Checkmarx One vs NGINX App Protect comparison

Cancel
You must select at least 2 products to compare!
Checkmarx Logo
0 views|39 comparisons
86% willing to recommend
F5 Logo
432 views|331 comparisons
94% willing to recommend
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Checkmarx One and NGINX App Protect based on real PeerSpot user reviews.

Find out what your peers are saying about Noname Security, Salt Security, Checkmarx and others in API Security.
To learn more, read our detailed API Security Report (Updated: April 2024).
770,428 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Checkmarx pinpoints the vulnerability in the code and also presents the flow of malicious input across the application.""The feature that I have found most valuable is that its number of false positives is less than the other security application platforms. Its ease of use is another good feature. It also supports most of the languages.""The most valuable feature for me is the Jenkins Plugin.""It is a stable product.""The best thing about Checkmarx is the amount of vulnerabilities that it can find compared to other free tools.""The most valuable features of Checkmarx are the automation and information that it provides in the reports.""The only thing I like is that Checkmarx does not need to compile.""The identification of verification-related security vulnerabilities is really important and one of the key things. It also identifies vulnerabilities for any kind of third-party tool coming into the system or any third-party tools that you are using, which is very useful for avoiding random hacking."

More Checkmarx One Pros →

"I tested specific features and evaluated the solution against the Web Application Firewall. I conducted research to test different detection percentages. I did not use it directly for protection but for evaluation purposes.""It has the best documentation features.""The most valuable feature is that I can establish different services from the firewall.""NGINX App Protect's best features are auto-learning, which creates a profile of applications that are deployed, bot protection, and force protection, which lets you configure your brute force policy and alert for and prevent brute force attacks.""We were looking for a product that is capable of complete automation and a container based solution. It's working.""The initial setup was simple and took three to four days.""The most valuable feature of NGINX App Protect is the reverse proxy.""The stability of the product is very impressive since it handles 60,000 to 70,000 requests or transactions per second."

More NGINX App Protect Pros →

Cons
"The interactive application security testing, or IAST, the interactive part where you're looking at an application that lives in a runtime environment on a server or virtual machine, needs improvement.""With Checkmarx, normally you need to use one tool for quality and you need to use another tool for security. I understand that Checkmarx is not in the parity space because it's totally different, but they could include some free features or recommendations too.""The solution sometimes reports a false auditable code or false positive.""The product can be improved by continuing to expand the application languages and frameworks that can be scanned for vulnerabilities. This includes expanded coverage for mobile applications as well as open-source development tools.""One area for improvement in Checkmarx is pricing, as it's more expensive than other products.""There is nothing particular that I don't like in this solution. It can have more integrations, but the integrations that we would like are in the roadmap anyway, and they just need to deliver the roadmap. What I like about the roadmap is that it is going where it needs to go. If I were to look at the roadmap, there is nothing that is jumping out there that says to me, "Yeah. I'd like something else on the roadmap." What they're looking to deliver is what I would expect and forecast them to deliver.""The pricing can get a bit expensive, depending on the company's size.""Licensing models and Swift language support are the aspects in which this product needs to improve. Swift is a new language, in which major customers require support for lower prices."

More Checkmarx One Cons →

"The integration of NGINX App Protect could improve.""Right now, the tool doesn't provide an option revolving around update feeds, specifically the signature update option in the UI.""As far as scalability, it takes a long time for deployment.""I encountered issues with NGINX App Protect while trying to upgrade custom rules.""Currently, the policies have to be handled manually, and you have to create from scratch, which can be a bit time-consuming, in a large environment.""The configuration needs to be more flexible because it is difficult to do things that are outside of the ordinary.""It's challenging if you need to go for a high throughput.""Areas for improvement would be if NGINX could scan for vulnerabilities and learn and update the signatures of DoS attacks."

More NGINX App Protect Cons →

Pricing and Cost Advice
  • "It is the right price for quality delivery."
  • "I believe pricing is better compared to other commercial tools."
  • "The pricing was not very good. This is just a framework which shouldn’t cost so much."
  • "The pricing is competitive and provides a lower TCO (total cost of ownership) for achieving application security."
  • "It is a good product but a little overpriced."
  • "The license has a vague language around P1 issues and the associated support. Make sure to review these in order to align them with your organizational policies."
  • "​Checkmarx is not a cheap scanning tool, but none of the security tools are cheap. Checkmarx is a powerful scanning tool, and it’s essential to have one of these products."
  • "We got a special offer for a 30% reduction for three years, after our first year. I think for a real source-code scanning tool, you have to add a lot of money for Open Source Analysis, and AppSec Coach (160 Euro per user per year)."
  • More Checkmarx One Pricing and Cost Advice →

  • "The licensing fees for this solution are pretty expensive for what it does, but there is no alternative."
  • "Our licensing costs are about $40,000 a year."
  • "Really understand the licensing model, because we underestimated that."
  • "There are no additional fees."
  • "NGINX is not expensive."
  • "The pricing is reasonable because NGINX operates on an instance basis."
  • "There is a license needed to use NGINX App Protect."
  • "There are not any additional costs we had to pay to use NGINX App Protect."
  • More NGINX App Protect Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which API Security solutions are best for your needs.
    770,428 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as well. Veracode is only a cloud solution. Hope this helps.
    Top Answer:Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%.
    Top Answer:The solution's price is high and you pay based on the number of users.
    Top Answer:The solution has yearly, three-year, and five-year subscriptions.
    Top Answer:NGINX App Protect could provide a better user interface.
    Ranking
    3rd
    out of 22 in API Security
    Views
    0
    Comparisons
    39
    Reviews
    21
    Average Words per Review
    513
    Rating
    7.7
    4th
    out of 22 in API Security
    Views
    432
    Comparisons
    331
    Reviews
    9
    Average Words per Review
    334
    Rating
    8.7
    Comparisons
    Also Known As
    NGINX WAF, NGINX Web Application Firewall
    Learn More
    Overview

    Checkmarx is a highly accurate and flexible static code analysis product that allows organizations to automatically scan uncompiled code and identify hundreds of security vulnerabilities in all major coding languages and software frameworks. Checkmarx is available as a standalone product and can be effectively integrated into the software development lifecycle (SDLC) to streamline vulnerability detection and remediation. Checkmarx is trusted by leading organizations such as SAP, Samsung, and Salesforce.com.

