://www.g2.com/categories/static-code-analysis), [Interactive Application Security Testing (IAST) Software](https://www.g2.com/categories/interactive-application-security-testing-iast) --- ## Reviewer Demographics ### By Company Size | Segment | Checkmarx | Synopsys Static Application Security Testing | |---|---|---| | **Small-Business** | 18.8% | 22.2% | | **Mid-Market** | 28.1% | 77.8% | | **Enterprise** | 53.1% | 0% | ### By Industry #### Checkmarx - **Computer Software:** 15.6% - **Information Technology and Services:** 15.6% - **Banking:** 9.4% - **Computer & Network Security:** 9.4% - **Automotive:** 6.3% - **Investment Banking:** 3.1% - **Internet:** 3.1% - **International Trade and Development:** 3.1% - **Insurance:** 3.1% - **Legal Services:** 3.1% - **Other:** 28.1% #### Synopsys Static Application Security Testing - **Information Technology and Services:** 30.0% - **Computer & Network Security:** 20.0% - **Renewables & Environment:** 10.0% - **Education Management:** 10.0% - **Computer Software:** 10.0% - **Banking:** 10.0% - **Automotive:** 10.0% --- ## Alternatives ### Alternatives to Checkmarx - [Veracode Application Security Platform](https://www.g2.com/products/veracode-application-security-platform/reviews) — 3.8/5 stars (25 reviews) - [SonarQube](https://www.g2.com/products/sonarqube/reviews) — 4.4/5 stars (141 reviews) - [GitLab](https://www.g2.com/products/gitlab/reviews) — 4.5/5 stars (890 reviews) - [GitHub](https://www.g2.com/products/github/reviews) — 4.7/5 stars (2346 reviews) - [HCL AppScan](https://www.g2.com/products/hcl-appscan/reviews) — 4.1/5 stars (76 reviews) - [Coverity](https://www.g2.com/products/coverity/reviews) — 4.2/5 stars (55 reviews) - [OpenText Core Application Security](https://www.g2.com/products/opentext-core-application-security/reviews) — 4.1/5 stars (34 reviews) - [Invicti (formerly Netsparker)](https://www.g2.com/products/invicti-formerly-netsparker/reviews) — 4.6/5 stars (69 reviews) - [Snyk](https://www.g2.com/products/snyk/reviews) — 4.5/5 stars (132 reviews) - [Mend.io](https://www.g2.com/products/mend-io/reviews) — 4.3/5 stars (112 reviews) ### Alternatives to Synopsys Static Application Security Testing - [GitHub](https://www.g2.com/products/github/reviews) — 4.7/5 stars (2346 reviews) - [GitLab](https://www.g2.com/products/gitlab/reviews) — 4.5/5 stars (890 reviews) - [GitGuardian](https://www.g2.com/products/gitguardian/reviews) — 4.8/5 stars (259 reviews) - [SonarQube](https://www.g2.com/products/sonarqube/reviews) — 4.4/5 stars (141 reviews) - [Snyk](https://www.g2.com/products/snyk/reviews) — 4.5/5 stars (132 reviews) - [Aikido Security](https://www.g2.com/products/aikido-security/reviews) — 4.6/5 stars (141 reviews) - [JFrog](https://www.g2.com/products/jfrog-2024-03-28/reviews) — 4.2/5 stars (120 reviews) - [Mend.io](https://www.g2.com/products/mend-io/reviews) — 4.3/5 stars (112 reviews) - [HCL AppScan](https://www.g2.com/products/hcl-appscan/reviews) — 4.1/5 stars (76 reviews) - [Invicti (formerly Netsparker)](https://www.g2.com/products/invicti-formerly-netsparker/reviews) — 4.6/5 stars (69 reviews) --- ## Top Discussions ### Checkmarx - Title: [What is Checkmarx used for?](https://www.g2.com/discussions/what-is-checkmarx-used-for) — 2 comments > **Top comment:** "Checkmarx is a static code analysis tool used for SAST (Static application security testing)" - Title: [What is Checkmarx used for?](https://www.g2.com/discussions/checkmarx-what-is-checkmarx-used-for) — 1 comment, 1 upvote > **Top comment:** "Checkmarx is an ultimate tool for Static code scan and analysis through code vulnerability testing, SCA and secret detections. They have a prebuilt engine to..." - Title: [Which testing method does Checkmarx support?](https://www.g2.com/discussions/which-testing-method-does-checkmarx-support) — 1 comment > **Top comment:** "Checkmarx does support all these testing methodologies -Sast, Dast, IAST, SCA " - Title: [Does Checkmarx support DAST?](https://www.g2.com/discussions/does-checkmarx-support-dast) — 1 comment > **Top comment:** "You cannot test DAST Testing using Checkmarx" ### Synopsys Static Application Security Testing No discussions available for this product. --- **Source:** [G2.com](https://www.g2.com) | [Comparison Page](https://www.g2.com/compare/checkmarx-vs-synopsys-static-application-security-testing)