Check Point CloudGuard WAF vs Fortify Application Defender comparison

Check Point Software Technologies and OpenText are both solutions in the Application Security Tools category. Check Point Software Technologies is ranked #7 with an average rating of 8.8, while OpenText is ranked #25 with an average rating of 8.0. Check Point Software Technologies holds a 0.3% mindshare in AS, compared to OpenText’s 0.8% mindshare. Additionally, 100% of Check Point Software Technologies users are willing to recommend the solution, compared to 81% of OpenText users who would recommend it.

Check Point CloudGuard WAF

Read 48 Check Point CloudGuard WAF reviews

1,844 Views
443 Comparison Views

100% willing to recommend

Fortify Application Defender

Read 11 Fortify Application Defender reviews

1,138 Views
888 Comparison Views

81% willing to recommend

Check Point CloudGuard WAF

Fortify Application Defender

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 8, 2024

Fortify Application Defender and Check Point CloudGuard WAF compete in the application security category. Check Point CloudGuard WAF is perceived as having the upper hand due to its extensive features and enhanced security posture, outweighing Fortify’s pricing and support advantages.

Features: Fortify Application Defender is known for powerful threat detection, ease of integration, and flexibility. Check Point CloudGuard WAF offers comprehensive protection, advanced threat intelligence, and enhanced security.

Room for Improvement: Fortify Application Defender is noted for needing improved reporting, scalability, and integration with additional platforms. Check Point CloudGuard WAF could enhance customization, configuration tools, and interface usability.

Ease of Deployment and Customer Service: Fortify Application Defender provides straightforward deployment and responsive support. Check Point CloudGuard WAF allows for efficient deployment but garners mixed reviews regarding customer service responsiveness.

Pricing and ROI: Fortify Application Defender offers competitive setup costs and strong ROI, appealing to budget-constrained users. Check Point CloudGuard WAF justifies higher setup costs with long-term ROI and feature richness, drawing users seeking comprehensive solutions.

To learn more, read our detailed Check Point CloudGuard WAF vs. Fortify Application Defender Report (Updated: September 2025).

Buyer's Guide

Check Point CloudGuard WAF vs. Fortify Application Defender

September 2025

Download the complete report

Helped 869,566 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Check Point CloudGuard WAF

Ranking in Application Security Tools

7th

Average Rating

8.8

Reviews Sentiment

7.6

Number of Reviews

Ranking in other categories

Web Application Firewall (WAF) (10th)

Fortify Application Defender

Ranking in Application Security Tools

25th

Average Rating

7.8

Reviews Sentiment

6.6

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of October 2025, in the Application Security Tools category, the mindshare of Check Point CloudGuard WAF is 0.3%, up from 0.1% compared to the previous year. The mindshare of Fortify Application Defender is 0.8%, up from 0.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Application Security Tools Market Share Distribution
Product	Market Share (%)
Check Point CloudGuard WAF	0.3%
Fortify Application Defender	0.8%
Other	98.9%

Application Security Tools

Featured Reviews

Dialungana Malungo

Principal Cybersecurity Specialist at Unitel S.A.

Protects our web applications and APIs and has a very low false positive rate

CloudGuard WAF is a very straightforward solution. I do not have to worry about signatures. Most of the solutions that are out there are mainly based on signatures, and I have to do a lot of maintenance to get the signature updates, and sometimes, due to a lack of resources, I am not able to do so. With CloudGuard WAF, I have peace of mind, because most of the features are AI-based, and there is not much configuration that needs to be done on my side. Once set, I only go to CloudGuard WAF to check. I do not have to worry about signatures or updates. Everything is done perfectly, and I have a sense of peace because I know our applications are safe. It is very important for us that CloudGuard WAF protects our applications against threats without relying on signatures. That is definitely one of the key features I need.

Read full review

Saroj-Patnaik

Software Development Engineer 3 at Ernst & Young

Reliable solution with excellent machine learning algorithms but expensive and lacking support

I primarily use Fortify Application Defender to assess whether our products can defend against applications Fortify Application Defender's most valuable features are machine learning algorithms, real-time remediation, and automatic vulnerability notifications. Fortify Application Defender gives…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The portal is quite intuitive."

"Check Point CloudGuard WAF works well for preemptively blocking Zero Day attacks and detecting hidden anomalies."

"Before CloudGuard, we periodically had some website issues. Since we've had CloudGuard, we've never had these issues happen again."

"The DirectStorage gives me a vision that I did not have of the check that occurs on the web servers."

"It offers good functionality of the application that is currently running."

"With CloudGuard WAF, I have peace of mind, because most of the features are AI-based, and there is not much configuration that needs to be done on my side."

"The solution preemptively blocks zero-day attacks and detects hidden anomalies effectively."

