We performed a comparison between AWS WAF and Checkmarx One based on real PeerSpot user reviews.
Find out what your peers are saying about Amazon Web Services (AWS), F5, Microsoft and others in Web Application Firewall (WAF)."The security firewall plus the features that protect against database injections or scripting,"
"We can host any DB or application on the solution."
"It is a one-click WAF with no effort needed."
"The agility is great for us in terms of cloud services in general."
"The solution's initial setup process is easy."
"The most valuable feature is the security, making sure that files are protected, preventing unauthorized users from accessing the system."
"The solution is stable."
"AWS has flexibility in terms of WAF rules."
"The report function is the solution's greatest asset."
"The process of remediating software security vulnerabilities can now be performed (ongoing) as portions of the application are being built in advance of being compiled."
"The setup is very easy. There is a lot of information in the documents which makes the install not difficult at all."
"Our static operation security has been able to identify more security issues since implementing this solution."
"It gives the proper code flow of vulnerabilities and the number of occurrences."
"The main thing we find valuable about Checkmarx is the ease of use. It's easy to initiate scans and triage defects."
"The solution allows us to create custom rules for code checks."
"We use the solution to validate the source code and do SAST and security analysis."
"I would like to see the addition of more advanced rate-limiting features in the next release. It would be beneficial to extend rate limiting beyond just web servers to the main node level."
"It's a bit difficult to apply the right rules for the right security."
"We haven't faced any problems with the solution."
"The cost management has room for improvement."
"The price could be improved."
"It is sometimes a lot of work going through the rules and making sure you have everything covered for a use case. It is just the way rules are set and maintained in this solution. Some UI changes will probably be helpful. It is not easy to find the documentation of new features. Documentation not being updated is a common problem with all services, including this one. You have different versions of the console, and the options shown in the documentation are not there. For a new feature, there is probably an announcement about being released, but when it comes out, there is no actual documentation about how to use it. This makes you either go to technical support or community, which probably doesn't have an idea either. The documentation on the cloud should be the latest one. Finding information about a specific event can be a bit challenging. For this solution, not much documentation is available in the community. It could be because it is a new tool. Whenever there is an issue, it is just not that simple to resolve, especially if you don't have premium support. You have pretty much nowhere to look around, and you just need to poke around to try and make it work right."
"They should work to define more threats, add more security, and make it more compliant with more security companies."
"It would be better if AWS WAF were more flexible. For example, if you take a third-party WAF like Imperva, they maintain the rule set, and these rule sets are constantly updated. They push security insights or new rules into the firewall. However, when it comes to AWS, it has a standard set of rules, and only those sets of rules in the application firewalls trigger alerts, block, and manage traffic. Alternative WAFs have something like bot mitigation or bot control within the WAF, but you don't have such things in AWS WAF. I will say there could have been better bot mitigation plans, there could have been better dealer mitigation plans, and there could be better-updated rule sets for every security issue which arises in web applications. In the next release, I would like to see if AWS WAF could take on DDoS protection within itself rather than being in a stand-alone solution like AWS Shield. I would also like a solution like a bot mitigation."
"You can't use it in the continuous delivery pipeline because the scanning takes too much time."
"As the solution becomes more complex and feature rich, it takes more time to debug and resolve problems. Feature-wise, we have no complaints, but Checkmarx becomes harder to maintain as the product becomes more complex. When I talk to support, it takes them longer to fix the problem than it used to."
"The plugins for the development environment have room for improvements such as for Android Studio and X code."
"Implementing a blackout time for any user or teams: Needs improvement."
"It would be really helpful if the level of confidence was included, with respect to identified issues."
"The product can be improved by continuing to expand the application languages and frameworks that can be scanned for vulnerabilities. This includes expanded coverage for mobile applications as well as open-source development tools."
"Micro-services need to be included in the next release."
"When we first ran it on a big project, there wasn't enough memory on the computer. It originally ran with eight gigabytes, and now it runs with 32. The software stopped at some point, and while I don't think it said it ran out of memory, it just said "stopped" and something else. We had to go to the logs and send them to the integrator, and eventually, they found a memory issue in the logs and recommended increasing the memory. We doubled it once, and it didn't seem enough. We doubled it again, and it helped."
AWS WAF is ranked 1st in Web Application Firewall (WAF) with 52 reviews while Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews. AWS WAF is rated 8.0, while Checkmarx One is rated 7.6. The top reviewer of AWS WAF writes "A highly stable solution that helps mitigate different kinds of bot attacks and SQL injection attacks". On the other hand, the top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". AWS WAF is most compared with Azure Web Application Firewall, Microsoft Azure Application Gateway, F5 Advanced WAF, Imperva Web Application Firewall and Cloudflare Web Application Firewall, whereas Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.