    Checkmarx is a global leader in software security solutions for modern software development. Checkmarx delivers a comprehensive software security platform that unites with DevOps by scanning uncompiled source code for security vulnerabilities early in the development life cycle to reduce and remediate risk from software vulnerabilities. Using Checkmarx, teams avoid software security vulnerabilities managed via a single and unified dashboard without slowing down their delivery schedule.

    Checkmarx balances the needs of the entire organization, delivering seamless security from the start and throughout the entire software development life cycle. Checkmarx can be deployed on-premises in a private data center or hosted via a public cloud.

    Checkmarx Features

    Some of Checkmarx’s features include:

    • Source code scanning: Detect and repair more vulnerabilities before you release your code.

    • Open-source scanning: Find and eliminate the risks in your open-source code.

    • Interactive code scanning: Scan for vulnerabilities and runtime threats.

    • Open-source security for infrastructure as code: Identify and fix insecure IaC configurations that put your application at risk.

    Reviews from Real Users

    Checkmarx stands out among its competitors for a number of reasons. Two major ones are its ability to enable developers to secure their code with a single management dashboard and its high-speed scanning abilities.

    PeerSpot users note the effectiveness of these features. A CEO at a tech services company writes, “The most valuable features are the easy-to-understand interface, and it’s very user-friendly. We spend some time tuning to start scanning a new project, which is only a few clicks. A few simple tunes for custom rules and we can start our scan. We can do the work quickly and we don't need to compile the source code because Checkmarx does the work without compiling the project. The scanning is very quick. It's about 20,000 lines per hour, which is a good speed for scanning.”

    A director at a tech services company notes, “The features and technologies are very good. The flexibility and the roadmap have also been very good. They're at the forefront of delivering the additional capabilities that are required with cloud delivery, etc. Their ability to deliver what customers require and when they require is very important.”

    A senior manager at a manufacturing company writes, “The identification of verification-related security vulnerabilities is really important and one of the key things. It also identifies vulnerabilities for any kind of third-party tool coming into the system or any third-party tools that you are using, which is very useful for avoiding random hacking."

    NGINX App Protect application security solution combines the efficacy of advanced F5 web application firewall (WAF) technology with the agility and performance of NGINX Plus. The solution runs natively on NGINX Plus and addresses some of the most difficult challenges facing modern DevOps environments:

    • Integrating security controls directly into the development automation pipeline
    • Applying and managing security for modern and distributed application environments such as containers and microservices
    • Providing the right level of security controls without impacting release and go-to-market velocity
    • Complying with security and regulatory requirements

    NGINX App Protect offers:

    • Expanded security beyond basic signatures to ensure adequate controls
    • F5 app‑security technology for efficacy superior to ModSecurity and other WAFs
    • Confidently run in “blocking” mode in production with proven F5 expertise
    • High‑confidence signatures for extremely low false positives
    • Increases visibility, integrating with third‑party analytics solutions
    • Integrates security and WAF natively into the CI/CD pipeline
    • Deploys as a lightweight software package that is agnostic of underlying infrastructure
    • Facilitates declarative policies for “security as code” and integration with DevOps tools
    • Decreases developer burden and provides feedback loop for quick security remediation
    • Accelerates time to market and reduces costs with DevSecOps‑automated security
    Sample Customers
    YIT, Salesforce, Coca-Cola, SAP, U.S. Army, Liveperson, Playtech Case Study: Liveperson Implements Innovative Secure SDLC
    Information Not Available
    Top Industries
    REVIEWERS
    Computer Software Company31%
    Financial Services Firm19%
    Comms Service Provider9%
    Manufacturing Company9%
    VISITORS READING REVIEWS
    Financial Services Firm21%
    Computer Software Company15%
    Manufacturing Company9%
    Insurance Company5%
    REVIEWERS
    Financial Services Firm33%
    Comms Service Provider33%
    Insurance Company17%
    Computer Software Company17%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Financial Services Firm11%
    Comms Service Provider9%
    Healthcare Company7%
    Company Size
    REVIEWERS
    Small Business38%
    Midsize Enterprise13%
    Large Enterprise50%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise11%
    Large Enterprise72%
    REVIEWERS
    Small Business26%
    Midsize Enterprise26%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise14%
    Large Enterprise61%
    Buyer's Guide
    API Security
    April 2024
    Find out what your peers are saying about Noname Security, Salt Security, Checkmarx and others in API Security. Updated: April 2024.
    770,428 professionals have used our research since 2012.

    Checkmarx One is ranked 3rd in API Security with 67 reviews while NGINX App Protect is ranked 4th in API Security with 19 reviews. Checkmarx One is rated 7.6, while NGINX App Protect is rated 8.2. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of NGINX App Protect writes "Capable of complete automation but is costly ". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas NGINX App Protect is most compared with AWS WAF, Microsoft Azure Application Gateway, F5 Advanced WAF, Fortinet FortiWeb and Cloudflare Web Application Firewall.

    See our list of best API Security vendors.

    We monitor all API Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.