Web application security report from it central station 2018 01 27 thumbnail
Find out what your peers are saying about Incapsula, Checkmarx, F5 and others in Web Application Security.
253,818 professionals have used our research since 2012.
Web application security report from it central station 2018 01 27 thumbnail
Find out what your peers are saying about Incapsula, Checkmarx, F5 and others in Web Application Security.
253,818 professionals have used our research since 2012.
Chart Key
Average Rating
Average rating based on reviews
Views
Number of total page views
Comparisons
Number of times compared to another product
Reviews
Total number of reviews on IT Central Station
Followers
Number of followers on IT Central Station
The total ranking of a product, represented by the bar length, is based on a weighted aggregate score. For Views, Comparisons, Reviews, and Followers the score is calculated as follows: The product with the highest count in each area gets the highest available score of 17.5 points. Every other product gets assigned points based on its total in proportion to the #1 product in that area. For example, if a product has 80% of the number of reviews compared to the product with the most reviews then the product's score for reviews would be 17.5% (weighting factor) * 80% = 14. For Average Rating, the maximum score is 30 points awarded linearly based on our rating scale of 1-10. If a product has fewer than ten reviews, the point contribution for Average Rating is reduced (one-third reduction in points for products with 5-9 reviews; two-thirds reduction for products with fewer than five reviews). Reviews that are more than 24 months old, as well as those written by resellers, are completely excluded from the ranking algorithm.
Most Views
From IT Central Station visitors
Most Reviews
Within the last 24 months
Most Followed
By IT Central Station users
Most Compared
From IT Central Station visitors

Web Application Security Reviews

Read reviews of Web Application Security that are trending in the IT Central Station community:
Your trust is our top concern, so companies can't alter or remove reviews.
Networke223881 li?1429130654
Real User
Network Analyst at a financial services firm with 1,001-5,000 employees

What is most valuable?

The most valuable feature is the F5 LTM most organisations will be using most. It provides the core functionality to be able to load balance services and the means and the intelligence to be able to load balance based on advanced logic, e.g.,... more»

How has it helped my organization?

It has enabled us to keep a sustainable and supported load balancing platform. This is partly due to Cisco withdrawing a large number of their load balancing products and also related to Microsoft Network Load Balancing not scaling enough to... more»

What needs improvement?

I would like F5 to incorporate the ability to create your own custom roles and customised permissions within the product set. I have seen many customers wanting to give a certain level of access for the purposes of out-of-hours servicing to... more»
4c gray text
Cloudflare
Dfd39ddf 9827 4e9c 8b51 6f3816d97c09 avatar
Consultant
WordPress Developer & Consultant at a tech services company

What is most valuable?

CloudFlare offers some of the most amazing features when it comes to optimizing websites & for its security for free, and all at the domain level. They were able to truly disrupt the market because prior to them, only enterprises had... more»

How has it helped my organization?

As mentioned, it helps me manage DNS records for more than 100 domains with ease. It helps in web page optimization & helps keep the website secure. If it was not for CloudFlare, I would have to hire a dedicated resource to manage all... more»

What needs improvement?

CloudFlare is an innovative company and certainly the thought leaders in their industry. They're constantly improving their product, releasing new features, partnering with various service providers to offer add-ons. Personally, I think... more»
Web application security report from it central station 2018 01 27 thumbnail
Find out what your peers are saying about Incapsula, Checkmarx, F5 and others in Web Application Security.
253,818 professionals have used our research since 2012.
Anonymous avatar x80
Real User
Product Specialist - Security Solutions at a tech services company with 501-1,000 employees

What is most valuable?

iRule: It's a great feature that helped us multiple times have an advantage over competition Appliance Performance: One of the main advantages we always have over competition is in hardware performance, where the smallest F5 appliances compete with competitors’ medium to high-end appliances, while high-end devices can sit in the datacenter without risking... more»

What needs improvement?

