We performed a comparison between Checkmarx One and Wallarm NG WAF based on real PeerSpot user reviews.
Find out in this report how the two API Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Checkmarx pinpoints the vulnerability in the code and also presents the flow of malicious input across the application."
"The setup is very easy. There is a lot of information in the documents which makes the install not difficult at all."
"The solution is always updating to continuously add items that create a level of safety from vulnerabilities. It's one of the key features they provide that's an excellent selling point. They're always ahead of the game when it comes to finding any vulnerabilities within the database."
"It gives the proper code flow of vulnerabilities and the number of occurrences."
"The ability to track the vulnerabilities inside the code (origin and destination of weak variables or functions)."
"The setup is fairly easy. We didn't struggle with the process at all."
"The process of remediating software security vulnerabilities can now be performed (ongoing) as portions of the application are being built in advance of being compiled."
"The most valuable features are the easy to understand interface, and it 's very user-friendly."
"Helps us to monitor situation in regards to attacks to our sites and prevents a lot of them."
"The solution sometimes reports a false auditable code or false positive."
"I expect application security vendors to cover all aspects of application security, including SAST, DAST, and even mobile application security testing. And it would be much better if they provided an on-premises and cloud option for all these main application security features."
"I think the CxAudit tool has room for improvement. At the beginning you can choose a scan of a project, but in any event the project must be scanned again (wasting time)."
"When we first ran it on a big project, there wasn't enough memory on the computer. It originally ran with eight gigabytes, and now it runs with 32. The software stopped at some point, and while I don't think it said it ran out of memory, it just said "stopped" and something else. We had to go to the logs and send them to the integrator, and eventually, they found a memory issue in the logs and recommended increasing the memory. We doubled it once, and it didn't seem enough. We doubled it again, and it helped."
"Its pricing model can be improved. Sometimes, it is a little complex to understand its pricing model."
"They should make it more container-friendly and optimized for the CI pipeline. They should make it a little less heavy. Right now, it requires a SQL database, and the way the tool works is that it has an engine and then it has an analysis database in which it stores the information. So, it is pretty heavy from that perspective because you have to have a full SQL Server. They're working on something called Checkmarx Light, which is a slim-down version. They haven't released it yet, but that's what we need. There should be something a little more slimmed down that can just run the analysis and output the results in a format that's readable as opposed to having a full, really big, and thick deployment with a full database server."
"Checkmarx needs to be more scalable for large enterprise companies."
"I would like to see the tool’s pricing improved."
"The biggest problem for us was the stability and speed using the first version of Wallarm. Now, it is fine."
Earn 20 points
Checkmarx One is ranked 3rd in API Security with 67 reviews while Wallarm NG WAF is ranked 8th in API Security. Checkmarx One is rated 7.6, while Wallarm NG WAF is rated 8.6. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Wallarm NG WAF writes "Active threat detection and adaptive rules are the most valuable for us". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Wallarm NG WAF is most compared with Salt Security, Noname Security, AWS WAF, F5 Advanced WAF and Cloudflare. See our Checkmarx One vs. Wallarm NG WAF report.
See our list of best API Security vendors.
We monitor all API Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.