• Home
  • Checkmarx One vs. Citrix Web App and API Protection

Checkmarx One vs Citrix Web App and API Protection comparison

Cancel
You must select at least 2 products to compare!
Checkmarx Logo

Checkmarx One

Read 67 Checkmarx One reviews
35,279 views|23,132 comparisons
86% willing to recommend
Citrix Logo

Citrix Web App and API Protection

Read 10 Citrix Web App and API Protection reviews
1,500 views|914 comparisons
80% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Application Security Tools
April 2024
Executive Summary

We performed a comparison between Checkmarx One and Citrix Web App and API Protection based on real PeerSpot user reviews.

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools.
To learn more, read our detailed Application Security Tools Report (Updated: April 2024).
Download the complete report
768,857 professionals have used our research since 2012.
Featured Review
Anonymous User
Useful automation , detailed reports, but scalability could improve
We have always used some kind of code analysis tool and Checkmarx has been working for us at this time. We like the tool.
Mohammad Shahid
Is stable, protects data, and is affordable
Citrix Web App API Protection allows you to enable a blocking mode. The hackers who choose to upload any unwanted data on your application, Citrix... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Vulnerability details is valuable.""The solution has good performance, it is able to compute in 10 to 15 minutes.""It has all the features we need.""The only thing I like is that Checkmarx does not need to compile.""Both automatic and manual code review (CxQL) are valuable.""The most valuable features of Checkmarx are the SCA module and the code-checking module. Additionally, the solutions are explanatory and helpful.""From my point of view, it is the best product on the market.""The main benefit to using this solution is that we find vulnerabilities in our software before the development cycle is complete."

More Checkmarx One Pros →

"I like the solution's simplicity compared to Citrix's on-prem solutions.""I prefer this solution because of its user-friendly interface. I find it simple and close to what I am currently using, which is Citrix Fortiva Access for Multi-Factor Authentication. I appreciate the familiar user interface and troubleshooting tools it offers.""When our primary link goes down I can still get to my Cisco devices and the NetScaler devices on-prem because of the SDN solution. If the internet connection at one of the branches goes down, we can still route them, they still get internet based on the SDN solution through one of the other sites. They can carry on working.""The solution's technical support is good.""We have good customer support.""The advantage of Citrix Web App and API Protection is just its graphic user interface for beginners. The solution is nothing special, but we have to use it for the corporation. Another advantage of Citrix Web App and API Protection is that we have our copy to test things and get the know-how of it.""The web application firewall which protects our services on the internet, and then of course services like our ability to provide high availability for the services we are offering are the most valuable features.""Citrix Web App API Protection allows you to enable a blocking mode"

More Citrix Web App and API Protection Pros →

Cons
"Checkmarx could improve the REST APIs by including automation.""Integration into the SDLC (i.e. support for last version of SonarQube) could be added.""The product can be improved by continuing to expand the application languages and frameworks that can be scanned for vulnerabilities. This includes expanded coverage for mobile applications as well as open-source development tools.""They could work to improve the user interface. Right now, it really is lacking.""The reports are good, but they still need to be improved considering what the UI offers.""Updating and debugging of queries is not very convenient.""This product requires you to create your own rulesets. You have to do a lot of customization.""Checkmarx being Windows only is a hindrance. Another problem is: why can't I choose PostgreSQL?"

More Checkmarx One Cons →

"The reporting is not so good. They don't have an application to connect the logs.""The user interface could be more friendly. Some wizards and other documentation for administrators, as well as some use cases, helps us to understand the solution.""Citrix Web App and API Protection could improve in the area of licensing""I am not an expert in this solution, but simplicity and user-friendly interfaces are crucial for me. I would appreciate advice from Citrix, particularly in the form of an interactive guide for API protection. It would be helpful if they could provide specific points and recommendations for cybersecurity, indicating areas that need attention or improvement. I find such interactive guidance valuable.""Their upgrades are not very backward compatible, and sometimes they mess up.""The solution's pricing is a big concern and should be improved.""The product could be improved by making it easier to use and easier to implement.""The configuration for its web application firewall is complicated."

