We performed a comparison between Checkmarx One and Imperva DDoS based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It has all the features we need."
"Our static operation security has been able to identify more security issues since implementing this solution."
"The reports are very good because they include details on the code level, and make suggestions about how to fix the problems."
"Most valuable features include: ease of use, dashboard. interface and the ability to report."
"The solution improved the efficiency of our code security reviews. It helps tremendously because it finds hundreds of potential problems sometimes."
"The report function is the solution's greatest asset."
"The UI is very intuitive and simple to use."
"The best thing about Checkmarx is the amount of vulnerabilities that it can find compared to other free tools."
"Gives us the ability to trace each connection, and to have logs to be able to differentiate between a positive and a false-positive intruder action."
"Provides Anti-DDoS protection, as well as other protections like SQL injection, Cross-Site Scripting, and antiscanner. These types of protection are valuable to the business due to the daily attacks on our portals, and that often cannot be seen without a tool like this."
"On the activity log, I can see the exact details, the visit, and the threat."
"Imperva Incapsula has many valuable features. One, it protects the top 10 OWAS vulnerability, the open web application software platform, this is standard. Secondly, it protects against broken authentication. As well, it has remote execution of code."
"The solution has a very good interface."
"Setup was straightforward, very simple. I only entered the domain and Incapsula returned the DNS data that I needed to change for the protection to be configured."
"Imperva DDoS is fairly stable, and its availability is quite high."
"The setup of Imperva DDoS was easy."
"Meta data is always needed."
"They should make it more container-friendly and optimized for the CI pipeline. They should make it a little less heavy. Right now, it requires a SQL database, and the way the tool works is that it has an engine and then it has an analysis database in which it stores the information. So, it is pretty heavy from that perspective because you have to have a full SQL Server. They're working on something called Checkmarx Light, which is a slim-down version. They haven't released it yet, but that's what we need. There should be something a little more slimmed down that can just run the analysis and output the results in a format that's readable as opposed to having a full, really big, and thick deployment with a full database server."
"When we first ran it on a big project, there wasn't enough memory on the computer. It originally ran with eight gigabytes, and now it runs with 32. The software stopped at some point, and while I don't think it said it ran out of memory, it just said "stopped" and something else. We had to go to the logs and send them to the integrator, and eventually, they found a memory issue in the logs and recommended increasing the memory. We doubled it once, and it didn't seem enough. We doubled it again, and it helped."
"I would like to see the DAST solution in the future."
"Checkmarx could improve by reducing the price."
"The plugins for the development environment have room for improvements such as for Android Studio and X code."
"The solution sometimes reports a false auditable code or false positive."
"Checkmarx could improve the REST APIs by including automation."
"I am not sure if this application has a policy where you can create your custom policy and run it as our firewall. We should have some ability to also create some custom policy, then run it as a firewall."
"The log analytics interface within Incapsula isn't really good. For example, if you have to get all logs from there, it's a very cumbersome process."
"It would be beneficial to include vulnerability management in the solution, similar to what they have for their on-premise solution."
"The product could use a broader scope in the area of policies."
"The salespeople tend to exaggerate its capabilities, which can cost you money if you don't verify the information."
"I miss being able to integrate the dashboard with other BI tools we are using. We have to export and import data to be able to present it, and doing so is a lot of work."
"A limited tool if you're looking to customize."
"Analytics in the area of risk need to be improved to supply more information to the users for creating better environments."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Imperva DDoS is ranked 6th in Distributed Denial of Service (DDOS) Protection with 74 reviews. Checkmarx One is rated 7.6, while Imperva DDoS is rated 8.8. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Imperva DDoS writes "I like the content monitoring feature which I haven't seen in other WAF solutions". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Imperva DDoS is most compared with Cloudflare, Akamai, Arbor DDoS, Radware DefensePro and AWS WAF. See our Checkmarx One vs. Imperva DDoS report.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.