We performed a comparison between AWS WAF and Checkmarx One based on real PeerSpot user reviews.
Find out what your peers are saying about Amazon Web Services (AWS), F5, Microsoft and others in Web Application Firewall (WAF)."This is not a product that you need to install. You just use it."
"AWS has flexibility in terms of WAF rules."
"AWS WAF helps mitigate different kinds of bot attacks and SQL injection that happen within the retail industry."
"As a basic WAF, it's better than nothing. So if you need something simple out of the box with default features, AWS WAF is good."
"The most valuable feature is the scalability because it automatically scales up or scales down as per our requirements."
"The tool’s stability is very good."
"The most valuable features are the geo-restriction denials and the web ACL."
"The access instruction feature is the most valuable. This is what we use the most."
"The features and technologies are very good. The flexibility and the roadmap have also been very good. They're at the forefront of delivering the additional capabilities that are required with cloud delivery, etc. Their ability to deliver what customers require and when they require is very important."
"The value you can get out of the speedy production may be worth the price tag."
"We use the solution to validate the source code and do SAST and security analysis."
"The process of remediating software security vulnerabilities can now be performed (ongoing) as portions of the application are being built in advance of being compiled."
"Our static operation security has been able to identify more security issues since implementing this solution."
"It is a stable product."
"What I like best about Checkmarx is that it has fewer false positives than other products, giving you better results."
"The most valuable feature is the application tracking reporting."
"In a future release of this solution, I would like to see additional management features to make things simpler."
"The cost must be reduced."
"I would like to see it more tightly integrated with other AWS services."
"They have to do more to improve, to innovate more features. They need to increase the security. It has to be more active in detecting threats."
"I would like to be able to view a graphical deployment map in the user interface that will give me an overview of the configuration and help to determine whether I have missed any steps."
"On the UI side, I would like it if they could bring back the geolocation view on the corner."
"It will be helpful if the product recommends rules that we can implement."
"When users choose the free service, there isn't great support available to them."
"The solution sometimes reports a false auditable code or false positive."
"Its user interface could be improved and made more friendly."
"I would like to see the DAST solution in the future."
"The statistics module has a function that allows you to show some statistics, but I think it's limited. Maybe it needs more information."
"In terms of dashboarding, the solution could provide a little more flexibility in terms of creating more dashboards. It has some of its own dashboards that come out of the box. However, if I have to implement my own dashboards that are aligned to my organization's requirements, that dashboarding feature has limited capability right now."
"We are trying to find out if there is a way to identify the run-time null values. I am analyzing different tools to check if there is any tool that supports run-time null value identification, but I don't think any of the tools in the market currently supports this feature. It would be helpful if Checkmarx can identify and throw an exception for a null value at the run time. It would make things a lot easier if there is a way for Checkmarx to identify nullable fields or hard-coded values in the code. The accessibility for customized Checkmarx rules is currently limited and should be improved. In addition, it would be great if Checkmarx can do static code and dynamic code validation. It does a lot of security-related scanning, and it should also do static code and dynamic code validation. Currently, for security-related validation, we are using Checkmarx, and for static code and dynamic code validation, we are using some other tools. We are spending money on different tools. We can pay a little extra money and use Checkmarx for everything."
"I think the CxAudit tool has room for improvement. At the beginning you can choose a scan of a project, but in any event the project must be scanned again (wasting time)."
"Checkmarx could improve by reducing the price."
AWS WAF is ranked 1st in Web Application Firewall (WAF) with 52 reviews while Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews. AWS WAF is rated 8.0, while Checkmarx One is rated 7.6. The top reviewer of AWS WAF writes "A highly stable solution that helps mitigate different kinds of bot attacks and SQL injection attacks". On the other hand, the top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". AWS WAF is most compared with Azure Web Application Firewall, Microsoft Azure Application Gateway, F5 Advanced WAF, Imperva Web Application Firewall and Fortinet FortiWeb, whereas Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.