More Citrix Web App and API Protection Cons →

Pricing and Cost Advice
  • "It is the right price for quality delivery."
  • "I believe pricing is better compared to other commercial tools."
  • "The pricing was not very good. This is just a framework which shouldn’t cost so much."
  • "The pricing is competitive and provides a lower TCO (total cost of ownership) for achieving application security."
  • "It is a good product but a little overpriced."
  • "The license has a vague language around P1 issues and the associated support. Make sure to review these in order to align them with your organizational policies."
  • "​Checkmarx is not a cheap scanning tool, but none of the security tools are cheap. Checkmarx is a powerful scanning tool, and it’s essential to have one of these products."
  • "We got a special offer for a 30% reduction for three years, after our first year. I think for a real source-code scanning tool, you have to add a lot of money for Open Source Analysis, and AppSec Coach (160 Euro per user per year)."

    • More Checkmarx One Pricing and Cost Advice →

  • "We have all the features and functions of Citrix because we have a premium license."
  • "For partners, NetScaler is not as expensive price-wise versus F5."
  • "Citrix Web App and API Protection are in the middle when we talk about pricing and licensing"
  • "The pricing for Citrix Web App and API Protection is unreasonable. I don't know the exact price, but I heard it's tens of thousands and it's a bit too much for the small country I live in."
  • "The solution is expensive compared to one of its competitors."
  • "On a scale from one to ten, where one is cheap, and ten is expensive, I rate the solution's pricing an eight or nine out of ten."
  • "I rate the pricing an eight out of ten since it is expensive."
  • "In Turkey, everything is good, but it seems expensive for us due to the currency exchange. I don't have a specific rating scale, but if I had to rate the price, I would say it's around a six out of ten."

    • More Citrix Web App and API Protection Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
    See Recommendations
    768,857 professionals have used our research since 2012.
    Questions from the Community
    What alternatives are there for Fortify WebInspect and Fortify SCA?
    Top Answer:I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as well. Veracode is only a cloud solution. Hope this helps.
    Read all 4 answers   →
    What do you like most about Checkmarx?
    Top Answer:Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%.
    Read all 38 answers   →
    What is your experience regarding pricing and costs for Checkmarx?
    Top Answer:The solution's price is high and you pay based on the number of users.
    Read all 25 answers   →
    What do you like most about Citrix Web App and API Protection?
    Top Answer:I prefer this solution because of its user-friendly interface. I find it simple and close to what I am currently using, which is Citrix Fortiva Access for Multi-Factor Authentication. I appreciate the… more »
    Read all 9 answers   →
    What is your experience regarding pricing and costs for Citrix Web App an...
    Top Answer:In Turkey, everything is good, but it seems expensive for us due to the currency exchange. I don't have a specific rating scale, but if I had to rate the price, I would say it's around a six out of… more »
    Read all 8 answers   →
    What needs improvement with Citrix Web App and API Protection?
    Top Answer:I am not an expert in this solution, but simplicity and user-friendly interfaces are crucial for me. I would appreciate advice from Citrix, particularly in the form of an interactive guide for API… more »
    Read all 9 answers   →
    Ranking
    3rd
    out of 74 in Application Security Tools
    Views
    35,279
    Comparisons
    23,132
    Reviews
    21
    Average Words per Review
    513
    Rating
    7.7
    20th
    out of 79 in Web Application Firewall (WAF)
    Views
    1,500
    Comparisons
    914
    Reviews
    6
    Average Words per Review
    430
    Rating
    7.3
    Comparisons
    Also Known As
    Citrix NetScaler AppFirewall , Citrix Web App Firewall
    Learn More
    Checkmarx
    Citrix
    Overview

    Checkmarx is a highly accurate and flexible static code analysis product that allows organizations to automatically scan uncompiled code and identify hundreds of security vulnerabilities in all major coding languages and software frameworks. Checkmarx is available as a standalone product and can be effectively integrated into the software development lifecycle (SDLC) to streamline vulnerability detection and remediation. Checkmarx is trusted by leading organizations such as SAP, Samsung, and Salesforce.com.

