We performed a comparison between Check Point CloudGuard WAF and Checkmarx One based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The app control is very sensitive, and the threat detection and prevention is better than other Check Point solutions. There is a centralized management console for threat protection and self-inspection."
"The most valuable feature we have found in Check Point CloudGuard WAF is its rich logging capabilities."
"It provides advanced analytics that gives each team time to prepare for any threat that might occur in the future."
"The solution offers sophisticated security techniques with unique characteristics that can be particularly valuable for the financial sector, which is where we develop apps."
"With the solution, we managed to obtain complete comprehensive visibility of the entire environment in the cloud, thus having better control of each of the resources."
"The portal is quite intuitive."
"The features I have found most valuable are the comprehensive threat prevention capabilities, automated policy management, and seamless integration with cloud environments."
"It is a highly scalable solution with a quick turnaround time for deployment and running of the software across any IT system."
"It shows in-depth code of where actual vulnerabilities are."
"The UI is very intuitive and simple to use."
"Scan reviews can occur during the development lifecycle."
"Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%."
"It allows for SAST scanning of uncompiled code. Further, it natively integrates with all key repos formats (Git, TFS, SVN, Perforce, etc)."
"The most valuable features of Checkmarx are the SCA module and the code-checking module. Additionally, the solutions are explanatory and helpful."
"We use the solution to validate the source code and do SAST and security analysis."
"Our static operation security has been able to identify more security issues since implementing this solution."
"Deeper and more transparent integration between Cloud Application Security and analysis monitoring tools could be very valuable - although the solution currently offers integrations with third-party security tools."
"CloudGuard could improve in areas such as ease of integration with Fortinet and reducing costs associated with deployment in cloud environments like Azure."
"The coding configurations can be simplified to save time for IT teams and developers."
"We would like to have a solution of this type for the administration of applications from mobile devices."
"Improving the process for handling licensing renewals would be a welcome enhancement."
"They should improve in the delivery of more detailed reports with more information."
"A feature we'd like to see in the future is something that could protect against other attack vectors, with a focus on application protection."
"You need to know exactly the system. You cannot have someone running the system if they don't have the knowledge to do so."
"I would like to see the tool’s pricing improved."
"Checkmarx is not good because it has too many false positive issues."
"We are trying to find out if there is a way to identify the run-time null values. I am analyzing different tools to check if there is any tool that supports run-time null value identification, but I don't think any of the tools in the market currently supports this feature. It would be helpful if Checkmarx can identify and throw an exception for a null value at the run time. It would make things a lot easier if there is a way for Checkmarx to identify nullable fields or hard-coded values in the code. The accessibility for customized Checkmarx rules is currently limited and should be improved. In addition, it would be great if Checkmarx can do static code and dynamic code validation. It does a lot of security-related scanning, and it should also do static code and dynamic code validation. Currently, for security-related validation, we are using Checkmarx, and for static code and dynamic code validation, we are using some other tools. We are spending money on different tools. We can pay a little extra money and use Checkmarx for everything."
"The solution sometimes reports a false auditable code or false positive."
"The resolutions should also be provided. For example, if the user faces any problem regarding an installation due to the internal security policies of their company, there should be a resolution offered."
"It provides us with quite a handful of false positive issues. If Checkmarx could reduce this number, it would be a great tool to use."
"You can't use it in the continuous delivery pipeline because the scanning takes too much time."
"Checkmarx being Windows only is a hindrance. Another problem is: why can't I choose PostgreSQL?"
Check Point CloudGuard WAF is ranked 11th in Application Security Tools with 30 reviews while Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews. Check Point CloudGuard WAF is rated 9.0, while Checkmarx One is rated 7.6. The top reviewer of Check Point CloudGuard WAF writes "Automation capabilities also help streamline security processes and smooths down API integration processes and detects API availability". On the other hand, the top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". Check Point CloudGuard WAF is most compared with SonarQube, whereas Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity. See our Check Point CloudGuard WAF vs. Checkmarx One report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.