* Reporting: One of the negative things about F5 is there is no place to generate a summary/executive/detailed report about everything happening on the box, especially for WAF & APM events. The only way to get some kind of report is enable the AVR module, and manually export the data required into PDF/XLS documents. * GUI interface: F5 appliances lack a... more»
Anonymous avatar x80
Consultant
Sr. Consultant at a tech services company with 51-200 employees
Feb 23 2017

What is most valuable?

The most valuable feature is the grouping of multiple targets via the scan policy. It is valuable because of the large number of targets and governmental requirements to conduct periodic scans.

How has it helped my organization?

With acquisition of a license to use the product, we received the ability to standardize database scanning and data protection across the enterprise around one product.

What needs improvement?

Many features are buried under not-straight-forward options and, at times, hard to find screens. Very few import features have clearly defined format requirements. Agent installation for data usage/blocking activities on target boxes requires... more»
Anonymous avatar x80
Real User
Solution Architect/Application Administrator at a energy/utilities company with 1,001-5,000 employees
Feb 27 2017

What is most valuable?

We like the capability to combine the content switching with the intrusion prevention and adding the security roles, so we can expose certain sub-pieces outside without exposing everything. Another feature that we like is how they integrate nicely with the Oracle PeopleSoft application, and since that's one of my main focuses, I really like that they have the... more»

What needs improvement?

I have been really happy with what they have been doing. They could improve the synchronization between their main site and the failover site. Sometimes, we run into issues where it does not sync well, so I would like to see that improved. The synchronization does works fairly well. However, if I were to make changes, I would make it easier to start the sync... more»
217e1bb1 bd73 4e12 adbd 1a80d2bd6443 avatar?1441012869
Real User
Senior Web Manager at a university with 501-1,000 employees

What is most valuable?

Incapsula: * Strength of DDoS and WAF * Simple dashboard * Analytics * SSL CloudFlare: * Ease of use * Simple dashboard * DNS management * CDN * SSL

How has it helped my organization?

Incapsula: It has provided heightened visibility and awareness at management level on the actual threat landscape; it paves the way for easier approval for security-related implementations/projects. CloudFlare: It provides free SSL certs that... more»

What needs improvement?

Incapsula: * Allow easier scripting of firewall rules. * Enable more custom actions to trigger turning on/off Incapsula settings (current actions are quite limited). * Allow setting up of user groups to manage different groups of sites with... more»
4c gray text
Cloudflare
B53bf237 2365 4758 9676 e9aef4a11b9d avatar
Real User
Ui Developer at a marketing services firm with 51-200 employees

What is most valuable?

These are some of the valuable features: * Free 15 year SSL certificates (I used to need to pay for these). * Spam protection to help prevent spam and unnecessary bot traffic. * Edge caching on a CDN. This is nice for WordPress sites. I can... more»

How has it helped my organization?

Once a domain's name servers have been pointed to CloudFlare, you never have to worry about DNS propagation. This would be the case, for example, if you wanted to point a domain to a different EC2/digital ocean instance.

What needs improvement?

In that sense, it's marketing that could use some improvement. It is hard to call your own product a "necessity", but I truly believe that it, or something like it, is a necessity. Without it, you are risking higher costs, more spam, more... more»
Wallarm logo
Wallarm
B491d089 c57e 47e3 be30 40d9e3cf41e7 avatar
Real User
VP, Engineering and Operations at a tech vendor with 501-1,000 employees
May 17 2017

What is most valuable?

I would say that the active threat detection feature and adaptive rules are the most valuable for us. With active threat detection, we are no longer over-swamped with tons of useless events. As all the payloads from malicious requests are... more»

How has it helped my organization?

We added a real-time protection layer for all the web-facing applications and APIs in our CI/CD pipelines. As every one of the applications are updated almost every day, it was impossible to use any tools based on signatures or static rules.

What needs improvement?

It needs more customization in PDF reports.
Checkmarx logo
Checkmarx
Anonymous avatar x80
Real User
Product Marketing Engineering at a manufacturing company with 1,001-5,000 employees
Feb 26 2017

What is most valuable?

