We performed a comparison between Checkmarx One and NGINX App Protect based on real PeerSpot user reviews.
Find out what your peers are saying about Noname Security, Salt Security, Checkmarx and others in API Security."One of the most valuable features is it is flexible."
"It can integrate very well with DAST solutions. So both of them are combined into an integrated solution for customers running application security."
"Apart from software scanning, software composition scanning is valuable."
"The most valuable features of Checkmarx are difficult to pinpoint because of the way the functionalities and the features are intertwined, it's difficult to say which part of them I prefer most. You initiate the scan, you have a scan, you have the review set, and reporting, they all work together as one whole process. It's not like accounting software, where you have the different features, et cetera."
"The features and technologies are very good. The flexibility and the roadmap have also been very good. They're at the forefront of delivering the additional capabilities that are required with cloud delivery, etc. Their ability to deliver what customers require and when they require is very important."
"The main advantage of this solution is its centralized reporting functionality, which lets us track issues, then see and report on the priorities via a web portal."
"Less false positive errors as compared to any other solution."
"It allows for SAST scanning of uncompiled code. Further, it natively integrates with all key repos formats (Git, TFS, SVN, Perforce, etc)."
"I tested specific features and evaluated the solution against the Web Application Firewall. I conducted research to test different detection percentages. I did not use it directly for protection but for evaluation purposes."
"NGINX App Protect has complete control over the HTTP session."
"It's very easy to deploy."
"The most valuable feature is that I can establish different services from the firewall."
"It is a stable solution."
"WAF is useful to track mitigation, inclusion, prevention, and the parametric firewall."
"The most valuable feature is that there is a link in the system that will help to analyze the security of an application when something abnormal is found."
"The policies are flexible based on the technologies you use."
"One area for improvement in Checkmarx is pricing, as it's more expensive than other products."
"The interactive application security testing, or IAST, the interactive part where you're looking at an application that lives in a runtime environment on a server or virtual machine, needs improvement."
"Its user interface could be improved and made more friendly."
"It provides us with quite a handful of false positive issues. If Checkmarx could reduce this number, it would be a great tool to use."
"Checkmarx needs to improve the false positives and provide more accuracy in identifying vulnerabilities. It misses important vulnerabilities."
"Checkmarx could be improved with more integration with third-party software."
"In terms of dashboarding, the solution could provide a little more flexibility in terms of creating more dashboards. It has some of its own dashboards that come out of the box. However, if I have to implement my own dashboards that are aligned to my organization's requirements, that dashboarding feature has limited capability right now."
"Checkmarx could improve the REST APIs by including automation."
"Its technical support could be better."
"Areas for improvement would be if NGINX could scan for vulnerabilities and learn and update the signatures of DoS attacks."
"The dashboard could provide a more comprehensive view of the status of the connections."
"The setup of NGINX App Protect is complex. The full process took one week to complete. Additionally, we had to change the network infrastructure platform which took one month."
"NGINX App Protect would be improved with integration with Shape and F5 WAF, which would make it easy for users to manage all their web application security with a single solution."
"It's challenging if you need to go for a high throughput."
"Right now, the tool doesn't provide an option revolving around update feeds, specifically the signature update option in the UI."
"As far as scalability, it takes a long time for deployment."
Checkmarx One is ranked 3rd in API Security with 67 reviews while NGINX App Protect is ranked 4th in API Security with 19 reviews. Checkmarx One is rated 7.6, while NGINX App Protect is rated 8.2. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of NGINX App Protect writes "Capable of complete automation but is costly ". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas NGINX App Protect is most compared with AWS WAF, Microsoft Azure Application Gateway, F5 Advanced WAF, Fortinet FortiWeb and Cloudflare Web Application Firewall.
See our list of best API Security vendors.
We monitor all API Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
