Try our new research platform with insights from 80,000+ expert users

Checkmarx One vs OpenText Dynamic Application Security Testing comparison

Checkmarx and OpenText are both solutions in the Dynamic Application Security Testing (DAST) category. Checkmarx is ranked #4 with an average rating of 8.3, while OpenText is ranked #3 with an average rating of 8.0. Checkmarx holds a 13.0% mindshare in DAST, compared to OpenText’s 17.7% mindshare. Additionally, 87% of Checkmarx users are willing to recommend the solution, compared to 83% of OpenText users who would recommend it.
Checkmarx One
Read 71 Checkmarx One reviews
  • 18,550 Views
  • 557 Comparison Views
87% willing to recommend
OpenText Dynamic Applicatio...
Read 22 OpenText Dynamic Application Security Testing reviews
  • 3,107 Views
  • 839 Comparison Views
83% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 21, 2025

Checkmarx One and OpenText Dynamic Application Security Testing compete in the dynamic application security testing market. Checkmarx One has the upper hand due to its developer-friendly approach and robust integration capabilities.

Features:Checkmarx One offers developer-friendly static application security testing with fewer false positives. It supports multiple languages and enables incremental scanning. OpenText DAST excels in live vulnerability scanning without needing source code and provides detailed reporting capabilities.

Room for Improvement:Checkmarx One needs to reduce false positives, improve role management, and enhance language support for emerging languages. OpenText DAST users suggest improving user-friendliness for non-developers, enhancing authentication handling during scans, and simplifying the interface.

Ease of Deployment and Customer Service:Checkmarx One provides flexible deployment models, including on-premises, cloud, and hybrid, making it versatile for users. Customer service receives mixed feedback due to technical support responsiveness. OpenText DAST, mainly deployed on-premises with optional cloud support, is reliable but occasionally cumbersome in setup. Customer service is generally appreciated for being knowledgeable and responsive.

Pricing and ROI:Checkmarx One's pricing is on the higher side, reflecting its comprehensive feature set and effectiveness, offering good ROI by improving development speed and security practices. OpenText DAST also has high pricing, justified by its live application security capabilities. Both offer valuable testing, though Checkmarx One provides greater pricing transparency compared to OpenText DAST's varied pricing structures.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Checkmarx One vs. OpenText Dynamic Application Security Testing Report (Updated: September 2025).
Buyer's Guide
Checkmarx One vs. OpenText Dynamic Application Security Testing
September 2025
Download the complete report
Helped 868,759 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Checkmarx One
Ranking in Dynamic Application Security Testing (DAST)
4th
Ranking in DevSecOps
5th
Average Rating
7.6
Reviews Sentiment
6.9
Number of Reviews
71
Ranking in other categories
Application Security Tools (3rd), Static Application Security Testing (SAST) (3rd), Vulnerability Management (23rd), Container Security (23rd), Static Code Analysis (3rd), API Security (6th), Risk-Based Vulnerability Management (10th), Application Security Posture Management (ASPM) (3rd)
OpenText Dynamic Applicatio...
Ranking in Dynamic Application Security Testing (DAST)
3rd
Ranking in DevSecOps
8th
Average Rating
7.2
Reviews Sentiment
6.1
Number of Reviews
22
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of October 2025, in the Dynamic Application Security Testing (DAST) category, the mindshare of Checkmarx One is 13.0%, down from 18.1% compared to the previous year. The mindshare of OpenText Dynamic Application Security Testing is 17.7%, down from 21.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Dynamic Application Security Testing (DAST) Market Share Distribution
ProductMarket Share (%)
OpenText Dynamic Application Security Testing17.7%
Checkmarx One13.0%
Other69.3%
Dynamic Application Security Testing (DAST)
 

