We performed a comparison between Checkmarx One and Radware Bot Manager based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Apart from software scanning, software composition scanning is valuable."
"We were using HPE Security Fortify to scan code for security vulnerabilities, but it can scan only after a successful compile. If the code has dependencies or build errors, the scan fails. With Checkmarx, pre-compile scanning is seamless. This allows us to scan more code."
"The most valuable features of Checkmarx are the automation and information that it provides in the reports."
"The solution improved the efficiency of our code security reviews. It helps tremendously because it finds hundreds of potential problems sometimes."
"The process of remediating software security vulnerabilities can now be performed (ongoing) as portions of the application are being built in advance of being compiled."
"The solution is always updating to continuously add items that create a level of safety from vulnerabilities. It's one of the key features they provide that's an excellent selling point. They're always ahead of the game when it comes to finding any vulnerabilities within the database."
"Our static operation security has been able to identify more security issues since implementing this solution."
"It can integrate very well with DAST solutions. So both of them are combined into an integrated solution for customers running application security."
"The most valuable feature is the bot management itself and the way it has stopped bots from scraping our site, with its AI mechanism. Its ability to detect and mitigate bots is really good."
"Bot Manager's behavioral modeling and intelligence help us distinguish between harmless and malicious bots."
"Bot Manager is an excellent tool for analyzing traffic to detect suspicious patterns. It uses artificial intelligence to identify malicious behavior."
"I like how Bot Manager automatically detects when a suspicious user attempts to download content from your website."
"It's very good at categorizing the different types of bots, whether they're malicious or good. Bot is a very generic term. It could be good, it could be bad. Quite a lot of legitimate businesses are using bot-type services to just scrape the internet for information."
"The solution provides a rating of the sophistication of the bot attack."
"Checkmarx needs to improve the false positives and provide more accuracy in identifying vulnerabilities. It misses important vulnerabilities."
"I would like to see the rate of false positives reduced."
"The cost per user is high and should be reduced."
"They can support the remaining languages that are currently not supported. They can also create a different model that can identify zero-day attacks. They can work on different patterns to identify and detect zero-day vulnerability attacks."
"The solution's user interface could be improved because it seems outdated."
"The product's reporting feature could be better. The feature works well for developers, but reports generated to be shared with external parties are poor, it lacks the details one gets when viewing the results directly from the Checkmarx One platform."
"As the solution becomes more complex and feature rich, it takes more time to debug and resolve problems. Feature-wise, we have no complaints, but Checkmarx becomes harder to maintain as the product becomes more complex. When I talk to support, it takes them longer to fix the problem than it used to."
"Checkmarx is not good because it has too many false positive issues."
"It would be good to have more integrations. It's very hard to get data in and out of their portal. It doesn't have any integrations with any of our tools, such as our SIEM tool. It only depends on emails. Having that tied into the warehouse, SIEM, and maybe our on-call tools would be very helpful because it would just give us a holistic picture of everything."
"It would be beneficial to have a link from the WAF to the Bot Manager portal available so we do not have to log in again."
"We're missing links to their modules for installation and configuration. They have most of them available already, but there were situations for mobile applications that, when they released a new version, were not stable. We had to ask them to send a link by email, and that could be made accessible in the portal."
"I would like more ability to configure custom rules. Currently, I need to open a ticket with support to request a specific rule that isn't available in the console. In some cases, I don't have visibility into the logs or they are too complicated to analyze."
"Bot Manager is doing its job, but I think the behavioral modeling could be improved by adding fingerprinting and automation. Remediation should be automated so that it doesn't require any intervention by the user."
"Radware Bot Manager is a little costly but not too expensive. It's in the middle."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Radware Bot Manager is ranked 3rd in Bot Management with 8 reviews. Checkmarx One is rated 7.6, while Radware Bot Manager is rated 9.2. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Radware Bot Manager writes "Categorizes different types of bots very well and is very effective at detecting and mitigating bots in real time". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Radware Bot Manager is most compared with Fastly, F5 Shape Security, Cloudflare, AWS WAF and Akamai Bot Manager. See our Checkmarx One vs. Radware Bot Manager report.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.