We performed a comparison between Checkmarx One and Fortinet FortiWeb based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Vulnerability details is valuable."
"One of the most valuable features is it is flexible."
"Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%."
"Our static operation security has been able to identify more security issues since implementing this solution."
"The most valuable feature is the application tracking reporting."
"The solution is scalable, but other solutions are better."
"It is very useful because it fits our requirements. It is also easy to use. It is not complex, and we are satisfied with the results."
"The main thing we find valuable about Checkmarx is the ease of use. It's easy to initiate scans and triage defects."
"Both the internal firewall management and the cloud can be managed by a single console."
"When it comes to blocking unknown threats and attacks, I would give it the highest score possible. We first started using AWS and its Web Application Firewalls. That was okay, but it was quite a manual process to keep it up to date, whereas Fortinet is always up to date, and the default rules or the modules that you can turn on are very easy to use."
"The most valuable feature in this solution is the ability to disseminate between the user entering some wrong value to the field, and a suspicious actor trying to exploit some known vulnerability."
"Fortinet is a great SD-WAN player when it comes to security capabilities."
"It offers some feedback and suggestions that guide our system development while helping our vendors to update their applications and fix any issues or bugs."
"One main feature we are very happy about is file security and upload functionality."
"The valuable feature of Fortinet FortiWeb vulnerability scanner"
"It is a stable product."
"Checkmarx could improve the solution reports and false positives. The false positives could be reduced. For example, we have alerts that are tagged as vulnerabilities but when you drill down they are not."
"Checkmarx could improve the speed of the scans."
"This product requires you to create your own rulesets. You have to do a lot of customization."
"Checkmarx has a slightly difficult compilation with the CI/CD pipeline."
"There is nothing particular that I don't like in this solution. It can have more integrations, but the integrations that we would like are in the roadmap anyway, and they just need to deliver the roadmap. What I like about the roadmap is that it is going where it needs to go. If I were to look at the roadmap, there is nothing that is jumping out there that says to me, "Yeah. I'd like something else on the roadmap." What they're looking to deliver is what I would expect and forecast them to deliver."
"Its user interface could be improved and made more friendly."
"We can run only one project at a time."
"It is an expensive solution."
"The dashboards are not that configurable. Application-specific dashboards can be improved. If we have 50 applications, there should be something to see what's happening with these 50 applications. There could be a graph or a consolidated alert page where all alerts are inbuilt. They have other products that I can use, but this feature should be built into FortiWeb."
"Integration and learning about attacks. I would improve these areas by making FortiWeb integrate with other network technologies and feedback from multiple platforms."
"The solution could improve by providing more integration with solutions other than the Fortinet family."
"I know that we have run into some issues with an SSL certificate and how it functions. Sometimes this breaks connectivity or just limits certain websites that are whitelisted."
"A user interface or dashboard for troubleshooting is needed."
"The dashboard evaluating the performance of each application connected to the web app's firewall is quite helpful, but the tool is only available in application performance management. So I think if Fortinet could better integrate that particular feature, it would add a lot of value to the product."
"The integration with other products should be improved."
"I had some small problems when I was upgrading firmware. After the upgrade, some of my certificates were deleted."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 83 reviews. Checkmarx One is rated 7.6, while Fortinet FortiWeb is rated 8.0. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, AWS WAF, Azure Web Application Firewall and Imperva Web Application Firewall. See our Checkmarx One vs. Fortinet FortiWeb report.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.