• Home
  • AWS WAF vs. Checkmarx One

AWS WAF vs Checkmarx One comparison

Cancel
You must select at least 2 products to compare!
Amazon Web Services (AWS) Logo
AWS WAF
Read 52 AWS WAF reviews
16,768 views|13,139 comparisons
82% willing to recommend
Checkmarx Logo
Checkmarx One
Read 67 Checkmarx One reviews
33,068 views|21,374 comparisons
86% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Web Application Firewall (WAF)
May 2024
Executive Summary

We performed a comparison between AWS WAF and Checkmarx One based on real PeerSpot user reviews.

Find out what your peers are saying about Amazon Web Services (AWS), F5, Microsoft and others in Web Application Firewall (WAF).
To learn more, read our detailed Web Application Firewall (WAF) Report (Updated: May 2024).
Download the complete report
772,679 professionals have used our research since 2012.
Featured Review
Manikandan-R
Sends useful alerts and enables to automate tasks by creating rules
ALB is integrated with WAF. When ALB spikes up, we know there’s something wrong. Usually, bots attack the applications.
Anonymous User
Responsive support, useful code-checking module, and high availability
Checkmarx detected code sections that did not adhere to best practices. After being informed, the programmers were able to rectify some of the... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"As a basic WAF, it's better than nothing. So if you need something simple out of the box with default features, AWS WAF is good.""AWS WAF is very easy to use and configure on AWS.""This product supplies options for web security for applications accessing sensitive information.""The solution's initial setup process is easy.""We preferred the product based on its cost. AWS WAF is an out-of-the-box solution and integrates with the AWS services that we use. It's natively integrated with AWS.""The web solution effectively protects from vulnerabilities and cyber attacks.""The most valuable feature of AWS WAF is the extra layer of security that I have when connecting to my web applications.""The initial setup was very straightforward. Deployment took about ten minutes or less."

More AWS WAF Pros →

"The product's most valuable feature is static code and supply chain effect analysis. It provides a lot of visibility.""It gives the proper code flow of vulnerabilities and the number of occurrences.""The solution has good performance, it is able to compute in 10 to 15 minutes.""We use the solution to validate the source code and do SAST and security analysis.""The most valuable feature for me is the Jenkins Plugin.""The solution is scalable, but other solutions are better.""The most valuable features are the easy to understand interface, and it 's very user-friendly.""The most valuable feature is the application tracking reporting."

More Checkmarx One Pros →

Cons
"This solution could be improved if the configuration steps were more specific to WAF, compared to other cloud services.""The solution is cloud-based, and therefore the billing model that comes with it could be more intuitive, in my opinion. It's very easy to not fully understand how you tag things for billing and then you can quite easily run up a high bill without realizing it. The solution needs to be more intuitive around the tagging system, which enables the billing. Right now, I have a cloud architect that does that on our behalf and it isn't something that a business user could use because it still requires quite a lot of technical knowledge to do effectively.""The default content policy available in the tool is not very strong compared to the competitors.""The price could be improved.""The solution should identify why it blocks particular websites.""The solution could improve by having better rules, they are very basic at the moment. There are more attacks coming and we have to use third-party solutions, such as FIA. The features are not sufficient to prevent all the attacks, such as DDoS. Overall the solution should be more secure.""It's a bit difficult to apply the right rules for the right security.""For uniformity, AWS has a well-accepted framework. However, it'll be better for us if we could have some more documented guidelines on how the specific business should be structured and the roles that the cloud recommends."

More AWS WAF Cons →

"Checkmarx has a slightly difficult compilation with the CI/CD pipeline.""The pricing can get a bit expensive, depending on the company's size.""There is nothing particular that I don't like in this solution. It can have more integrations, but the integrations that we would like are in the roadmap anyway, and they just need to deliver the roadmap. What I like about the roadmap is that it is going where it needs to go. If I were to look at the roadmap, there is nothing that is jumping out there that says to me, "Yeah. I'd like something else on the roadmap." What they're looking to deliver is what I would expect and forecast them to deliver.""When we first ran it on a big project, there wasn't enough memory on the computer. It originally ran with eight gigabytes, and now it runs with 32. The software stopped at some point, and while I don't think it said it ran out of memory, it just said "stopped" and something else. We had to go to the logs and send them to the integrator, and eventually, they found a memory issue in the logs and recommended increasing the memory. We doubled it once, and it didn't seem enough. We doubled it again, and it helped.""They should make it more container-friendly and optimized for the CI pipeline. They should make it a little less heavy. Right now, it requires a SQL database, and the way the tool works is that it has an engine and then it has an analysis database in which it stores the information. So, it is pretty heavy from that perspective because you have to have a full SQL Server. They're working on something called Checkmarx Light, which is a slim-down version. They haven't released it yet, but that's what we need. There should be something a little more slimmed down that can just run the analysis and output the results in a format that's readable as opposed to having a full, really big, and thick deployment with a full database server.""It would be really helpful if the level of confidence was included, with respect to identified issues.""Licensing models and Swift language support are the aspects in which this product needs to improve. Swift is a new language, in which major customers require support for lower prices.""We want to have a holistic view of the portfolio-level dashboard and not just an individual technical project level."

