We performed a comparison between Checkmarx One and Microsoft Azure Application Gateway based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."Checkmarx pinpoints the vulnerability in the code and also presents the flow of malicious input across the application."
"The most valuable feature is the application tracking reporting."
"The most valuable feature for me is the Jenkins Plugin."
"The report function is the solution's greatest asset."
"The administration in Checkmarx is very good."
"The main thing we find valuable about Checkmarx is the ease of use. It's easy to initiate scans and triage defects."
"The setup is fairly easy. We didn't struggle with the process at all."
"The product's most valuable feature is static code and supply chain effect analysis. It provides a lot of visibility."
"The solution has built-in rules that reduce alerts and are easy to configure."
"I find Application Gateway’s WAF module valuable because it helps prevent layer 7 attacks."
"Good customization; able to report and take action on alerts."
"It is a scalable solution...The installation phase of Microsoft Azure Application Gateway is very easy."
"I find Application Gateway’s WAF module valuable because it helps prevent layer 7 attacks."
"It has a filter available, although we are not currently using it because it is not part of our requirements. But it is a good option and when it becomes part of our requirements we will definitely use it."
"The pricing is quite good."
"I rate Microsoft Azure Application Gateway's scalability a ten out of ten. My company has more than 1000 users who use it daily."
"The validation process needs to be sped up."
"Checkmarx needs to improve the false positives and provide more accuracy in identifying vulnerabilities. It misses important vulnerabilities."
"The lack of ability to review compiled source code. It would then be able to compete with other scanning tools, such as Veracode."
"Checkmarx being Windows only is a hindrance. Another problem is: why can't I choose PostgreSQL?"
"The solution sometimes reports a false auditable code or false positive."
"We have received some feedback from our customers who are receiving a large number of false positives."
"C, C++, VB and T-SQL are not supported by this product. Although, C and C++ were advertised as being supported."
"We are trying to find out if there is a way to identify the run-time null values. I am analyzing different tools to check if there is any tool that supports run-time null value identification, but I don't think any of the tools in the market currently supports this feature. It would be helpful if Checkmarx can identify and throw an exception for a null value at the run time. It would make things a lot easier if there is a way for Checkmarx to identify nullable fields or hard-coded values in the code. The accessibility for customized Checkmarx rules is currently limited and should be improved. In addition, it would be great if Checkmarx can do static code and dynamic code validation. It does a lot of security-related scanning, and it should also do static code and dynamic code validation. Currently, for security-related validation, we are using Checkmarx, and for static code and dynamic code validation, we are using some other tools. We are spending money on different tools. We can pay a little extra money and use Checkmarx for everything."
"The product's performance should be better."
"It does not have the flexibility for using public IPs in version 2."
"The solution doesn’t support wildcard-based and regular expression-based rules."
"The graphical interface needs improvement because it is not user friendly."
"There is room for improvement in the pricing model."
"Microsoft needs to work on their documentation."
"It takes a lot of time for a certificate to update in the system. That is a huge drawback, affecting the load-balancing side. And when there are changes to the load balancing, it affects the end-user."
"Application Gateway’s limitation is that the private and the public endpoint cannot use the same port."
More Microsoft Azure Application Gateway Pricing and Cost Advice →
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Microsoft Azure Application Gateway is ranked 4th in Application Delivery Controllers (ADC) with 41 reviews. Checkmarx One is rated 7.6, while Microsoft Azure Application Gateway is rated 7.2. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Microsoft Azure Application Gateway writes "High stability with built-in rules that reduce alerts and are easy to configure". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Microsoft Azure Application Gateway is most compared with F5 Advanced WAF, Citrix NetScaler, AWS WAF, Cloudflare Web Application Firewall and Azure Front Door.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
