We performed a comparison between Check Point CloudGuard WAF and Checkmarx One based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."On the endpoint side, the most valuable feature is undoubtedly the cloud-based management capability, along with the ransomware protection, despite not encountering any instances so far."
"The app control is very sensitive, and the threat detection and prevention is better than other Check Point solutions. There is a centralized management console for threat protection and self-inspection."
"The portal is quite intuitive."
"The most valuable feature we have found in Check Point CloudGuard WAF is its rich logging capabilities."
"Its ability to adapt to our applications and ensure our security policies are followed is a big plus."
"It is a very scalable and stable solution."
"The tool helps us to block IPs and applications."
"I find the configuration and real-time monitoring features valuable."
"The SAST component was absolutely 100% stable."
"The main benefit to using this solution is that we find vulnerabilities in our software before the development cycle is complete."
"The feature that I have found most valuable is that its number of false positives is less than the other security application platforms. Its ease of use is another good feature. It also supports most of the languages."
"Helps us check vulnerabilities in our SAP Fiori application."
"We were using HPE Security Fortify to scan code for security vulnerabilities, but it can scan only after a successful compile. If the code has dependencies or build errors, the scan fails. With Checkmarx, pre-compile scanning is seamless. This allows us to scan more code."
"The most valuable features are the easy to understand interface, and it 's very user-friendly."
"Most valuable features include: ease of use, dashboard. interface and the ability to report."
"The value you can get out of the speedy production may be worth the price tag."
"I would like to be able to integrate the theme of Artificial Intelligence to help review issues and to monitor and view the security issue while also suggesting and interpreting and additionally configuring solutions - basically, acting as an interpreter."
"There are occasions when it interfaces with other systems, leading to a loss of visibility."
"Check Point CloudGuard Application Security needs to improve updates on integrations. It also needs to incorporate real-time monitoring features."
"The trial version should be extended further so that QA test engineers can actually test the utilities in a real sense and can provide the maximum amount of feedback for enhancements."
"Improving the process for handling licensing renewals would be a welcome enhancement."
"It was costlier than other solutions."
"CloudGuard could improve in areas such as ease of integration with Fortinet and reducing costs associated with deployment in cloud environments like Azure."
"A feature we'd like to see in the future is something that could protect against other attack vectors, with a focus on application protection."
"Creating and editing custom rules in Checkmarx is difficult because the license for the editor comes at an additional cost, and there is a steep learning curve."
"The statistics module has a function that allows you to show some statistics, but I think it's limited. Maybe it needs more information."
"The interactive application security testing, or IAST, the interactive part where you're looking at an application that lives in a runtime environment on a server or virtual machine, needs improvement."
"The cost per user is high and should be reduced."
"They should make it more container-friendly and optimized for the CI pipeline. They should make it a little less heavy. Right now, it requires a SQL database, and the way the tool works is that it has an engine and then it has an analysis database in which it stores the information. So, it is pretty heavy from that perspective because you have to have a full SQL Server. They're working on something called Checkmarx Light, which is a slim-down version. They haven't released it yet, but that's what we need. There should be something a little more slimmed down that can just run the analysis and output the results in a format that's readable as opposed to having a full, really big, and thick deployment with a full database server."
"The solution's user interface could be improved because it seems outdated."
"The tool is currently quite static in terms of finding security vulnerabilities. It would be great if it was more dynamic and we had even more tools at our disposal to keep us safe. It would help if there was more scanning or if the process was more automated."
"They could work to improve the user interface. Right now, it really is lacking."
Check Point CloudGuard WAF is ranked 11th in Application Security Tools with 30 reviews while Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews. Check Point CloudGuard WAF is rated 9.0, while Checkmarx One is rated 7.6. The top reviewer of Check Point CloudGuard WAF writes "Automation capabilities also help streamline security processes and smooths down API integration processes and detects API availability". On the other hand, the top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". Check Point CloudGuard WAF is most compared with SonarQube, whereas Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity. See our Check Point CloudGuard WAF vs. Checkmarx One report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
