We performed a comparison between Checkmarx One and NGINX App Protect based on real PeerSpot user reviews.
Find out what your peers are saying about Noname Security, Salt Security, Checkmarx and others in API Security."The value you can get out of the speedy production may be worth the price tag."
"We use the solution to validate the source code and do SAST and security analysis."
"It is a stable product."
"The most valuable feature is the application tracking reporting."
"The solution allows us to create custom rules for code checks."
"The SAST component was absolutely 100% stable."
"One of the most valuable features is it is flexible."
"We were using HPE Security Fortify to scan code for security vulnerabilities, but it can scan only after a successful compile. If the code has dependencies or build errors, the scan fails. With Checkmarx, pre-compile scanning is seamless. This allows us to scan more code."
"NGINX App Protect has complete control over the HTTP session."
"WAF is useful to track mitigation, inclusion, prevention, and the parametric firewall."
"The most valuable feature of NGINX App Protect is its flexibility."
"The most valuable feature of NGINX App Protect is the reverse proxy."
"The stability of the product is very impressive since it handles 60,000 to 70,000 requests or transactions per second."
"NGINX App Protect is stable."
"The initial setup was simple and took three to four days."
"The policies are flexible based on the technologies you use."
"The product can be improved by continuing to expand the application languages and frameworks that can be scanned for vulnerabilities. This includes expanded coverage for mobile applications as well as open-source development tools."
"It would be really helpful if the level of confidence was included, with respect to identified issues."
"The lack of ability to review compiled source code. It would then be able to compete with other scanning tools, such as Veracode."
"They could work to improve the user interface. Right now, it really is lacking."
"Checkmarx could improve by reducing the price."
"The product's reporting feature could be better. The feature works well for developers, but reports generated to be shared with external parties are poor, it lacks the details one gets when viewing the results directly from the Checkmarx One platform."
"In terms of dashboarding, the solution could provide a little more flexibility in terms of creating more dashboards. It has some of its own dashboards that come out of the box. However, if I have to implement my own dashboards that are aligned to my organization's requirements, that dashboarding feature has limited capability right now."
"Its pricing model can be improved. Sometimes, it is a little complex to understand its pricing model."
"They could provide a better user interface."
"As far as scalability, it takes a long time for deployment."
"The integration of NGINX App Protect could improve."
"The setup of NGINX App Protect is complex. The full process took one week to complete. Additionally, we had to change the network infrastructure platform which took one month."
"It's challenging if you need to go for a high throughput."
"Setting policies and parameters through the UI should be more automated because the process is manual, where we can only edit one rule at a time."
"NGINX App Protect would be improved with integration with Shape and F5 WAF, which would make it easy for users to manage all their web application security with a single solution."
"I encountered issues with NGINX App Protect while trying to upgrade custom rules."
Checkmarx One is ranked 3rd in API Security with 67 reviews while NGINX App Protect is ranked 4th in API Security with 19 reviews. Checkmarx One is rated 7.6, while NGINX App Protect is rated 8.2. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of NGINX App Protect writes "Capable of complete automation but is costly ". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas NGINX App Protect is most compared with AWS WAF, Microsoft Azure Application Gateway, F5 Advanced WAF, Fortinet FortiWeb and Cloudflare Web Application Firewall.
See our list of best API Security vendors.
We monitor all API Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.