We performed a comparison between Checkmarx One and NGINX App Protect based on real PeerSpot user reviews.
Find out what your peers are saying about Noname Security, Salt Security, F5 and others in API Security."It can integrate very well with DAST solutions. So both of them are combined into an integrated solution for customers running application security."
"The features and technologies are very good. The flexibility and the roadmap have also been very good. They're at the forefront of delivering the additional capabilities that are required with cloud delivery, etc. Their ability to deliver what customers require and when they require is very important."
"Vulnerability details is valuable."
"The SAST component was absolutely 100% stable."
"Our static operation security has been able to identify more security issues since implementing this solution."
"The solution is scalable, but other solutions are better."
"The most valuable features are the easy to understand interface, and it 's very user-friendly."
"The identification of verification-related security vulnerabilities is really important and one of the key things. It also identifies vulnerabilities for any kind of third-party tool coming into the system or any third-party tools that you are using, which is very useful for avoiding random hacking."
"The policies are flexible based on the technologies you use."
"It has the best documentation features."
"The stability of the product is very impressive since it handles 60,000 to 70,000 requests or transactions per second."
"The most valuable feature is that I can establish different services from the firewall."
"NGINX App Protect has complete control over the HTTP session."
"NGINX App Protect's best features are auto-learning, which creates a profile of applications that are deployed, bot protection, and force protection, which lets you configure your brute force policy and alert for and prevent brute force attacks."
"WAF is useful to track mitigation, inclusion, prevention, and the parametric firewall."
"The most valuable feature of NGINX App Protect is its open source."
"Implementing a blackout time for any user or teams: Needs improvement."
"We would like to be able to run scans from our local system, rather than having to always connect to the product server, which is a longer process."
"I would like to see the DAST solution in the future."
"I would like to see the tool’s pricing improved."
"Checkmarx reports many false positives that we need to manually segregate and mark “Not exploitable”."
"The interactive application security testing, or IAST, the interactive part where you're looking at an application that lives in a runtime environment on a server or virtual machine, needs improvement."
"I expect application security vendors to cover all aspects of application security, including SAST, DAST, and even mobile application security testing. And it would be much better if they provided an on-premises and cloud option for all these main application security features."
"The plugins for the development environment have room for improvements such as for Android Studio and X code."
"I encountered issues with NGINX App Protect while trying to upgrade custom rules."
"The dashboard could provide a more comprehensive view of the status of the connections."
"Areas for improvement would be if NGINX could scan for vulnerabilities and learn and update the signatures of DoS attacks."
"The configuration needs to be more flexible because it is difficult to do things that are outside of the ordinary."
"Right now, the tool doesn't provide an option revolving around update feeds, specifically the signature update option in the UI."
"The integration of NGINX App Protect could improve."
"Setting policies and parameters through the UI should be more automated because the process is manual, where we can only edit one rule at a time."
"The setup of NGINX App Protect is complex. The full process took one week to complete. Additionally, we had to change the network infrastructure platform which took one month."
Checkmarx One doesn't meet the minimum requirements to be ranked in API Security with 67 reviews while NGINX App Protect is ranked 3rd in API Security with 19 reviews. Checkmarx One is rated 7.6, while NGINX App Protect is rated 8.2. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of NGINX App Protect writes "Capable of complete automation but is costly ". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas NGINX App Protect is most compared with AWS WAF, Microsoft Azure Application Gateway, F5 Advanced WAF, Fortinet FortiWeb and Noname Security.
See our list of best API Security vendors.
We monitor all API Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.