* The export feature and presentation of the results. * The ability to track the vulnerabilities inside the code (origin and destination of weak variables or functions). * A wide variety of modern programming languages are supported,... more»

How has it helped my organization?

For manual code testing, Checkmarx has been very helpful discarding false positives, filtering and removing a lot of files that are not presenting any threat, as well as indicating the files or functions that should be focused upon. Checkmarx... more»

What needs improvement?

The lack of ability to review compiled source code. It would then be able to compete with other scanning tools, such as Veracode. Compiled code means that the code written is stored in binaries, for machine reading only. Tools like Veracode... more»
Wallarm logo
Wallarm
D23e612e 9aac 4211 b044 5e82ccb55326 avatar
Real User
Security Researcher at a tech vendor
Jan 03 2018

What is most valuable?

The most powerful feature is the ability to first learn what type of query to make to your web application when it is attacked and what type of query creates a false positive to your app. You can first learn Wallarm in monitoring mode, then... more»

How has it helped my organization?

Improves nothing. Helps us to monitor situations in regards to attacks to our sites and prevents a lot of them.

What needs improvement?

The biggest problem for us was the stability and speed using the first version of Wallarm. Now, it is fine.
4c gray text
Cloudflare
091f33d8 f557 400a 9ab2 a116508bd0bc avatar?1444263362
Real User
COO at a tech services company with 11-50 employees
May 22 2017

What is most valuable?

The API gives us the ability to remote control our DNS settings. With many platforms, such as PF-Sense integrating with CloudFlare, it’s an invaluable tool for things such as Dynamic DNS, Let’s Encrypt DNS-01 Challenge, or even as a rapid... more»

How has it helped my organization?

CloudFlare made it easier for us to manage our client’s DNS. With their outstanding UI, we have been able to reduce human errors and get a better overview of our DNS and security.

What needs improvement?

* We need templates and profiles badly for the whole setup and multi-user support with rights management. * They need to fix their extensions and integrations faster. * They need to add more sub-level API keys.
Anonymous avatar x80
Real User
Network and Security Engineer at a Consumer Goods with 1,001-5,000 employees
Feb 23 2017

What is most valuable?

* Very easy to configure, which quickly allows us to add significant security to our websites. * Nice dashboard, which shows us details about traffic, security, performance, real-time utilization and an activity log. * Easy to configure... more»

How has it helped my organization?

With our IT infrastructure more secure, our customers receive a great website experience without encountering website defacements and other fallout from attacks on our web servers. Our IT department is not spending the time we used to on... more»

What needs improvement?

An Incapsula website configuration instance can be in a "Pending DNS changes" state, where further work is needing to be done by the customer, while website access is otherwise fully functional. While in this state, the PCI Compliance Report... more»
Anonymous avatar x80
Real User
Engineer at a financial services firm with 1,001-5,000 employees

What is most valuable?

* FortiAnalyzer (SIEM) integration is useful for us because we collect in this device almost all the security events from the network. We are using exact URL (no default page, no home page) for our e-banking services for enterprises. Then we... more»

How has it helped my organization?

It helped us initially publish e-banking services, but after a few months, we discovered it was an easy way to deploy other internal websites, published in an intranet style.

What needs improvement?

I think Fortinet must make an effort in terms of upgrade procedures. There were some troubles upgrading from 5.2.x to 5.3.x, and the problem appeared again upgrading from 5.3.x to 5.5.x: * Upgrading from 5.2.x to 5.3.x. Fortinet provides a... more»
F0ddaccb 96f8 492e 9c9f eec870227199 avatar?1439800485
Real User
Senior Analyst at a financial services firm with 1,001-5,000 employees

What is most valuable?

In my opinion, the following features of FortiWeb 4000E are the most valuable & were appreciated during all my previous engagements: * 20 Gbps appliance throughput makes it useful for large enterprise deployment and also meets future... more»

How has it helped my organization?