    Checkmarx is a global leader in software security solutions for modern software development. Checkmarx delivers a comprehensive software security platform that unites with DevOps by scanning uncompiled source code for security vulnerabilities early in the development life cycle to reduce and remediate risk from software vulnerabilities. Using Checkmarx, teams avoid software security vulnerabilities managed via a single and unified dashboard without slowing down their delivery schedule.

    Checkmarx balances the needs of the entire organization, delivering seamless security from the start and throughout the entire software development life cycle. Checkmarx can be deployed on-premises in a private data center or hosted via a public cloud.

    Checkmarx Features

    Some of Checkmarx’s features include:

    • Source code scanning: Detect and repair more vulnerabilities before you release your code.

    • Open-source scanning: Find and eliminate the risks in your open-source code.

    • Interactive code scanning: Scan for vulnerabilities and runtime threats.

    • Open-source security for infrastructure as code: Identify and fix insecure IaC configurations that put your application at risk.

    Reviews from Real Users

    Checkmarx stands out among its competitors for a number of reasons. Two major ones are its ability to enable developers to secure their code with a single management dashboard and its high-speed scanning abilities.

    PeerSpot users note the effectiveness of these features. A CEO at a tech services company writes, “The most valuable features are the easy-to-understand interface, and it’s very user-friendly. We spend some time tuning to start scanning a new project, which is only a few clicks. A few simple tunes for custom rules and we can start our scan. We can do the work quickly and we don't need to compile the source code because Checkmarx does the work without compiling the project. The scanning is very quick. It's about 20,000 lines per hour, which is a good speed for scanning.”

    A director at a tech services company notes, “The features and technologies are very good. The flexibility and the roadmap have also been very good. They're at the forefront of delivering the additional capabilities that are required with cloud delivery, etc. Their ability to deliver what customers require and when they require is very important.”

    A senior manager at a manufacturing company writes, “The identification of verification-related security vulnerabilities is really important and one of the key things. It also identifies vulnerabilities for any kind of third-party tool coming into the system or any third-party tools that you are using, which is very useful for avoiding random hacking."

    Citrix Web App Firewall is a web application firewall (WAF) that protects web applications and sites from both known and unknown attacks, including application-layer and zero-day threats. Despite an ever-evolving threat landscape, Citrix Web App Firewall delivers comprehensive protection without degrading throughput or application response times. Available as a cloud solution or integrated within the Citrix ADC platform, simplified configuration controls further mitigate risk. Our pooled licensing options allow you to grow incrementally and scale on demand.

    Sample Customers
    YIT, Salesforce, Coca-Cola, SAP, U.S. Army, Liveperson, Playtech Case Study: Liveperson Implements Innovative Secure SDLC
    NSS Labs, ICSA Labs
    Top Industries
    REVIEWERS
    Computer Software Company31%
    Financial Services Firm19%
    Comms Service Provider9%
    Manufacturing Company9%
    VISITORS READING REVIEWS
    Financial Services Firm21%
    Computer Software Company15%
    Manufacturing Company9%
    Insurance Company5%
    VISITORS READING REVIEWS
    Educational Organization57%
    Computer Software Company9%
    Financial Services Firm8%
    Government4%
    Company Size
    REVIEWERS
    Small Business38%
    Midsize Enterprise13%
    Large Enterprise50%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise11%
    Large Enterprise72%
    REVIEWERS
    Small Business36%
    Large Enterprise64%
    VISITORS READING REVIEWS
    Small Business9%
    Midsize Enterprise62%
    Large Enterprise29%
    Buyer's Guide
    Application Security Tools
    April 2024
    Download Free Report
    Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools. Updated: April 2024.
    DOWNLOAD NOW
    768,857 professionals have used our research since 2012.

    Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Citrix Web App and API Protection is ranked 20th in Web Application Firewall (WAF) with 10 reviews. Checkmarx One is rated 7.6, while Citrix Web App and API Protection is rated 8.0. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Citrix Web App and API Protection writes "Has a good graphic user interface for beginners, but lacks real-time notifications, alerts, and artificial intelligence". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Citrix Web App and API Protection is most compared with F5 Advanced WAF, Azure Front Door, Fortinet FortiWeb, AWS WAF and Akamai App and API Protector.

    We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.