We performed a comparison between Checkmarx One and Imperva Web Application Firewall based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Apart from software scanning, software composition scanning is valuable."
"Both automatic and manual code review (CxQL) are valuable."
"The administration in Checkmarx is very good."
"The most valuable feature is the application tracking reporting."
"The main advantage of this solution is its centralized reporting functionality, which lets us track issues, then see and report on the priorities via a web portal."
"The UI is very intuitive and simple to use."
"The most valuable feature is the simple user interface."
"Scan reviews can occur during the development lifecycle."
"Imperva monitors all traffic, even customer access, to the web application. Then, Imperva uses features like signatures to identify attacks like cross-site scripting or SQL injection."
"There is a quick switch between any of the the nodes if something goes wrong, where there's a there's an attack against a specific area. The security setup is reasonably easy. It's not a problem to do setups and rules and integrations. And, yeah, just the the back end team is also very willing to insist if there's questions that that we cannot answer or with these questions that we do have"
"It has threat intelligence and we are using Incapsula. With threat intelligence, we can separate HTTP and HTTPS traffic. We can use Incapsula to send all the threat intelligence to the WAF."
"The solution integrates seamlessly with other tools and has a good alert mechanism."
"The configurability of the tools and the ease of operation to be the most valuable feature of Imperva."
"The compliance is the most valuable aspect."
"I am impressed with the product's scalability, availability, easy management, and security. We were able to integrate the product with Azure and Sentinel."
"Its inline transferring mode is the most valuable because it is 100% transparent. When you change the IP, there is no change on the network side. If you can't and want to try to reach an IP, you can reach the server IP. There are many other advanced security features in it. The smallest appliances of Imperva can handle the highest traffic at a customer site. For example, a smaller appliance from Imperva can provide you the same security as an F5 product."
"Its pricing model can be improved. Sometimes, it is a little complex to understand its pricing model."
"I would like the product to include more debugging and developed tools. It needs to also add enhancements on the coding side."
"Some of the descriptions were found to be missing or were not as elaborate as compared to other descriptions. Although, they could be found across various standard sources but it would save a lot of time for developers, if this was fixed."
"The pricing can get a bit expensive, depending on the company's size."
"Updating and debugging of queries is not very convenient."
"We are trying to find out if there is a way to identify the run-time null values. I am analyzing different tools to check if there is any tool that supports run-time null value identification, but I don't think any of the tools in the market currently supports this feature. It would be helpful if Checkmarx can identify and throw an exception for a null value at the run time. It would make things a lot easier if there is a way for Checkmarx to identify nullable fields or hard-coded values in the code. The accessibility for customized Checkmarx rules is currently limited and should be improved. In addition, it would be great if Checkmarx can do static code and dynamic code validation. It does a lot of security-related scanning, and it should also do static code and dynamic code validation. Currently, for security-related validation, we are using Checkmarx, and for static code and dynamic code validation, we are using some other tools. We are spending money on different tools. We can pay a little extra money and use Checkmarx for everything."
"The resolutions should also be provided. For example, if the user faces any problem regarding an installation due to the internal security policies of their company, there should be a resolution offered."
"Licensing models and Swift language support are the aspects in which this product needs to improve. Swift is a new language, in which major customers require support for lower prices."
"The solution works for particular zones but isn't always the best solution for all zones."
"It is complicated to integrate the solution's on-cloud version with other platforms."
"Imperva Web Application Firewall could improve the API integration. It was complex for us. Additionally, The onboarding could be better."
"I would like to improve the tool's turnaround time in terms of support."
"Sometimes, support tickets don't get addressed quickly."
"The signature updates could be faster. Sometimes we have to upload signatures to the Imperva portal for checking and analysis before we can use them."
"Sometimes our web application firewall will slow down."
"I think that better bot protection is needed in this solution."
More Imperva Web Application Firewall Pricing and Cost Advice →
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Imperva Web Application Firewall is ranked 6th in Web Application Firewall (WAF) with 47 reviews. Checkmarx One is rated 7.6, while Imperva Web Application Firewall is rated 8.6. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Imperva Web Application Firewall writes "Offers simulation for studying infrastructure and hybrid infrastructure protection". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Imperva Web Application Firewall is most compared with AWS WAF, F5 Advanced WAF, Microsoft Azure Application Gateway, Fortinet FortiWeb and Azure Front Door. See our Checkmarx One vs. Imperva Web Application Firewall report.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.