We performed a comparison between Checkmarx One and Fortinet FortiWeb based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The best thing about Checkmarx is the amount of vulnerabilities that it can find compared to other free tools."
"The process of remediating software security vulnerabilities can now be performed (ongoing) as portions of the application are being built in advance of being compiled."
"It gives the proper code flow of vulnerabilities and the number of occurrences."
"From my point of view, it is the best product on the market."
"The most valuable feature is the simple user interface."
"The solution has good performance, it is able to compute in 10 to 15 minutes."
"The UI is user-friendly."
"The solution allows us to create custom rules for code checks."
"Banks have to be compliant with PCI and other things, and FortiWeb is absolutely amazing in terms of providing these reports. Otherwise, they will have to spend a lot of time on them."
"The initial setup is pretty straightforward."
"The solution is stable."
"It is a stable product."
"The most valuable features in Fortinet FortiWeb are sandboxing and threat prevention."
"It is easy to install and to maintain."
"SSL Offloading simplifies the public certificate handling and brings additional protection features."
"FortiGate is a stable product."
"We have received some feedback from our customers who are receiving a large number of false positives."
"As the solution becomes more complex and feature rich, it takes more time to debug and resolve problems. Feature-wise, we have no complaints, but Checkmarx becomes harder to maintain as the product becomes more complex. When I talk to support, it takes them longer to fix the problem than it used to."
"The lack of ability to review compiled source code. It would then be able to compete with other scanning tools, such as Veracode."
"It is an expensive solution."
"The plugins for the development environment have room for improvements such as for Android Studio and X code."
"The solution sometimes reports a false auditable code or false positive."
"One area for improvement in Checkmarx is pricing, as it's more expensive than other products."
"We can run only one project at a time."
"We would like to know more about the integration with the hardware or security products, such as Gemalto, because we need to move to that point."
"The product’s stability could be improved."
"The solution could improve by being able to handle different use cases."
"They can introduce a scaled-down version for the SMB market. It would be very competitive in the environment."
"The interface could have the interdependent elements arranged sequentially and wizards that go through most common deployment actions."
"Their support needs improvement."
"The upgrade process could be a bit smoother."
"Centralized management of multiple devices, and GUI improvement, could reduce the learning curve."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 83 reviews. Checkmarx One is rated 7.6, while Fortinet FortiWeb is rated 8.0. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, AWS WAF, Azure Web Application Firewall and Imperva Web Application Firewall. See our Checkmarx One vs. Fortinet FortiWeb report.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.