* Operations overhead (administration and escalation management) has been brought down, as Fortinet provides flexible and customizable reporting options with the FortiAnalyzer appliance for logging and reporting. * Rule creation and fine... more»

What needs improvement?

Product support is a major concern; if FortiWeb wants to become a market leader, then it must provide better after-sales services. The automatic policy learning feature also needs some improvement, as using this feature leads to more false... more»
Anonymous avatar x80
Real User
Director at a tech services company with 51-200 employees

What is most valuable?

We use them for VPN, standard layer 4, web filtering, anti-malware and DLP – they are used as our perimeter firewall solution.

How has it helped my organization?

I would not say it has improved how we function because I think that other leading vendors firewalls are as good. However, I do think that FortiGate can do it at a much better price point than, for example, Cisco ASA or Palo Alto.

What needs improvement?

The CLI could be improved by removing all default syntax from the config. The debugging of crypto VPN is not as informative as other vendors’ firewalls. The GUI is also not as good as some vendors, but overall as a package and considering... more»
Checkmarx logo
Checkmarx
E46147d6 a86a 41dc 9a08 5f2e0cd47979 avatar
Real User
Senior Manager at a tech vendor
Feb 23 2017

What is most valuable?

Scan reviews can occur during the development lifecycle.

How has it helped my organization?

It moved our organization towards being agile vs. waterfall.

What needs improvement?

The areas in which this product needs to improve are: * C, C++, VB and T-SQL are not supported by this product. Although, C and C++ were advertised as being supported. * There were issues in regards to the JSP parsing. * Defect report... more»
Sucuri security
Sucuri Security
Anonymous avatar x80
Consultant
Associate Consultant
Jun 11 2017

What is most valuable?

Domain name scanning since it allows us to scan all our domain names and determine whether it has malware or if is reported as phishing. Sucuri also gives us details on content that may have triggered the malware/phishing report.

How has it helped my organization?

The product has sped up our ability to detect suspicious domains and alert the registrants or relevant parties. It has also allowed us to share more details on such detections to the relevant parties since the report is comprehensive enough.

What needs improvement?

* Confident score: Currently it does not have one and there are cases that most websites flagged are false-positives. Since they don’t have it, then we end up manually reassessing the website. It would be good if they had it so we could tweak... more»
4c gray text
Cloudflare
91528adf e634 41ee 967c 3aad224b95f3 avatar
Real User
Technical Lead at a tech services company with 51-200 employees

What is most valuable?

I have used the cache feature of CloudFlare CDN. CloudFlare is very easy to set up for my site domain. It is very easy to maintain. CloudFlare flushes the cache immediately, which is not supported by some of the other CDN networks such as... more»

How has it helped my organization?

No comments, because I am using it only for creating a cache flushing tool that will work on Adobe Experience Manger (AEM).

What needs improvement?

There are some features missing or might not be visible to me as I am using its free website plan. These features are: * CloudFlare doesn't provide the cache flush history. I.e., I am not able to find out the URL information of those I have... more»
Wallarm logo
Wallarm
865ad81b 5a36 4a5c ba99 68bb8d79920c avatar
Real User
Head of Application Security at a software R&D company with 1,001-5,000 employees
May 24 2017

What is most valuable?

Deployment simplicity helps our maintenance guys to set up quickly. Their machine learning techniques significantly lower the false-positive alerts rate.

How has it helped my organization?

The use of a WAF becomes especially relevant in the case of concrete vulnerabilities, such as those uncovered via penetration tests or source code reviews. Even if it were possible to fix the vulnerability in the application promptly and with... more»

What needs improvement?

It is only about stability issues. But it is a usual problem for all new products. At this moment, we have no incidents with Wallarm that has been up for eight months.
Checkmarx logo
Checkmarx
Anonymous avatar x80
Vendor
Software Engineer at a tech services company with 1,001-5,000 employees
Jan 22 2018

What is most valuable?

