We performed a comparison between Checkmarx One and Imperva Web Application Firewall based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The setup is very easy. There is a lot of information in the documents which makes the install not difficult at all."
"Apart from software scanning, software composition scanning is valuable."
"The report function is the solution's greatest asset."
"The solution allows us to create custom rules for code checks."
"Both automatic and manual code review (CxQL) are valuable."
"The most valuable features of Checkmarx are the automation and information that it provides in the reports."
"Checkmarx pinpoints the vulnerability in the code and also presents the flow of malicious input across the application."
"It has all the features we need."
"The most valuable features of Imperva Web Application Firewall are the monitoring of databases and the dashboards are easy to understand."
"The most valuable features of the Imperva Web Application Firewall are performance and flexibility. We can extend or customize the box itself."
"There are some features that are configured by default, so even without doing much, it can still provide a level of protection."
"The solution is stable."
"The most valuable feature of Imperva, in addition to its strong knowledge base, is its effective protection for web applications."
"There are a number of features that are valuable such as the account takeover and various antivirus features."
"Learning mode and custom policies are helpful features."
"The most valuable features of the Imperva Web Application Firewall are DDoS, malware, and the other malicious threat prevention it provides. Additionally, third-party integration is available. You can forward the log for further analysis."
"Checkmarx is not good because it has too many false positive issues."
"As the solution becomes more complex and feature rich, it takes more time to debug and resolve problems. Feature-wise, we have no complaints, but Checkmarx becomes harder to maintain as the product becomes more complex. When I talk to support, it takes them longer to fix the problem than it used to."
"C, C++, VB and T-SQL are not supported by this product. Although, C and C++ were advertised as being supported."
"Micro-services need to be included in the next release."
"They can support the remaining languages that are currently not supported. They can also create a different model that can identify zero-day attacks. They can work on different patterns to identify and detect zero-day vulnerability attacks."
"Creating and editing custom rules in Checkmarx is difficult because the license for the editor comes at an additional cost, and there is a steep learning curve."
"I really would like to integrate it as a service along with the SAP HANA Cloud Platform. It will then be easy to use it directly as a service."
"It would be really helpful if the level of confidence was included, with respect to identified issues."
"I'd like the option to pick your bot protection."
"The process to upgrade from one version to another can be a lot simpler than it is currently."
"I think that better bot protection is needed in this solution."
"The support for the on-premises version needs improvement."
"I loved the approach of the cloud. The cloud has a lot of new features, like advanced web protection and DDoS protection. If those could also be on-boarded onto the on-prem versions, that would be ideal. They need to pay attention to both deployment options and not just favor one."
"They can provide an option to create reports, automatically import the entire report, and create rules again. In a real-life crisis, it would be helpful to be able to import a report and generate security rules from that report. I should be able to create a simple query and import the reports automatically. It can maybe also tell us the format of the report."
"Imperva Web Application Firewall could improve the console by making it easier to use."
"There could be some limitations that from the converged infrastructure perspective: when you want to converge with everything and you want Imperva to get there easily because it's not a cloud component. For example, when you want to build servers and you're using OneView to manage your software-defined networks, implementing Imperva right away is not that simple. But if you're doing just a simple cloud infrastructure with servers in there, you're good to go. Also, we are not able, with Imperva, to block by signatures. Imperva by itself needs to be complemented with another service to do URL filtering."
More Imperva Web Application Firewall Pricing and Cost Advice →
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Imperva Web Application Firewall is ranked 6th in Web Application Firewall (WAF) with 46 reviews. Checkmarx One is rated 7.6, while Imperva Web Application Firewall is rated 8.6. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Imperva Web Application Firewall writes "Offers simulation for studying infrastructure and hybrid infrastructure protection". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Imperva Web Application Firewall is most compared with AWS WAF, F5 Advanced WAF, Microsoft Azure Application Gateway, Fortinet FortiWeb and Azure Front Door. See our Checkmarx One vs. Imperva Web Application Firewall report.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.