We performed a comparison between Checkmarx One and NGINX App Protect based on real PeerSpot user reviews.
Find out in this report how the two API Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Vulnerability details is valuable."
"The most valuable features of Checkmarx are difficult to pinpoint because of the way the functionalities and the features are intertwined, it's difficult to say which part of them I prefer most. You initiate the scan, you have a scan, you have the review set, and reporting, they all work together as one whole process. It's not like accounting software, where you have the different features, et cetera."
"We use the solution to validate the source code and do SAST and security analysis."
"Overall, the ability to find vulnerabilities in the code is better than the tool that we were using before."
"The setup is fairly easy. We didn't struggle with the process at all."
"The report function is the solution's greatest asset."
"Apart from software scanning, software composition scanning is valuable."
"It gives the proper code flow of vulnerabilities and the number of occurrences."
"The most valuable feature of NGINX App Protect is its open source."
"The stability of the product is very impressive since it handles 60,000 to 70,000 requests or transactions per second."
"It is a very good tool for load balancing."
"The most valuable feature is that I can establish different services from the firewall."
"The policies are flexible based on the technologies you use."
"NGINX App Protect is stable."
"We were looking for a product that is capable of complete automation and a container based solution. It's working."
"NGINX App Protect has complete control over the HTTP session."
"I think the CxAudit tool has room for improvement. At the beginning you can choose a scan of a project, but in any event the project must be scanned again (wasting time)."
"Checkmarx is not good because it has too many false positive issues."
"It is an expensive solution."
"The solution's user interface could be improved because it seems outdated."
"The integration could improve by including, for example, DevSecOps."
"As the solution becomes more complex and feature rich, it takes more time to debug and resolve problems. Feature-wise, we have no complaints, but Checkmarx becomes harder to maintain as the product becomes more complex. When I talk to support, it takes them longer to fix the problem than it used to."
"Some of the descriptions were found to be missing or were not as elaborate as compared to other descriptions. Although, they could be found across various standard sources but it would save a lot of time for developers, if this was fixed."
"If it is a very large code base then we have a problem where we cannot scan it."
"NGINX App Protect could improve security."
"The price of NGINX App Protect could improve."
"NGINX App Protect would be improved with integration with Shape and F5 WAF, which would make it easy for users to manage all their web application security with a single solution."
"The product's user interface is an area with shortcomings as it can be quite confusing for users, making it an area where improvements are required."
"The configuration needs to be more flexible because it is difficult to do things that are outside of the ordinary."
"Areas for improvement would be if NGINX could scan for vulnerabilities and learn and update the signatures of DoS attacks."
"It's challenging if you need to go for a high throughput."
"Its technical support could be better."
Checkmarx One is ranked 3rd in API Security with 67 reviews while NGINX App Protect is ranked 4th in API Security with 20 reviews. Checkmarx One is rated 7.6, while NGINX App Protect is rated 8.2. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of NGINX App Protect writes "Capable of complete automation but is costly ". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas NGINX App Protect is most compared with Microsoft Azure Application Gateway, AWS WAF, Fortinet FortiWeb, F5 Advanced WAF and Cloudflare Web Application Firewall. See our Checkmarx One vs. NGINX App Protect report.
See our list of best API Security vendors.
We monitor all API Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.