We performed a comparison between Check Point CloudGuard WAF and Checkmarx One based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution offers sophisticated security techniques with unique characteristics that can be particularly valuable for the financial sector, which is where we develop apps."
"With the solution, we managed to obtain complete comprehensive visibility of the entire environment in the cloud, thus having better control of each of the resources."
"It offers good functionality of the application that is currently running."
"They offer free trials, which is quite appreciative and grabs more attention from new users and businesses."
"I find the configuration and real-time monitoring features valuable."
"The solution's strongest point is that you can connect everything to it, giving you a full view of what's connected."
"It is a very scalable and stable solution."
"On the endpoint side, the most valuable feature is undoubtedly the cloud-based management capability, along with the ransomware protection, despite not encountering any instances so far."
"What I like best about Checkmarx is that it has fewer false positives than other products, giving you better results."
"The main advantage of this solution is its centralized reporting functionality, which lets us track issues, then see and report on the priorities via a web portal."
"It is very useful because it fits our requirements. It is also easy to use. It is not complex, and we are satisfied with the results."
"Checkmarx pinpoints the vulnerability in the code and also presents the flow of malicious input across the application."
"The user interface is modern and nice to use."
"The best thing about Checkmarx is the amount of vulnerabilities that it can find compared to other free tools."
"Less false positive errors as compared to any other solution."
"The most valuable features of Checkmarx are the SCA module and the code-checking module. Additionally, the solutions are explanatory and helpful."
"A feature we'd like to see in the future is something that could protect against other attack vectors, with a focus on application protection."
"The documentation needs to be updated, more improved, and simplified... so that even a beginner can start with this application. It can make things more beginner-friendly."
"For the next release, I would suggest considering features like enhanced threat intelligence integration."
"Cost reduction and trial period extension should be considered with some lucrative discount offerings in buying standard versions."
"It doesn't detect user activity like some of its competitors. It's not a vulnerability, but it's a legitimate activity that it doesn't detect. It only detects vulnerabilities or misconfigurations."
"CloudGuard could improve in areas such as ease of integration with Fortinet and reducing costs associated with deployment in cloud environments like Azure."
"I do not know if it is already there, but I would like to have complete visibility between the posture management and firewall as a service."
"I would like to be able to integrate the theme of Artificial Intelligence to help review issues and to monitor and view the security issue while also suggesting and interpreting and additionally configuring solutions - basically, acting as an interpreter."
"Licensing models and Swift language support are the aspects in which this product needs to improve. Swift is a new language, in which major customers require support for lower prices."
"They can support the remaining languages that are currently not supported. They can also create a different model that can identify zero-day attacks. They can work on different patterns to identify and detect zero-day vulnerability attacks."
"If it is a very large code base then we have a problem where we cannot scan it."
"I think the CxAudit tool has room for improvement. At the beginning you can choose a scan of a project, but in any event the project must be scanned again (wasting time)."
"I would like the product to include more debugging and developed tools. It needs to also add enhancements on the coding side."
"Meta data is always needed."
"I would like to see the tool’s pricing improved."
"They should make it more container-friendly and optimized for the CI pipeline. They should make it a little less heavy. Right now, it requires a SQL database, and the way the tool works is that it has an engine and then it has an analysis database in which it stores the information. So, it is pretty heavy from that perspective because you have to have a full SQL Server. They're working on something called Checkmarx Light, which is a slim-down version. They haven't released it yet, but that's what we need. There should be something a little more slimmed down that can just run the analysis and output the results in a format that's readable as opposed to having a full, really big, and thick deployment with a full database server."
Check Point CloudGuard WAF is ranked 11th in Application Security Tools with 30 reviews while Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews. Check Point CloudGuard WAF is rated 9.0, while Checkmarx One is rated 7.6. The top reviewer of Check Point CloudGuard WAF writes "Automation capabilities also help streamline security processes and smooths down API integration processes and detects API availability". On the other hand, the top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". Check Point CloudGuard WAF is most compared with SonarQube, whereas Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity. See our Check Point CloudGuard WAF vs. Checkmarx One report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.