We performed a comparison between Checkmarx One and NGINX App Protect based on real PeerSpot user reviews.
Find out in this report how the two API Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The SAST component was absolutely 100% stable."
"We were using HPE Security Fortify to scan code for security vulnerabilities, but it can scan only after a successful compile. If the code has dependencies or build errors, the scan fails. With Checkmarx, pre-compile scanning is seamless. This allows us to scan more code."
"The feature that I have found most valuable is that its number of false positives is less than the other security application platforms. Its ease of use is another good feature. It also supports most of the languages."
"It is very useful because it fits our requirements. It is also easy to use. It is not complex, and we are satisfied with the results."
"The most valuable features of Checkmarx are the SCA module and the code-checking module. Additionally, the solutions are explanatory and helpful."
"The most valuable features of Checkmarx are the Best Fix Location and the Payments option because you can save a lot of time trying to mitigate the configuration. Using these tools can save you a lot of time."
"The user interface is excellent. It's very user friendly."
"Our static operation security has been able to identify more security issues since implementing this solution."
"The tool's most valuable feature is the OWASP certification. Additionally, the tool's ability to enforce strong passwords and OTP within minutes is impressive. With its analytics and recommendations, it is a very good solution."
"It is a stable solution."
"We were looking for a product that is capable of complete automation and a container based solution. It's working."
"WAF is useful to track mitigation, inclusion, prevention, and the parametric firewall."
"It's very easy to deploy."
"The most valuable feature is that there is a link in the system that will help to analyze the security of an application when something abnormal is found."
"The stability of the product is very impressive since it handles 60,000 to 70,000 requests or transactions per second."
"I tested specific features and evaluated the solution against the Web Application Firewall. I conducted research to test different detection percentages. I did not use it directly for protection but for evaluation purposes."
"We would like to be able to run scans from our local system, rather than having to always connect to the product server, which is a longer process."
"The reports are good, but they still need to be improved considering what the UI offers."
"Checkmarx could be improved with more integration with third-party software."
"We are trying to find out if there is a way to identify the run-time null values. I am analyzing different tools to check if there is any tool that supports run-time null value identification, but I don't think any of the tools in the market currently supports this feature. It would be helpful if Checkmarx can identify and throw an exception for a null value at the run time. It would make things a lot easier if there is a way for Checkmarx to identify nullable fields or hard-coded values in the code. The accessibility for customized Checkmarx rules is currently limited and should be improved. In addition, it would be great if Checkmarx can do static code and dynamic code validation. It does a lot of security-related scanning, and it should also do static code and dynamic code validation. Currently, for security-related validation, we are using Checkmarx, and for static code and dynamic code validation, we are using some other tools. We are spending money on different tools. We can pay a little extra money and use Checkmarx for everything."
"They can support the remaining languages that are currently not supported. They can also create a different model that can identify zero-day attacks. They can work on different patterns to identify and detect zero-day vulnerability attacks."
"If it is a very large code base then we have a problem where we cannot scan it."
"When we first ran it on a big project, there wasn't enough memory on the computer. It originally ran with eight gigabytes, and now it runs with 32. The software stopped at some point, and while I don't think it said it ran out of memory, it just said "stopped" and something else. We had to go to the logs and send them to the integrator, and eventually, they found a memory issue in the logs and recommended increasing the memory. We doubled it once, and it didn't seem enough. We doubled it again, and it helped."
"Some of the descriptions were found to be missing or were not as elaborate as compared to other descriptions. Although, they could be found across various standard sources but it would save a lot of time for developers, if this was fixed."
"As far as scalability, it takes a long time for deployment."
"The setup of NGINX App Protect is complex. The full process took one week to complete. Additionally, we had to change the network infrastructure platform which took one month."
"The configuration needs to be more flexible because it is difficult to do things that are outside of the ordinary."
"Setting policies and parameters through the UI should be more automated because the process is manual, where we can only edit one rule at a time."
"Areas for improvement would be if NGINX could scan for vulnerabilities and learn and update the signatures of DoS attacks."
"NGINX App Protect could improve security."
"I encountered issues with NGINX App Protect while trying to upgrade custom rules."
"The product's user interface is an area with shortcomings as it can be quite confusing for users, making it an area where improvements are required."
Checkmarx One is ranked 4th in API Security with 67 reviews while NGINX App Protect is ranked 3rd in API Security with 20 reviews. Checkmarx One is rated 7.6, while NGINX App Protect is rated 8.2. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of NGINX App Protect writes "Capable of complete automation but is costly ". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas NGINX App Protect is most compared with Microsoft Azure Application Gateway, AWS WAF, Fortinet FortiWeb, F5 Advanced WAF and Cloudflare Web Application Firewall. See our Checkmarx One vs. NGINX App Protect report.
See our list of best API Security vendors.
We monitor all API Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
