We performed a comparison between Checkmarx One and NGINX App Protect based on real PeerSpot user reviews.
Find out in this report how the two API Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The UI is user-friendly."
"Apart from software scanning, software composition scanning is valuable."
"The solution allows us to create custom rules for code checks."
"The user interface is modern and nice to use."
"The administration in Checkmarx is very good."
"It shows in-depth code of where actual vulnerabilities are."
"The solution communicates where to fix the issue for the purpose of less iterations."
"Our static operation security has been able to identify more security issues since implementing this solution."
"The policies are flexible based on the technologies you use."
"The most valuable feature is that there is a link in the system that will help to analyze the security of an application when something abnormal is found."
"I tested specific features and evaluated the solution against the Web Application Firewall. I conducted research to test different detection percentages. I did not use it directly for protection but for evaluation purposes."
"The most valuable feature is that I can establish different services from the firewall."
"We were looking for a product that is capable of complete automation and a container based solution. It's working."
"The initial setup was simple and took three to four days."
"The most valuable feature of NGINX App Protect is its open source."
"NGINX App Protect has complete control over the HTTP session."
"Its user interface could be improved and made more friendly."
"Checkmarx could be improved with more integration with third-party software."
"The lack of ability to review compiled source code. It would then be able to compete with other scanning tools, such as Veracode."
"Checkmarx is not good because it has too many false positive issues."
"It is an expensive solution."
"They could work to improve the user interface. Right now, it really is lacking."
"I expect application security vendors to cover all aspects of application security, including SAST, DAST, and even mobile application security testing. And it would be much better if they provided an on-premises and cloud option for all these main application security features."
"Checkmarx needs to improve the false positives and provide more accuracy in identifying vulnerabilities. It misses important vulnerabilities."
"As far as scalability, it takes a long time for deployment."
"The integration of NGINX App Protect could improve."
"It's challenging if you need to go for a high throughput."
"NGINX App Protect could improve security."
"The configuration needs to be more flexible because it is difficult to do things that are outside of the ordinary."
"I encountered issues with NGINX App Protect while trying to upgrade custom rules."
"The product's user interface is an area with shortcomings as it can be quite confusing for users, making it an area where improvements are required."
"Its technical support could be better."
Checkmarx One is ranked 4th in API Security with 67 reviews while NGINX App Protect is ranked 3rd in API Security with 20 reviews. Checkmarx One is rated 7.6, while NGINX App Protect is rated 8.2. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of NGINX App Protect writes "Capable of complete automation but is costly ". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas NGINX App Protect is most compared with Microsoft Azure Application Gateway, AWS WAF, Fortinet FortiWeb, F5 Advanced WAF and Cloudflare Web Application Firewall. See our Checkmarx One vs. NGINX App Protect report.
See our list of best API Security vendors.
We monitor all API Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.