Featured Reviews

Syed Hasan - PeerSpot reviewer
Partner experiences excellent technical support and seamless initial setup
In my opinion, if we are able to extract or show the report, and because everything is going towards agent tech and GenAI, it would be beneficial if it could get integrated with our code base and do the fix automatically. It could suggest how the code base is written and automatically populate the source code with three different solution options to choose from. This would be really helpful.
Read full review
Navin N - PeerSpot reviewer
Effective scanning of diverse file extensions with fast reporting and issue resolution
We develop software packages for clients, and these clients are mostly in the BFSI sector. The packages need to be scanned, and we engage Fortify WebInspect for this.  Customers typically perform their own application pen tests, but in some cases, we have engagements where customers want us to scan…
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The user interface is excellent. It's very user friendly."
"The tool's valuable features include integrating GPT and Copilot. Additionally, the UI web representation is very user-friendly, making navigation easy. GPT has made several improvements to my security code."
"The feature that I have found most valuable is that its number of false positives is less than the other security application platforms. Its ease of use is another good feature. It also supports most of the languages."
"The setup is fairly easy. We didn't struggle with the process at all."
"The most valuable features of Checkmarx are its integration with multiple SCM solutions and CICD tools, its ability to scale according to user licenses, and the quick scanning process."
"The most valuable features are the easy to understand interface, and it 's very user-friendly."
"The product's most valuable feature is static code and supply chain effect analysis. It provides a lot of visibility."
"Checkmarx has helped us deliver more secure products. We are able to do static code analysis with the tool before shipping our code to production. When the integration is in the pipeline, this tool gives us early notifications on code fixes."
More Checkmarx One pros
"Fortify WebInspect is a scalable solution, it is good for a lot of applications."
"The accuracy of its scans is great."
"The most valuable feature of this solution is the ability to make our customers more secure."
"The transaction recorder within WebInspect is easy to use, which is valuable for our team."
"It is scalable and very easy to use."
"It is easy to use, and its reporting is fairly simple."
"The tool provides comprehensive vulnerability assessments which help ensure our deliverables are as free from vulnerabilities as possible. It has also streamlined our web application vulnerability assessments, assisting us in delivering secure applications to our clients."
"The user interface is ok and it is very simple to use."
More OpenText Dynamic Application Security Testing pros
 

Cons

"Checkmarx has a slightly difficult compilation with the CI/CD pipeline."
"Checkmarx could improve by reducing the price."
"It provides us with quite a handful of false positive issues. If Checkmarx could reduce this number, it would be a great tool to use."
"The solution's user interface could be improved because it seems outdated."
"Checkmarx reports many false positives that we need to manually segregate and mark “Not exploitable”."
"The plugins for the development environment have room for improvements such as for Android Studio and X code."
"Checkmarx could improve the speed of the scans."
"Meta data is always needed."
More Checkmarx One cons
"Fortify WebInspect's shortcoming stems from the fact that it is a very expensive product in Korea, which makes it difficult for its potential customers to introduce the product in their IT environment."
"I'm not sure licensing, but on the pricing, it's a bit costly. It's a bit overpriced. Though it is an enterprise tool, there are other tools also with similar functionalities."
"A localized version, for example, in Korean would be a big improvement to this solution."
"The main area for improvement in Fortify WebInspect is the price, as it is too high compared to the market rate."
"The scanner could be better."
"The installation could be a bit easier. Usually it's simple to use, but the installation is painful and a bit laborious and complex."
"We have often encountered scanning errors."
"Our biggest complaint about this product is that it freezes up, and literally doesn't work for us."
More OpenText Dynamic Application Security Testing cons
 