The most valuable feature for me is the Jenkins Plugin. We usually take a copy of the normal build job for Checkmarx so that: * we have all of the source code we need for the build, normal and generated source code; * we need only one... more»

How has it helped my organization?

It is very easy to insert the tool in the SDLC because there are a wide variety of ways to access the source-code, initiate scans, and review the results. The projects need not care about getting a tool, accessing the tool, and it is cheaper... more»

What needs improvement?

I think the CxAudit tool has room for improvement. At the beginning you can choose a scan of a project, but in any event the project must be scanned again (wasting time). Updating and debugging of queries is not very convenient.
Web application security report from it central station 2018 01 27 thumbnail
Find out what your peers are saying about Incapsula, Checkmarx, F5 and others in Web Application Security.
253,818 professionals have used our research since 2012.

Web Application Security Articles

C2fa4556 fe24 4433 9f6d 43684e0421e5 avatar
Market Analyst
IT Central Station
HPE Fortify on Demand, Checkmarx, Veracode, IBM Security AppScan, QualysGuard Web Application Scanning What are the best application security testing tools? IT Central Station’s crowdsourced platform helps technology professionals make informed decisions, by providing user reviews without... more»
A2677e73 3c95 4db0 9a5b 56d28884f396 avatar
218
Senior Information Security Consultant
Expertise in developing Web Based Application, Database Applications and Desktop Applications Working experience in distributed environment and distributed applications Expertise in ISA Configuration, Network Security include:· Penetration Testing· Stress... more>>
Reviewed Symantec Advanced Threat Protection: Real-time threat analysis is quick, takes action...
Arshad khan li?1424931700
57
Security Consultant
Security Consultant (Team lead) in Accenture Leveraged service delivery (Wipro) Worked for Bank client .(HP) Worked on Government Tax dept.(Tulip telecom) • Firewall (Check point, Cisco, Palo Alto, Fortinet, Juniper) • IPS/IDS (Cisco, Checkpoint, IBM, McAfee) • Proxy (Bluecoat,... more>>
Ioannis syrigos avatar 1434074141?1434074139
2,193

3
IT Consultant, Business Owner, Lecturer
Dr Ioannis Syrigos is a Computer and Electrical Engineer, an Entrepreneur, co-owner and Managing Director of Stella Novus LTD, an IT consulting company running several individual online projects (Ancient-Origins.net, Members.Ancient-Origins.net, Evolving-Science.com, EnglishWithJo.com and... more>>
Omar sanchez mr tech avatar 1434666108?1434666106
5,882
TOP 5POPULAR
Information Security Advisor, CISO & CIO, Docutek Services
About my business: Docutek is a leading business and technology consulting company specializing in the development and implementation of healthcare technology since 2008. We deliver Consulting, Integration, Support and Training. We also provide clients with security assessment. network... more>>
Reviewed Micro Focus AppPulse Suite: Frequent, detailed logs help developers determine...
Dfd39ddf 9827 4e9c 8b51 6f3816d97c09 avatar
404
WordPress Developer & Consultant
Think of a person who understands the role of technology in the business, power of publishing in marketing & branding, knows how to build a website, market it and also scale it! Well, that's me. Hi, I'm Mayank Gupta and I'm your one stop for all the web/digital business requirements. In... more>>
Anonymous avatar x100
92
o SIEM (QRadar, AlienVault, LogStorm) o Enterprise virtualization (ESXi 5.5/6.0) o Imperva SecureSphere o MS SQL Server o MySQL o Oracle o Sybase o FileMaker; • Workshops on various technologies of SQL Server, including: o Asynchronous multi-threaded request processing o Scaling out reporting... more>>
Reviewed Imperva SecureSphere Web Application Firewall: Scan policies allow us to group multiple targets and...
Anonymous avatar x100
190
Linux/Cisco/Microsoft Infraestructure Manager
Working towards CCIP certification CCNP certified Interested in WMI/SNMP monitoring, Cisco technologies, open source software in Linux platforms Online gaming software

Sign Up with Email