We performed a comparison between Checkmarx One and Cloudflare based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature of Checkmarx is the user interface, it is very easy to use. We do not need to configure anything, we only have to scan to see the results."
"What I like best about Checkmarx is that it has fewer false positives than other products, giving you better results."
"Overall, the ability to find vulnerabilities in the code is better than the tool that we were using before."
"The administration in Checkmarx is very good."
"It can integrate very well with DAST solutions. So both of them are combined into an integrated solution for customers running application security."
"The reports are very good because they include details on the code level, and make suggestions about how to fix the problems."
"We use the solution to validate the source code and do SAST and security analysis."
"The ability to track the vulnerabilities inside the code (origin and destination of weak variables or functions)."
"The web application firewall brought us good security and a view of the accesses/blocks of the entire domain and subdomain that were accessed both by region (country) and IPs."
"Cloudflare is a security SaaS provider that provides security and protects us from any application layer attack."
"Cloudflare has many features."
"Many websites require an SSL certificate because they sell stuff and want SSL. Cloudflare comes with an SSL certificate built in. It's automatic. You sign yourself up for Cloudflare, and an SSL certificate automatically protects your website. You don't necessarily need a certificate if you have a connection between your website and your host, the server, Cloudflare, and the host."
"What I like best about Cloudflare is that my company can use it to trace and manage applications and monitor traffic. The solution tells you if there's a spike in traffic. Cloudflare also sends you a link to check your equipment and deployment and track it through peering, so it's a valuable tool."
"There are key things that are used for our enterprise customers, such as Lambda and DNS."
"The solution provides good load balancing and protection against DDoS attacks."
"The UI is good."
"Checkmarx needs to be more scalable for large enterprise companies."
"The reports are good, but they still need to be improved considering what the UI offers."
"I would like to see the rate of false positives reduced."
"I really would like to integrate it as a service along with the SAP HANA Cloud Platform. It will then be easy to use it directly as a service."
"Creating and editing custom rules in Checkmarx is difficult because the license for the editor comes at an additional cost, and there is a steep learning curve."
"The product can be improved by continuing to expand the application languages and frameworks that can be scanned for vulnerabilities. This includes expanded coverage for mobile applications as well as open-source development tools."
"Implementing a blackout time for any user or teams: Needs improvement."
"We are trying to find out if there is a way to identify the run-time null values. I am analyzing different tools to check if there is any tool that supports run-time null value identification, but I don't think any of the tools in the market currently supports this feature. It would be helpful if Checkmarx can identify and throw an exception for a null value at the run time. It would make things a lot easier if there is a way for Checkmarx to identify nullable fields or hard-coded values in the code. The accessibility for customized Checkmarx rules is currently limited and should be improved. In addition, it would be great if Checkmarx can do static code and dynamic code validation. It does a lot of security-related scanning, and it should also do static code and dynamic code validation. Currently, for security-related validation, we are using Checkmarx, and for static code and dynamic code validation, we are using some other tools. We are spending money on different tools. We can pay a little extra money and use Checkmarx for everything."
"The timing aspect can lead to it being considered overpriced. This is a particular concern we have with Cloudflare, as they may struggle with accurately detecting the client."
"I would like Cloudflare to offer a dedicated account manager for large enterprise clients like us."
"The reporting can definitely be improved to offer a lot more explanation on something that may have happened or has actually happened."
"Cloudflare's console should be made more user-friendly."
"It should have easier documentation for the configuration. It's very technical and people who aren't technical should also be able to do the configuration."
"I think the APIs are a little bit hard for us to work with. The APIs could be more open so that we could integrate better with our SolarWinds or our monitoring solution."
"We are a product integrator and reseller, and we would like to have a better partner relationship, similar to a channel sales relationship. Sometimes we are on our own or get diverted by Cloudflare because they have direct sales, which competes with us and makes it difficult to build a relationship with this company since we want to be an MSP or a managed service provider for the solution."
"The solution could work at being less expensive. It costs a lot to use it."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Cloudflare is ranked 1st in Distributed Denial of Service (DDOS) Protection with 57 reviews. Checkmarx One is rated 7.6, while Cloudflare is rated 8.4. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Cloudflare writes "It's easy to set up because you point the DNS to it, and it's working in under 15 minutes". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Cloudflare is most compared with Akamai, Azure Front Door, Imperva DDoS, AWS Shield and Microsoft Azure Application Gateway. See our Checkmarx One vs. Cloudflare report.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.