We performed a comparison between Checkmarx One and NGINX App Protect based on real PeerSpot user reviews.
Find out in this report how the two API Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution has good performance, it is able to compute in 10 to 15 minutes."
"Both automatic and manual code review (CxQL) are valuable."
"Scan reviews can occur during the development lifecycle."
"From my point of view, it is the best product on the market."
"Checkmarx has helped us deliver more secure products. We are able to do static code analysis with the tool before shipping our code to production. When the integration is in the pipeline, this tool gives us early notifications on code fixes."
"Most valuable features include: ease of use, dashboard. interface and the ability to report."
"Vulnerability details is valuable."
"The most valuable feature is that it actually identifies the different criteria you can set to meet whatever standards you're trying to get your system accredited for."
"We were looking for a product that is capable of complete automation and a container based solution. It's working."
"The most valuable feature is that I can establish different services from the firewall."
"The most valuable feature of NGINX App Protect is its flexibility."
"The initial setup was simple and took three to four days."
"It is a very good tool for load balancing."
"It has the best documentation features."
"NGINX App Protect's best features are auto-learning, which creates a profile of applications that are deployed, bot protection, and force protection, which lets you configure your brute force policy and alert for and prevent brute force attacks."
"NGINX App Protect has complete control over the HTTP session."
"This product requires you to create your own rulesets. You have to do a lot of customization."
"I expect application security vendors to cover all aspects of application security, including SAST, DAST, and even mobile application security testing. And it would be much better if they provided an on-premises and cloud option for all these main application security features."
"As the solution becomes more complex and feature rich, it takes more time to debug and resolve problems. Feature-wise, we have no complaints, but Checkmarx becomes harder to maintain as the product becomes more complex. When I talk to support, it takes them longer to fix the problem than it used to."
"There is nothing particular that I don't like in this solution. It can have more integrations, but the integrations that we would like are in the roadmap anyway, and they just need to deliver the roadmap. What I like about the roadmap is that it is going where it needs to go. If I were to look at the roadmap, there is nothing that is jumping out there that says to me, "Yeah. I'd like something else on the roadmap." What they're looking to deliver is what I would expect and forecast them to deliver."
"The integration could improve by including, for example, DevSecOps."
"Checkmarx reports many false positives that we need to manually segregate and mark “Not exploitable”."
"The product's reporting feature could be better. The feature works well for developers, but reports generated to be shared with external parties are poor, it lacks the details one gets when viewing the results directly from the Checkmarx One platform."
"The reports are good, but they still need to be improved considering what the UI offers."
"They could provide a better user interface."
"The setup of NGINX App Protect is complex. The full process took one week to complete. Additionally, we had to change the network infrastructure platform which took one month."
"NGINX App Protect could improve security."
"The configuration needs to be more flexible because it is difficult to do things that are outside of the ordinary."
"The product's user interface is an area with shortcomings as it can be quite confusing for users, making it an area where improvements are required."
"Right now, the tool doesn't provide an option revolving around update feeds, specifically the signature update option in the UI."
"The dashboard could provide a more comprehensive view of the status of the connections."
"The solution needs to be improved in the e-commerce portal."
Checkmarx One is ranked 3rd in API Security with 67 reviews while NGINX App Protect is ranked 4th in API Security with 20 reviews. Checkmarx One is rated 7.6, while NGINX App Protect is rated 8.2. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of NGINX App Protect writes "Capable of complete automation but is costly ". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas NGINX App Protect is most compared with AWS WAF, Microsoft Azure Application Gateway, F5 Advanced WAF, Fortinet FortiWeb and Cloudflare Web Application Firewall. See our Checkmarx One vs. NGINX App Protect report.
See our list of best API Security vendors.
We monitor all API Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