More Checkmarx One Cons →

Pricing and Cost Advice
  • "It's an annual subscription."
  • "There are no costs in addition to the standard licensing fees."
  • "There are different scale options available for WAF."
  • "AWS is not that costly by comparison. They are maybe close to $40 per month. I think it was between $29 or $39."
  • "It has a variable pricing scheme."
  • "We are kind of doing a POC comparison to see what works best. Pricing-wise, AWS is one of the most attractive ones. It is fairly cheap, and we like the pricing part. We're trying to see what makes more sense operation-wise, license-wise, and pricing-wise."
  • "It's quite affordable. It's in the middle."
  • "The pricing should be more affordable, especially as it pertains to small clients."

    • More AWS WAF Pricing and Cost Advice →

  • "It is the right price for quality delivery."
  • "I believe pricing is better compared to other commercial tools."
  • "The pricing was not very good. This is just a framework which shouldn’t cost so much."
  • "The pricing is competitive and provides a lower TCO (total cost of ownership) for achieving application security."
  • "It is a good product but a little overpriced."
  • "The license has a vague language around P1 issues and the associated support. Make sure to review these in order to align them with your organizational policies."
  • "​Checkmarx is not a cheap scanning tool, but none of the security tools are cheap. Checkmarx is a powerful scanning tool, and it’s essential to have one of these products."
  • "We got a special offer for a 30% reduction for three years, after our first year. I think for a real source-code scanning tool, you have to add a lot of money for Open Source Analysis, and AppSec Coach (160 Euro per user per year)."

    • More Checkmarx One Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
    See Recommendations
    772,679 professionals have used our research since 2012.
    Questions from the Community
    What are the limitations of AWS WAF vs alternative WAFs?
    Top Answer:Hi Varun I have had experienced with several WAF deployments and deep technical assessments of the following: 1. Imperva WAF 2. F5 WAF 3. Polarisec Cloud WAF Typical limitations on cloud WAF… more »
    Read all 2 answers   →
    How does AWS WAF compare to Microsoft Azure Application Gateway?
    Top Answer:Our organization ran comparison tests to determine whether Amazon’s Web Service Web Application Firewall or Microsoft Azure Application Gateway web application firewall software was the better fit for… more »
    What do you like most about AWS WAF?
    Top Answer:The most valuable feature of AWS WAF is its highly configurable rules system.
    Read all 40 answers   →
    What alternatives are there for Fortify WebInspect and Fortify SCA?
    Top Answer:I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as well. Veracode is only a cloud solution. Hope this helps.
    Read all 4 answers   →
    What do you like most about Checkmarx?
    Top Answer:Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%.
    Read all 38 answers   →
    What is your experience regarding pricing and costs for Checkmarx?
    Top Answer:The solution's price is high and you pay based on the number of users.
    Read all 25 answers   →
    Ranking
    1st
    out of 82 in Web Application Firewall (WAF)
    Views
    16,768
    Comparisons
    13,139
    Reviews
    30
    Average Words per Review
    415
    Rating
    8.4
    3rd
    out of 75 in Application Security Tools
    Views
    33,068
    Comparisons
    21,374
    Reviews
    19
    Average Words per Review
    508
    Rating
    7.8
    Comparisons
    Also Known As
    AWS Web Application Firewall
    Learn More
    Amazon Web Services (AWS)
    Checkmarx
    Overview

    AWS Web Application Firewall (WAF) is a firewall security system that monitors incoming and outgoing traffic for applications and websites based on your pre-defined web security rules. AWS WAF defends applications and websites from common Web attacks that could otherwise damage application performance and availability and compromise security.

    You can create rules in AWS WAF that can include blocking specific HTTP headers, IP addresses, and URI strings. These rules prevent common web exploits, such as SQL injection or cross-site scripting. Once defined, new rules are deployed within seconds, and can easily be tracked so you can monitor their effectiveness via real-time insights. These saved metrics include URIs, IP addresses, and geo locations for each request.

