We performed a comparison between Checkmarx One and Fortinet FortiDDoS based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."The best thing about Checkmarx is the amount of vulnerabilities that it can find compared to other free tools."
"The identification of verification-related security vulnerabilities is really important and one of the key things. It also identifies vulnerabilities for any kind of third-party tool coming into the system or any third-party tools that you are using, which is very useful for avoiding random hacking."
"The main thing we find valuable about Checkmarx is the ease of use. It's easy to initiate scans and triage defects."
"The value you can get out of the speedy production may be worth the price tag."
"From my point of view, it is the best product on the market."
"The solution is always updating to continuously add items that create a level of safety from vulnerabilities. It's one of the key features they provide that's an excellent selling point. They're always ahead of the game when it comes to finding any vulnerabilities within the database."
"The main advantage of this solution is its centralized reporting functionality, which lets us track issues, then see and report on the priorities via a web portal."
"The most valuable features of Checkmarx are difficult to pinpoint because of the way the functionalities and the features are intertwined, it's difficult to say which part of them I prefer most. You initiate the scan, you have a scan, you have the review set, and reporting, they all work together as one whole process. It's not like accounting software, where you have the different features, et cetera."
"We have researched them all, and it's a good solution all around."
"The solution already has security profiles and it can protect from DDoS attacks and other kinds of attacks."
"It is a user-friendly product in terms of monitoring and updating policies."
"The product's initial setup phase was really easy."
"The product allows the users to adjust the thresholds."
"Among its key features: Detects and mitigates DDoS attacks at L3 to L7; negligible to zero false-positives; Generates and sends reports without the need for an expensive third-party solution."
"This solution can protect Layer 3, Layer 4 and Layer 7 attacks of applications for us."
"It allows me to see all the traffic on my network."
"In terms of dashboarding, the solution could provide a little more flexibility in terms of creating more dashboards. It has some of its own dashboards that come out of the box. However, if I have to implement my own dashboards that are aligned to my organization's requirements, that dashboarding feature has limited capability right now."
"Implementing a blackout time for any user or teams: Needs improvement."
"The pricing can get a bit expensive, depending on the company's size."
"I would like the product to include more debugging and developed tools. It needs to also add enhancements on the coding side."
"They could work to improve the user interface. Right now, it really is lacking."
"They should make it more container-friendly and optimized for the CI pipeline. They should make it a little less heavy. Right now, it requires a SQL database, and the way the tool works is that it has an engine and then it has an analysis database in which it stores the information. So, it is pretty heavy from that perspective because you have to have a full SQL Server. They're working on something called Checkmarx Light, which is a slim-down version. They haven't released it yet, but that's what we need. There should be something a little more slimmed down that can just run the analysis and output the results in a format that's readable as opposed to having a full, really big, and thick deployment with a full database server."
"The reports are good, but they still need to be improved considering what the UI offers."
"If it is a very large code base then we have a problem where we cannot scan it."
"The tool needs to focus more on the area of application traffic management, where it currently has some shortcomings."
"The web interface could be much better."
"The primary area for improvement is the on-premises capacity limit, currently fixed at 10 GB."
"I find that there have been issues in the past year with the solution hanging. It freezes often."
"The only thing they need to do is to automate it. Today, you must create tools that do not require the use of an expert or anyone with special skills."
"I would like to see analytics, big data."
"Alerts and reporting features must be improved."
"There aren't really any aspects of the solution we are unhappy with. It's been a positive experience overall."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Fortinet FortiDDoS is ranked 16th in Distributed Denial of Service (DDOS) Protection with 12 reviews. Checkmarx One is rated 7.6, while Fortinet FortiDDoS is rated 8.4. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Fortinet FortiDDoS writes "Offers good technical support but has poor scalability". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Fortinet FortiDDoS is most compared with Arbor DDoS, VMware NSX, Radware DefensePro, Fortinet FortiWeb and Edgio Global CDN.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