"From a security perspective, it is quite good."

More Check Point CloudGuard WAF pros

"The most valuable feature is that it analyzes data in real-time."

"The most valuable feature is the ability to automatically feed it rules what it's coupled with the WebInspect dynamic application scanning technology."

"We are able to provide out customers with a secure application after development. They are no longer left wondering if they are vulnerable to different threats within the market following deployment."

"The most valuable features of Fortify Application Defender are the code packages that are default."

"Fortify Application Defender's most valuable features are machine learning algorithms, real-time remediation, and automatic vulnerability notifications."

"The information from Fortify Application Defender on how to fix and solve issues is very good compared to other solutions."

"The product saves us cost and time."

"The tool's most valuable feature is software composition analysis. This feature works well with my .NET applications, providing a better understanding of library vulnerabilities."

More Fortify Application Defender pros

Cons

"It doesn't detect user activity like some of its competitors. It's not a vulnerability, but it's a legitimate activity that it doesn't detect. It only detects vulnerabilities or misconfigurations."

"They might be able to add more integrations."

"I would like to be able to integrate the theme of Artificial Intelligence to help review issues and to monitor and view the security issue while also suggesting and interpreting and additionally configuring solutions - basically, acting as an interpreter."

"Areas where Check Point CloudGuard WAF can improve include simple policy tuning, as the protection seems strong, though initial rule tuning can be complex."

"Pricing is high, although possibly justified by the service received."

"There are occasions when it interfaces with other systems, leading to a loss of visibility."

"I have faced issues with the tool's blocking aspects. It is hard to open or block web services due to the multitude of cloud centers. I have to do the process manually at times. We have a bug which is hard to solve."

"We are satisfied with the product because it does what we need it to do, but one thing that I would like to see improved in the product is the protection of our mobile applications. When I migrate the traffic from our mobile application to CloudGuard, we are not getting what we expected."

More Check Point CloudGuard WAF cons

"Fortify Application Defender gives a lot of false positives."

"Fortify Application Defender could improve by supporting more code languages, such as GRAAS and Groovy."

"I encountered many false positives for Python applications."

"The product should integrate industry-standard code review tools internally with its system. This would streamline the coding process, as developers wouldn't need multiple tools for code review and security checks. Many independent and open-source tools are available, from Apache to various libraries. Using multiple DevOps pipeline tools can slow the turnaround time."

"Support for older compilers/IDEs is lacking."

"The false positive rate should be lower."

"The solution could improve the time it takes to scan. When comparing it to SonarQube it does it in minutes while in Fortify Application Defender it can take hours."

"The solution is quite expensive."

More Fortify Application Defender cons

Pricing and Cost Advice

"The tool's licensing costs are yearly and competitive."

"If the pricing for the Infinity platform covers everything, it would be more straightforward. I had a hard time selling it to our CEO as a former CFO because of the differentials. There are different deltas year to year over a five-year period. It is very difficult to explain. It would be easier to digest for our executives if there was a flatter scale"

"The base solution costs approximately 30,000 euros, with an additional 2,000 euros per year for licenses and support."

"As Infiniti customers, the pricing is manageable, as we have allowances dedicated to each Check Point product. The price is not as high compared to other options I have dealt with in the past."

"The sales team or account managers from Check Point are top-notch. As I am using other products as well, my pricing was competitive compared to others."

"Check Point CloudGuard Application Security's pricing is comparable to other products in the market."

"It is not cheap, but it is worth it."

"I find the pricing to be reasonable."

More Check Point CloudGuard WAF pricing and cost advice

"The base licensing costs for the SaaS platform is about $900 USD per application, per year."

"Fortify Application Defender is very expensive."

"I rate the solution's pricing a five out of ten. It comes as an annual cloud subscription. The tool's pricing is around 50 lakhs."

"The licensing is very complex, it's project based and can range from $10,000 to $200,000+ depending on the project type and size."

"The price of this solution could be less expensive."

"The product’s price is much higher than other tools."

See which vendors are best for you

Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.

See recommendations

869,566 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

20%

Manufacturing Company

15%

Financial Services Firm

Government

Financial Services Firm

18%

Manufacturing Company

14%

Computer Software Company

13%

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	25
Midsize Enterprise	18
Large Enterprise	16

By reviewers
Company Size	Count
Small Business	3
Midsize Enterprise	1
Large Enterprise	8

Questions from the Community

What do you like most about CloudGuard for Application Security?

We have not had any incidents. We could realize its benefits immediately. We watched and monitored the traffic, and it was amazing to see the results.

See all answers

What is your experience regarding pricing and costs for CloudGuard for Application Security?

I don't know about the pricing, setup cost, or licensing for Check Point CloudGuard WAF, as I don't manage costs.