Pricing and Cost Advice

"The license has a vague language around P1 issues and the associated support. Make sure to review these in order to align them with your organizational policies."
"The price of Checkmarx could be reduced to match their competitors, it is expensive."
"Most of my customers opted for a perpetual license. They prefer to pay the highest amount up front for the perpetual license and then pay for additional support annually."
"​Checkmarx is not a cheap scanning tool, but none of the security tools are cheap. Checkmarx is a powerful scanning tool, and it’s essential to have one of these products."
"It is not expensive, but sometimes, their pricing model or licensing model is not very clear. There are similar variables, such as projects or developers, and sometimes, it is a little bit confusing."
"The pricing was not very good. This is just a framework which shouldn’t cost so much."
"It is the right price for quality delivery."
"The solution is costly."
More Checkmarx One pricing and cost advice
"It’s a fair price for the solution."
"This solution is very expensive."
"Our licensing is such that you can only run one scan at a time, which is inconvenient."
"Its price is almost similar to the price of AppScan. Both of them are very costly. Its price could be reduced because it can be very costly for unlimited IT scans, etc. I'm not sure, but it can go up to $40,000 to $50,000 or more than that."
"The price is okay."
"Fortify WebInspect is a very expensive product."
"The pricing is not clear and while it is not high, it is difficult to understand."
report
See which vendors are best for you
Use our free recommendation engine to learn which Dynamic Application Security Testing (DAST) solutions are best for your needs.
See recommendations
868,759 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
19%
Computer Software Company
13%
Manufacturing Company
10%
Government
6%
Financial Services Firm
15%
Government
15%
Manufacturing Company
12%
Computer Software Company
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business30
Midsize Enterprise9
Large Enterprise38
By reviewers
Company SizeCount
Small Business7
Midsize Enterprise1
Large Enterprise15
 

Questions from the Community

What alternatives are there for Fortify WebInspect and Fortify SCA?
I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as well. Veracode is only a cloud solution. Hope this helps.
See all answers
What do you like most about Checkmarx?
Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%.
See all answers
What is your experience regarding pricing and costs for Checkmarx?
The pricing is relatively expensive due to the product's quality and performance, but it is worth it.
See all answers
What is your experience regarding pricing and costs for Fortify WebInspect?
While I am not directly involved with licensing, I can share that our project's license for 1-9 applications costs between $15,000 to $19,000. In comparison, Burp Suite costs approximately $500 to ...
See all answers
What needs improvement with Fortify WebInspect?
WebInspect works efficiently with Java-based or .NET based applications. However, it struggles with Salesforce applications, where it requires approximately 20-24 hours to crawl and audit but produ...
See all answers
What is your primary use case for Fortify WebInspect?
I am currently working with several tools. For Fortify, I use SCA and WebInspect. Apart from that, I use Burp Suite from PortSwigger. For API testing, I use Postman with Burp Suite or WebInspect fo...
See all answers
 

Comparisons

SonarQube Server (formerly SonarQube) vs Checkmarx One Logo
SonarQube Server (formerly SonarQube) vs Checkmarx One
Compared 44% of the time
Veracode vs Checkmarx One Logo
Veracode vs Checkmarx One
Compared 8% of the time
Checkmarx SAST vs Checkmarx One Logo
Checkmarx SAST vs Checkmarx One
Compared 7% of the time
OpenText Core Application Security vs Checkmarx One Logo
OpenText Core Application Security vs Checkmarx One
Compared 5% of the time
GitHub Advanced Security vs Checkmarx One Logo
GitHub Advanced Security vs Checkmarx One
Compared 4% of the time
More Checkmarx One Competitors
PortSwigger Burp Suite Professional vs OpenText Dynamic Application Security Testing Logo
PortSwigger Burp Suite Professional vs OpenText Dynamic Application Security Testing
Compared 18% of the time
OWASP Zap vs OpenText Dynamic Application Security Testing Logo
OWASP Zap vs OpenText Dynamic Application Security Testing
Compared 11% of the time
Veracode vs OpenText Dynamic Application Security Testing Logo
Veracode vs OpenText Dynamic Application Security Testing
Compared 9% of the time
HCL AppScan vs OpenText Dynamic Application Security Testing Logo
HCL AppScan vs OpenText Dynamic Application Security Testing
Compared 8% of the time
GitLab vs OpenText Dynamic Application Security Testing Logo
GitLab vs OpenText Dynamic Application Security Testing
Compared 3% of the time
More OpenText Dynamic Application Security Testing Competitors
 

