We performed a comparison between Checkmarx One and Imperva Web Application Firewall based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's not an obstacle for developers. They can easily write their code and make it more secure with Checkmarx."
"The identification of verification-related security vulnerabilities is really important and one of the key things. It also identifies vulnerabilities for any kind of third-party tool coming into the system or any third-party tools that you are using, which is very useful for avoiding random hacking."
"The solution is always updating to continuously add items that create a level of safety from vulnerabilities. It's one of the key features they provide that's an excellent selling point. They're always ahead of the game when it comes to finding any vulnerabilities within the database."
"The most valuable features of Checkmarx are the Best Fix Location and the Payments option because you can save a lot of time trying to mitigate the configuration. Using these tools can save you a lot of time."
"The features and technologies are very good. The flexibility and the roadmap have also been very good. They're at the forefront of delivering the additional capabilities that are required with cloud delivery, etc. Their ability to deliver what customers require and when they require is very important."
"The user interface is excellent. It's very user friendly."
"I like that you don't have to compile the code in order to execute static code analysis. So, it's very handy."
"The SAST component was absolutely 100% stable."
"If you are using the appliance as opposed to the virtual deployment, it can stand as the network layer-two and provide real transparency."
"Imperva WAF's strongest features are the detection of web application threats and vulnerabilities in the source code."
"The most valuable features of the Imperva Web Application Firewall are DDoS, malware, and the other malicious threat prevention it provides. Additionally, third-party integration is available. You can forward the log for further analysis."
"The tool's profiling feature maps all the web application directories and related components on the profile directory. It has improved the security of my client's website applications."
"The dynamic profiling of websites is the solution's most valuable feature. The security is also good."
"Configuration for different application sources is most valuable. We can segregate the traffic that an application is carrying and identify the sizing in Imperva."
"Very scalable and very stable firewall for web applications, with a good interface in its cloud version. Mitigation is its most valuable feature. The technical support for this product is also good."
"Imperva is a Gartner leader, so its scalability, performance, and features are excellent."
"The pricing can get a bit expensive, depending on the company's size."
"Its pricing model can be improved. Sometimes, it is a little complex to understand its pricing model."
"Checkmarx needs to improve the false positives and provide more accuracy in identifying vulnerabilities. It misses important vulnerabilities."
"Checkmarx could improve by reducing the price."
"Checkmarx has a slightly difficult compilation with the CI/CD pipeline."
"The validation process needs to be sped up."
"I would like to see the tool’s pricing improved."
"I would like the product to include more debugging and developed tools. It needs to also add enhancements on the coding side."
"It would be useful if the solution used more intelligence in attack protection. For example, firewalls are to be dependent on the configuration, but if they could have some data science around it the solution would be even better. The profiling of the traffic, and making decisions surrounding that should be intelligence-based, instead of being based on the configuration of the firewall itself."
"I think that better bot protection is needed in this solution."
"They recently separated the WAF and the DAM management gateways in order for each of these to be managed from different areas, so I believe it now requires additional investments for what was previously a single complete solution."
"Imperva Web Application Firewall is very expensive."
"The solution works for particular zones but isn't always the best solution for all zones."
"It would be nice to have more security control over mobile applications so I would suggest adding more mobile security features. It would also be beneficial to see improvements in regards to interface bandwidth performance, CPU time, and RAM size. Learning capability of the device is quite weak."
"Sometimes our web application firewall will slow down."
"There's always room for improvement. Occasionally, there might be false-positive alerts."
More Imperva Web Application Firewall Pricing and Cost Advice →
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Imperva Web Application Firewall is ranked 6th in Web Application Firewall (WAF) with 47 reviews. Checkmarx One is rated 7.6, while Imperva Web Application Firewall is rated 8.6. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Imperva Web Application Firewall writes "Offers simulation for studying infrastructure and hybrid infrastructure protection". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Imperva Web Application Firewall is most compared with AWS WAF, F5 Advanced WAF, Microsoft Azure Application Gateway, Fortinet FortiWeb and Azure Front Door. See our Checkmarx One vs. Imperva Web Application Firewall report.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.