We performed a comparison between Checkmarx One and Fortinet FortiADC based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."It's not an obstacle for developers. They can easily write their code and make it more secure with Checkmarx."
"The report function is the solution's greatest asset."
"The feature that I have found most valuable is that its number of false positives is less than the other security application platforms. Its ease of use is another good feature. It also supports most of the languages."
"The user interface is modern and nice to use."
"The most valuable features of Checkmarx are the SCA module and the code-checking module. Additionally, the solutions are explanatory and helpful."
"It can integrate very well with DAST solutions. So both of them are combined into an integrated solution for customers running application security."
"The main benefit to using this solution is that we find vulnerabilities in our software before the development cycle is complete."
"It shows in-depth code of where actual vulnerabilities are."
"Simple to use and easy to integrate."
"I like the solution's load balance with DNS intelligence."
"Fortinet FortiADC is a good product because each and every piece of content is monitored by it."
"The most valuable feature is the SSL offloading capacity."
"Although FortiADC has multiple features that I like, the global DNS is the most helpful. It is primarily useful for customers with huge environments and at least two data centers. FortiADC can act as your DNS server. It can check which data center has the lowest latency, and route traffic to that one. It's an intelligent DNS."
"Because ADC is the intermediary between the servers and the end-user application, it gives thorough information about the traffic, what the problem is."
"The main feature that we use is GSLB (Global Server Load Balancing). GSLB makes the customer's network more reliable by scaling applications across multiple datacenters. GSLB as a disaster recovery solution can direct traffic based on site availability."
"The GSLB, the DR side, is the best part. Because we had our main side in one city, we created another, and we had a complete MPLS over the internet. We used the GSLB and data loss for our business applications."
"Checkmarx could improve the solution reports and false positives. The false positives could be reduced. For example, we have alerts that are tagged as vulnerabilities but when you drill down they are not."
"We would like to be able to run scans from our local system, rather than having to always connect to the product server, which is a longer process."
"C, C++, VB and T-SQL are not supported by this product. Although, C and C++ were advertised as being supported."
"One area for improvement in Checkmarx is pricing, as it's more expensive than other products."
"We can run only one project at a time."
"They should make it more container-friendly and optimized for the CI pipeline. They should make it a little less heavy. Right now, it requires a SQL database, and the way the tool works is that it has an engine and then it has an analysis database in which it stores the information. So, it is pretty heavy from that perspective because you have to have a full SQL Server. They're working on something called Checkmarx Light, which is a slim-down version. They haven't released it yet, but that's what we need. There should be something a little more slimmed down that can just run the analysis and output the results in a format that's readable as opposed to having a full, really big, and thick deployment with a full database server."
"Checkmarx reports many false positives that we need to manually segregate and mark “Not exploitable”."
"It would be really helpful if the level of confidence was included, with respect to identified issues."
"FortiADC is complex to configure so the interface should be improved."
"Issues with SSL and encrypted traffic."
"Technical support and documentation could both be improved."
"The product's stability for VMs could be better."
"The L7 Persistent load-balancing algorithm has not worked for me after having tested it many times with my customer's in-house application. I'd like to suggest that the company make sure that all load-balancing algorithms work properly with most applications, even those that are in-house apps."
"Because it is so generic, the documentation requires special attention. A person who has not worked on Fortinet FortiADC or a similar product will struggle to understand what the document is trying to say. The documentation could be more specific, and more detailed."
"The initial setup could be simplified."
"The user interface could be more friendly and CLI could be more like that of Fortigate."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Fortinet FortiADC is ranked 8th in Application Delivery Controllers (ADC) with 19 reviews. Checkmarx One is rated 7.6, while Fortinet FortiADC is rated 7.8. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Fortinet FortiADC writes "High-level load balancing and routing protocols but scalability is limited to 200 gigabits". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Fortinet FortiADC is most compared with F5 BIG-IP Local Traffic Manager (LTM), Fortinet FortiWeb, Citrix NetScaler, Kemp LoadMaster and A10 Networks Thunder ADC.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.