We performed a comparison between Checkmarx One and Cloudflare based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature for me is the Jenkins Plugin."
"The setup is very easy. There is a lot of information in the documents which makes the install not difficult at all."
"The main thing we find valuable about Checkmarx is the ease of use. It's easy to initiate scans and triage defects."
"The product's most valuable feature is static code and supply chain effect analysis. It provides a lot of visibility."
"It is a stable product."
"The most valuable feature of Checkmarx is the user interface, it is very easy to use. We do not need to configure anything, we only have to scan to see the results."
"The most valuable features of Checkmarx are the automation and information that it provides in the reports."
"It's not an obstacle for developers. They can easily write their code and make it more secure with Checkmarx."
"Generally, I am satisfied with this product."
"We're using dynamic components to build flexible pages to create and manage Git merge requests for code and reviews."
"I like Cloudflare's application gateway and DDoS protection."
"What I like best about Cloudflare is that my company can use it to trace and manage applications and monitor traffic. The solution tells you if there's a spike in traffic. Cloudflare also sends you a link to check your equipment and deployment and track it through peering, so it's a valuable tool."
"When using services like Heroku, Cloudflare is very useful for CNAME flattening. I also use it for their end-to-end SSL with TLS authentication on nginx for securing servers."
"The simplicity of the overall dashboard makes it a great product for a user like me who has less understanding of the internet than a developer or other more technical people. It gives me peace of mind. I also love the easy customization of the Page Rules."
"The solution offers the flexibility to control configuration rules."
"Smaller businesses have seen great ROI due to the low investment and strong performance."
"Checkmarx could improve the REST APIs by including automation."
"Checkmarx has a slightly difficult compilation with the CI/CD pipeline."
"The pricing can get a bit expensive, depending on the company's size."
"The solution sometimes reports a false auditable code or false positive."
"Its user interface could be improved and made more friendly."
"Checkmarx needs to be more scalable for large enterprise companies."
"Checkmarx reports many false positives that we need to manually segregate and mark “Not exploitable”."
"The interactive application security testing, or IAST, the interactive part where you're looking at an application that lives in a runtime environment on a server or virtual machine, needs improvement."
"They lack a good way to manage DNS as a company, since everything is relegated to single account logins until you get to the higher levels. They have come out with a paid feature to remedy this, but I have not had a chance to fully review it yet to know if it fixes the access problem."
"If they improve on the placement of their data centers, it would be better. I'm living in a remote area. I would like to connect to them without any kind of lag."
"There should be a specific price list for enterprise-level customers."
"Cloudflare could offer a better view or maybe dashboards of the main resources used in the client."
"Sometimes their more advanced caching tools can cause higher first-byte times and problems with JavaScript."
"I would like Cloudflare to offer a dedicated account manager for large enterprise clients like us."
"It would be beneficial for us if Cloudflare could offer a scrubbing solution. This would involve taking a snapshot of my website and keeping it live during a DDoS attack, ensuring uninterrupted service for our users. DDoS attacks are typically short in duration, and having Cloudflare maintain the site's availability from its secure network would enhance the overall user experience. I would appreciate it if Cloudflare could consider implementing this feature. Many organizations already utilize similar capabilities in their CDN platforms, where a static snapshot of the web page is displayed during DDoS attacks. In terms of features, Cloudflare needs to enhance its resilience and stay more focused on adopting new technologies. For instance, solutions like F5 XC Box, Access Solution, and Distributed Cloud Solution have impressive features, and Cloudflare should strive to match and exceed those capabilities. There's a need for improvement in areas like AI-based DDoS attacks and Layer 7 WAF features. Cloudflare should prioritize enhancements in areas such as behavioral DDoS and protection against SQL injection attacks, considering the prevalent trend of public exposure to the internet for business reasons. Overall, Cloudflare needs to invest more in advancing its feature set."
"The pricing could be improved."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Cloudflare is ranked 1st in Distributed Denial of Service (DDOS) Protection with 57 reviews. Checkmarx One is rated 7.6, while Cloudflare is rated 8.4. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Cloudflare writes "It's easy to set up because you point the DNS to it, and it's working in under 15 minutes". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Cloudflare is most compared with Akamai, Azure Front Door, Imperva DDoS, AWS Shield and Microsoft Azure Application Gateway. See our Checkmarx One vs. Cloudflare report.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.