We performed a comparison between Checkmarx One and Fortinet FortiWeb based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Most valuable features include: ease of use, dashboard. interface and the ability to report."
"The most valuable feature for me is the Jenkins Plugin."
"The identification of verification-related security vulnerabilities is really important and one of the key things. It also identifies vulnerabilities for any kind of third-party tool coming into the system or any third-party tools that you are using, which is very useful for avoiding random hacking."
"It's not an obstacle for developers. They can easily write their code and make it more secure with Checkmarx."
"It shows in-depth code of where actual vulnerabilities are."
"The user interface is modern and nice to use."
"What I like best about Checkmarx is that it has fewer false positives than other products, giving you better results."
"The UI is very intuitive and simple to use."
"Some of the threat detection analytics and the filtering capabilities they give us for filtering a certain type of information that we don't want coming into the site are its valuable features. The analytics are pretty good in terms of being able to see what threats have been detected and mitigated, where they're coming from, and things like that."
"All the features that FortiGate contains are very suitable for our business. We work with other products in Fortinet, FortiWeb, FortiSandbox, FortiMail, and FortiCache. We use all UTM features like self-encryption, encryption, all UTM features."
"We find that it is quite stable and reliable."
"What we like about Fortinet FortiWeb is it has all the features. We use all of them, so we have to turn on all the options."
"The GUI is user-friendly."
"The valuable feature of Fortinet FortiWeb vulnerability scanner"
"FortiWeb is easy to operate with a reasonably high level of protection. FortiWeb provides multiple deployment options with a physical or virtual (FortiWeb-VM) appliance, and acts either as a reverse/transparent proxy or out-of-band. It is also available on AWS and Azure."
"The most valuable feature of Fortinet FortiWeb is the reports and the AI-based features."
"The resolutions should also be provided. For example, if the user faces any problem regarding an installation due to the internal security policies of their company, there should be a resolution offered."
"They should make it more container-friendly and optimized for the CI pipeline. They should make it a little less heavy. Right now, it requires a SQL database, and the way the tool works is that it has an engine and then it has an analysis database in which it stores the information. So, it is pretty heavy from that perspective because you have to have a full SQL Server. They're working on something called Checkmarx Light, which is a slim-down version. They haven't released it yet, but that's what we need. There should be something a little more slimmed down that can just run the analysis and output the results in a format that's readable as opposed to having a full, really big, and thick deployment with a full database server."
"I really would like to integrate it as a service along with the SAP HANA Cloud Platform. It will then be easy to use it directly as a service."
"C, C++, VB and T-SQL are not supported by this product. Although, C and C++ were advertised as being supported."
"In terms of dashboarding, the solution could provide a little more flexibility in terms of creating more dashboards. It has some of its own dashboards that come out of the box. However, if I have to implement my own dashboards that are aligned to my organization's requirements, that dashboarding feature has limited capability right now."
"You can't use it in the continuous delivery pipeline because the scanning takes too much time."
"We have received some feedback from our customers who are receiving a large number of false positives."
"The cost per user is high and should be reduced."
"The GUI could be better. It's limited."
"Lacks functionalities that are available in other solutions."
"Fortinet FortiWeb could improve data integration."
"FortiWeb needs to have support for the newest technology being used in web applications."
"I would like to see more improvements with respect to threat intelligence."
"The false positives are annoying."
"They could improve their support a little bit for faster response time."
"If the price was lower, it would be a bit more attractive, as an option, to the customers."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 83 reviews. Checkmarx One is rated 7.6, while Fortinet FortiWeb is rated 8.0. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, AWS WAF, Azure Web Application Firewall and Imperva Web Application Firewall. See our Checkmarx One vs. Fortinet FortiWeb report.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.