We performed a comparison between Checkmarx One and NGINX App Protect based on real PeerSpot user reviews.
Find out what your peers are saying about Noname Security, Salt Security, Checkmarx and others in API Security."The main benefit to using this solution is that we find vulnerabilities in our software before the development cycle is complete."
"The setup is fairly easy. We didn't struggle with the process at all."
"The most valuable feature is the application tracking reporting."
"The most valuable feature for me is the Jenkins Plugin."
"Overall, the ability to find vulnerabilities in the code is better than the tool that we were using before."
"From my point of view, it is the best product on the market."
"We use the solution to validate the source code and do SAST and security analysis."
"The identification of verification-related security vulnerabilities is really important and one of the key things. It also identifies vulnerabilities for any kind of third-party tool coming into the system or any third-party tools that you are using, which is very useful for avoiding random hacking."
"NGINX App Protect's best features are auto-learning, which creates a profile of applications that are deployed, bot protection, and force protection, which lets you configure your brute force policy and alert for and prevent brute force attacks."
"It is a very good tool for load balancing."
"The initial setup was simple and took three to four days."
"NGINX App Protect has complete control over the HTTP session."
"The most valuable feature of NGINX App Protect is its open source."
"It's very easy to deploy."
"WAF is useful to track mitigation, inclusion, prevention, and the parametric firewall."
"I tested specific features and evaluated the solution against the Web Application Firewall. I conducted research to test different detection percentages. I did not use it directly for protection but for evaluation purposes."
"The integration could improve by including, for example, DevSecOps."
"Checkmarx could be improved with more integration with third-party software."
"With Checkmarx, normally you need to use one tool for quality and you need to use another tool for security. I understand that Checkmarx is not in the parity space because it's totally different, but they could include some free features or recommendations too."
"Updating and debugging of queries is not very convenient."
"We have received some feedback from our customers who are receiving a large number of false positives."
"The interactive application security testing, or IAST, the interactive part where you're looking at an application that lives in a runtime environment on a server or virtual machine, needs improvement."
"Checkmarx needs to be more scalable for large enterprise companies."
"I would like the product to include more debugging and developed tools. It needs to also add enhancements on the coding side."
"The setup of NGINX App Protect is complex. The full process took one week to complete. Additionally, we had to change the network infrastructure platform which took one month."
"The configuration needs to be more flexible because it is difficult to do things that are outside of the ordinary."
"The integration of NGINX App Protect could improve."
"NGINX App Protect would be improved with integration with Shape and F5 WAF, which would make it easy for users to manage all their web application security with a single solution."
"NGINX App Protect could improve security."
"Areas for improvement would be if NGINX could scan for vulnerabilities and learn and update the signatures of DoS attacks."
"As far as scalability, it takes a long time for deployment."
"The dashboard could provide a more comprehensive view of the status of the connections."
Checkmarx One is ranked 3rd in API Security with 67 reviews while NGINX App Protect is ranked 4th in API Security with 19 reviews. Checkmarx One is rated 7.6, while NGINX App Protect is rated 8.2. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of NGINX App Protect writes "Capable of complete automation but is costly ". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas NGINX App Protect is most compared with AWS WAF, Microsoft Azure Application Gateway, F5 Advanced WAF, Fortinet FortiWeb and Cloudflare Web Application Firewall.
See our list of best API Security vendors.
We monitor all API Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.