Product Reports

Buyer's Guide
Checkmarx One
September 2025
Checkmarx One reportDownload Checkmarx One product report
Buyer's Guide
OpenText Dynamic Application Security Testing
September 2025
OpenText Dynamic Application Security Testing reportDownload OpenText Dynamic Application Security Testing product report
 

Also Known As

No data available
Micro Focus WebInspect, WebInspect
 

Overview

Checkmarx One is an enterprise cloud-native application security platform focused on providing cross-tool, correlated results to help AppSec and developer teams prioritize where to focus time and resources.

Checkmarx One offers comprehensive application scanning across the SDLC:

  • Static Application Security Testing (SAST)
  • Software Composition Analysis (SCA)
  • API security
  • Dynamic Application Security Testing (DAST)
  • Container security
  • IaC security
  • Correlation, prioritization, and risk management
  • Codebashing secure code training
  • AI security
  • Tech partnerships extending AppSec into runtime analysis
  • Developer tool integrations including: CI/CD tools, development frameworks, feedback tools, IDEs, programming languages and SCMs

Checkmarx One provides everything you need to secure application development from the first line of code through deployment and runtime in the cloud. With an ever-evolving set of AppSec engines, correlation and prioritization features, and AI capabilities, Checkmarx One helps consolidate expanding lists of AppSec tools and make better sense of results. Its capabilities are designed to provide an improved developer experience to build trust with development teams and ensure the success of your AppSec program investment.

Checkmarx

OpenText Dynamic Application Security Testing offers robust scalability, ease of use, and high accuracy in scanning, making it a valuable tool for enterprises.

This security testing platform is known for its centralized dashboard, guided scans, and comprehensive reporting. It integrates seamlessly with tools like Fortify code scanner and supports extensive vulnerability detection and analysis, enhancing efficiency in security management. Despite its strengths, users suggest improvements in cloud integration, cost-effectiveness, and installation processes. Faster scans, reduced false positives, and improved mobile testing features are also desired.

What are the key features of OpenText Dynamic Application Security Testing?
  • Scalability: Easily adapts to changing enterprise needs.
  • Ease of Use: User-friendly interface with guided scans.
  • Comprehensive Reporting: Detailed vulnerability analysis and reporting.
  • Integration Capabilities: Works with Fortify code scanner and user authentication scanning.
  • Wide Vulnerability Detection: Identifies extensive security vulnerabilities.
What benefits should users expect from reviews?
  • Efficient Vulnerability Management: Streamlines security management in development environments.
  • Detailed Analysis: Provides in-depth insights into security issues.
  • Quick Setup: Easy to deploy within existing systems.
  • Enterprise Preference: Supports enterprise environments efficiently.

In industries like BFSI, OpenText Dynamic Application Security Testing is employed for performance network application testing, dynamic and static application security testing, and code checks. Security and QA teams use it in development processes to ensure application security prior to release, proving integral in both enterprise and testing environments.

OpenText
 

Sample Customers

YIT, Salesforce, Coca-Cola, SAP, U.S. Army, Liveperson, Playtech Case Study: Liveperson Implements Innovative Secure SDLC
Aaron's
Buyer's Guide
Checkmarx One vs. OpenText Dynamic Application Security Testing
September 2025
Free Report: Checkmarx One vs. OpenText Dynamic Application Security Testing
Find out what your peers are saying about Checkmarx One vs. OpenText Dynamic Application Security Testing and other solutions. Updated: September 2025.
DOWNLOAD NOW
868,759 professionals have used our research since 2012.
See our Checkmarx One vs. OpenText Dynamic Application Security Testing report.
See our list of best Dynamic Application Security Testing (DAST) vendors and best DevSecOps vendors.

We monitor all Dynamic Application Security Testing (DAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.