We performed a comparison between Check Point CloudGuard WAF and Checkmarx One based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."User attitude reviews help us keep all online users compliant with company regulations and policies."
"The solution's strongest point is that you can connect everything to it, giving you a full view of what's connected."
"It provides advanced analytics that gives each team time to prepare for any threat that might occur in the future."
"Its ability to adapt to our applications and ensure our security policies are followed is a big plus."
"The most effective CloudGuard feature for threat prevention is its web app protection."
"The solution offers sophisticated security techniques with unique characteristics that can be particularly valuable for the financial sector, which is where we develop apps."
"It offers good functionality of the application that is currently running."
"It offers high performance and improved productivity for users."
"It has all the features we need."
"The solution is scalable, but other solutions are better."
"We use the solution to validate the source code and do SAST and security analysis."
"The UI is very intuitive and simple to use."
"The main thing we find valuable about Checkmarx is the ease of use. It's easy to initiate scans and triage defects."
"It's not an obstacle for developers. They can easily write their code and make it more secure with Checkmarx."
"The ability to track the vulnerabilities inside the code (origin and destination of weak variables or functions)."
"Less false positive errors as compared to any other solution."
"There should be automation of threat detection, risk mitigation, and report generation."
"We would like the solution to be more economical since it is not accessible to all clients."
"Check Point CloudGuard Application Security needs to improve updates on integrations. It also needs to incorporate real-time monitoring features."
"I advise proactive threat detection intelligence offline, which can also help monitor and ensure system checks and compliances are in place."
"The coding configurations can be simplified to save time for IT teams and developers."
"A feature we'd like to see in the future is something that could protect against other attack vectors, with a focus on application protection."
"CloudGuard could improve in areas such as ease of integration with Fortinet and reducing costs associated with deployment in cloud environments like Azure."
"For the next release, I would suggest considering features like enhanced threat intelligence integration."
"They should make it more container-friendly and optimized for the CI pipeline. They should make it a little less heavy. Right now, it requires a SQL database, and the way the tool works is that it has an engine and then it has an analysis database in which it stores the information. So, it is pretty heavy from that perspective because you have to have a full SQL Server. They're working on something called Checkmarx Light, which is a slim-down version. They haven't released it yet, but that's what we need. There should be something a little more slimmed down that can just run the analysis and output the results in a format that's readable as opposed to having a full, really big, and thick deployment with a full database server."
"Some of the descriptions were found to be missing or were not as elaborate as compared to other descriptions. Although, they could be found across various standard sources but it would save a lot of time for developers, if this was fixed."
"We would like to be able to run scans from our local system, rather than having to always connect to the product server, which is a longer process."
"Checkmarx reports many false positives that we need to manually segregate and mark “Not exploitable”."
"One area for improvement in Checkmarx is pricing, as it's more expensive than other products."
"The resolutions should also be provided. For example, if the user faces any problem regarding an installation due to the internal security policies of their company, there should be a resolution offered."
"It would be really helpful if the level of confidence was included, with respect to identified issues."
"Micro-services need to be included in the next release."
Check Point CloudGuard WAF is ranked 11th in Application Security Tools with 29 reviews while Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews. Check Point CloudGuard WAF is rated 9.0, while Checkmarx One is rated 7.6. The top reviewer of Check Point CloudGuard WAF writes "Automation capabilities also help streamline security processes and smooths down API integration processes and detects API availability". On the other hand, the top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". Check Point CloudGuard WAF is most compared with SonarQube, whereas Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity. See our Check Point CloudGuard WAF vs. Checkmarx One report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.