We performed a comparison between Checkmarx One and NGINX App Protect based on real PeerSpot user reviews.
Find out what your peers are saying about Noname Security, Salt Security, Checkmarx and others in API Security."The reports are very good because they include details on the code level, and make suggestions about how to fix the problems."
"We use the solution to validate the source code and do SAST and security analysis."
"The most valuable feature is the application tracking reporting."
"I like that you don't have to compile the code in order to execute static code analysis. So, it's very handy."
"We use the solution for dynamic application testing."
"The value you can get out of the speedy production may be worth the price tag."
"The identification of verification-related security vulnerabilities is really important and one of the key things. It also identifies vulnerabilities for any kind of third-party tool coming into the system or any third-party tools that you are using, which is very useful for avoiding random hacking."
"The solution has good performance, it is able to compute in 10 to 15 minutes."
"The most valuable feature of NGINX App Protect is the reverse proxy."
"The most valuable feature of NGINX App Protect is its flexibility."
"WAF is useful to track mitigation, inclusion, prevention, and the parametric firewall."
"It is a very good tool for load balancing."
"I tested specific features and evaluated the solution against the Web Application Firewall. I conducted research to test different detection percentages. I did not use it directly for protection but for evaluation purposes."
"It is a stable solution."
"It has the best documentation features."
"The most valuable feature is that I can establish different services from the firewall."
"Implementing a blackout time for any user or teams: Needs improvement."
"The product's reporting feature could be better. The feature works well for developers, but reports generated to be shared with external parties are poor, it lacks the details one gets when viewing the results directly from the Checkmarx One platform."
"With Checkmarx, normally you need to use one tool for quality and you need to use another tool for security. I understand that Checkmarx is not in the parity space because it's totally different, but they could include some free features or recommendations too."
"I would like to see the DAST solution in the future."
"Creating and editing custom rules in Checkmarx is difficult because the license for the editor comes at an additional cost, and there is a steep learning curve."
"The product can be improved by continuing to expand the application languages and frameworks that can be scanned for vulnerabilities. This includes expanded coverage for mobile applications as well as open-source development tools."
"Integration into the SDLC (i.e. support for last version of SonarQube) could be added."
"We have received some feedback from our customers who are receiving a large number of false positives."
"Areas for improvement would be if NGINX could scan for vulnerabilities and learn and update the signatures of DoS attacks."
"NGINX App Protect could improve security."
"The product's user interface is an area with shortcomings as it can be quite confusing for users, making it an area where improvements are required."
"The integration of NGINX App Protect could improve."
"Its technical support could be better."
"Currently, the policies have to be handled manually, and you have to create from scratch, which can be a bit time-consuming, in a large environment."
"As far as scalability, it takes a long time for deployment."
"The dashboard could provide a more comprehensive view of the status of the connections."
Checkmarx One is ranked 3rd in API Security with 67 reviews while NGINX App Protect is ranked 4th in API Security with 19 reviews. Checkmarx One is rated 7.6, while NGINX App Protect is rated 8.2. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of NGINX App Protect writes "Capable of complete automation but is costly ". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas NGINX App Protect is most compared with AWS WAF, Microsoft Azure Application Gateway, F5 Advanced WAF, Fortinet FortiWeb and Cloudflare Web Application Firewall.
See our list of best API Security vendors.
We monitor all API Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.