    AWS WAF Features

    Some of the solution's top features include:

    • Web traffic filtering: Get an extra layer of security by creating a centralized set of rules, easily deployable across multiple websites. These rules filter out web traffic based on conditions like HTTP headers, URIs, and IP addresses. This is very helpful for protection against exploits such as SQL injection and cross-site scripting as well as attacks from third-party applications.
    • Bot control: Malicious bot traffic can consume excessive resources and cause downtime. Gain visibility and control over bot traffic with a managed rule group. You can easily block harmful bots, such as scrapers and crawlers, and you can allow common bots, like search engines and status monitors.
    • Fraud prevention: Effectively defend your application against bot attacks by monitoring your application’s login page with a managed rule group that prevents hackers from accessing user accounts using compromised credentials. The managed rule group helps protect against credential stuffing attacks, brute-force login attempts, and other harmful login activities.
    • API for AWS WAF Management: Automatically create and maintain rules and integrate them into your development process.
    • Metrics for real-time visibility: Receive real-time metrics and captures of raw requests with details about geo-locations, IP addresses, URIs, user agents, and referrers. Integrate seamlessly with Amazon CloudWatch to set up custom alarms when events or attacks occur. These metrics provide valuable data intelligence that can be used to create new rules that significantly improve your application protections.
    • Firewall management: AWS Firewall Manager automatically scans and notifies the security team when there is a policy violation, so they can swiftly take action. When new resources are created, your security team can guarantee that they comply with your organization’s security rules.

    Reviews from Real Users

    AWS WAF stands out among its competitors for a number of reasons. Two major ones are its user-friendly interface and its integration capabilities.

    Kavin K., a security analyst at M2P Fintech, writes, “I believe the most impressive features are integration and ease of use. The best part of AWS WAF is the cloud-native WAF integration. There aren't any hidden deployments or hidden infrastructure which we have to maintain to have AWS WAF. AWS maintains everything; all we have to do is click the button, and WAF will be activated. Any packet coming through the internet will be filtered through.”

    Checkmarx One is an enterprise cloud-native application security platform focused on providing cross-tool, correlated results to help AppSec and developer teams prioritize where to focus time and resources.

    Checkmarx One offers comprehensive application scanning across the SDLC:

    • Static Application Security Testing (SAST)
    • Software Composition Analysis (SCA)
    • API security
    • Dynamic Application Security Testing (DAST)
    • Container security
    • IaC security
    • Correlation, prioritization, and risk management
    • Codebashing secure code training
    • AI security
    • Tech partnerships extending AppSec into runtime analysis
    • Developer tool integrations including: CI/CD tools, development frameworks, feedback tools, IDEs, programming languages and SCMs

    Checkmarx One provides everything you need to secure application development from the first line of code through deployment and runtime in the cloud. With an ever-evolving set of AppSec engines, correlation and prioritization features, and AI capabilities, Checkmarx One helps consolidate expanding lists of AppSec tools and make better sense of results. Its capabilities are designed to provide an improved developer experience to build trust with development teams and ensure the success of your AppSec program investment.

    Sample Customers
    eVitamins, 9Splay, Senao International
    YIT, Salesforce, Coca-Cola, SAP, U.S. Army, Liveperson, Playtech Case Study: Liveperson Implements Innovative Secure SDLC
    Top Industries
    REVIEWERS
    Computer Software Company25%
    Manufacturing Company13%
    Energy/Utilities Company8%
    Financial Services Firm8%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm13%
    Manufacturing Company7%
    Insurance Company6%
    REVIEWERS
    Computer Software Company31%
    Financial Services Firm19%
    Comms Service Provider9%
    Manufacturing Company9%
    VISITORS READING REVIEWS
    Financial Services Firm21%
    Computer Software Company15%
    Manufacturing Company9%
    Government5%
    Company Size
    REVIEWERS
    Small Business37%
    Midsize Enterprise20%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business23%
    Midsize Enterprise14%
    Large Enterprise63%
    REVIEWERS
    Small Business38%
    Midsize Enterprise13%
    Large Enterprise50%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise12%
    Large Enterprise71%
    Buyer's Guide
    Web Application Firewall (WAF)
    May 2024
    Download Free Report
    Find out what your peers are saying about Amazon Web Services (AWS), F5, Microsoft and others in Web Application Firewall (WAF). Updated: May 2024.
    DOWNLOAD NOW
    772,679 professionals have used our research since 2012.

    AWS WAF is ranked 1st in Web Application Firewall (WAF) with 52 reviews while Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews. AWS WAF is rated 8.0, while Checkmarx One is rated 7.6. The top reviewer of AWS WAF writes "A highly stable solution that helps mitigate different kinds of bot attacks and SQL injection attacks". On the other hand, the top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". AWS WAF is most compared with Azure Web Application Firewall, Microsoft Azure Application Gateway, F5 Advanced WAF, Imperva Web Application Firewall and Fortinet FortiWeb, whereas Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity.

    We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.