See all answers

What needs improvement with CloudGuard for Application Security?

Check Point CloudGuard WAF can be improved; initially, the setup is very complicated, and there's not a lot of documentation available, plus it didn't have something for anti-bot, but other than th...

See all answers

What do you like most about Fortify Application Defender?

I find the configuration of rules in Fortify Application Defender useful. Its integration is also easy.

See all answers

What needs improvement with Fortify Application Defender?

The product should integrate industry-standard code review tools internally with its system. This would streamline the coding process, as developers wouldn't need multiple tools for code review and...

See all answers

What is your primary use case for Fortify Application Defender?

We use the solution for fast code review. It is integrated into our DevOps pipeline.

See all answers

Comparisons

Imperva Application Security Platform vs Check Point CloudGuard WAF

Compared 19% of the time

F5 Advanced WAF vs Check Point CloudGuard WAF

Compared 14% of the time

Cloudflare Web Application Firewall vs Check Point CloudGuard WAF

Compared 12% of the time

Microsoft Azure Application Gateway vs Check Point CloudGuard WAF

Compared 11% of the time

open-appsec vs Check Point CloudGuard WAF

Compared 10% of the time

More Check Point CloudGuard WAF Competitors

Checkmarx One vs Fortify Application Defender

Compared 19% of the time

SonarQube Server (formerly SonarQube) vs Fortify Application Defender

Compared 16% of the time

Coverity Static vs Fortify Application Defender

Compared 15% of the time

Qualys Web Application Scanning vs Fortify Application Defender

Compared 12% of the time

CAST Application Intelligence Platform vs Fortify Application Defender

Compared 11% of the time

More Fortify Application Defender Competitors

Product Reports

Buyer's Guide

Check Point CloudGuard WAF

October 2025

Download Check Point CloudGuard WAF product report

Buyer's Guide

Application Security Tools

September 2025

Download Fortify Application Defender product report

Also Known As

Check Point CloudGuard Application Security, CloudGuard Application Security, CloudGuard AppSec

HPE Fortify Application Defender, Micro Focus Fortify Application Defender

Overview

Check Point CloudGuard WAF offers advanced security for web applications and APIs with features such as intrusion prevention, bot prevention, and AI-driven threat detection, ensuring organizations achieve high-level protection and efficient security management.

Check Point CloudGuard WAF integrates with APIs, providing a seamless security enhancement while reducing false positives. Its scalability supports rapid deployment, valuable for companies aiming to secure resources in clouds like AWS and Azure. Enhanced threat prevention, comprehensive compliance support, and advanced threat protection methods such as SQL injection and cross-site scripting prevention are key strengths. Despite its robust capabilities, there are opportunities for improvement, such as lower costs, improved third-party tool integration, and a more intuitive interface to enhance usability.

What are the key features of Check Point CloudGuard WAF?

Intrusion Prevention System: Effectively detects and blocks unauthorized access attempts.
Bot Prevention: Shields applications from malicious bot traffic.
AI-driven Threat Detection: Uses advanced algorithms to identify and mitigate threats.
Log Management: Offers extensive logging capabilities for tracking and analysis.
Scalability: Supports rapid deployment across different environments, including multi-cloud.

What benefits should users expect from Check Point CloudGuard WAF?

Security Efficiency: Combines high-grade protection with ease of use to simplify security management.
Cost Efficiency: Aids in effective resource utilization, minimizing overhead.
Compliance Support: Helps meet various industry standards effortlessly.
Enhanced Threat Protection: Provides robust safeguards against common web vulnerabilities.

Check Point CloudGuard WAF is predominantly applied within industries requiring stringent security standards, such as financial services, healthcare, and e-commerce. Its deployment strengthens the defense of critical APIs, facilitates compliance, and supports efficient multi-cloud security management, aligning well with evolving industry demands.

Check Point Software Technologies

Micro Focus Security Fortify Application Defender is a runtime application self-protection (RASP) solution that helps you manage and mitigate risk from homegrown or third-party applications. It provides centralized visibility into application use and abuse while protecting from software vulnerability exploits and other violations in real time.

OpenText

Sample Customers

Orange España, Paschoalotto

ServiceMaster, Saltworks, SAP

Buyer's Guide

Check Point CloudGuard WAF vs. Fortify Application Defender

September 2025

Free Report: Check Point CloudGuard WAF vs. Fortify Application Defender

Find out what your peers are saying about Check Point CloudGuard WAF vs. Fortify Application Defender and other solutions. Updated: September 2025.

DOWNLOAD NOW

869,566 professionals have used our research since 2012.

See our Check Point CloudGuard WAF vs. Fortify Application Defender report.

See our list of best Application Security Tools vendors.

We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.