We performed a comparison between Checkmarx One and Cloudflare based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable features are the easy to understand interface, and it 's very user-friendly."
"It shows in-depth code of where actual vulnerabilities are."
"The solution allows us to create custom rules for code checks."
"The most valuable feature is that it actually identifies the different criteria you can set to meet whatever standards you're trying to get your system accredited for."
"Scan reviews can occur during the development lifecycle."
"Checkmarx pinpoints the vulnerability in the code and also presents the flow of malicious input across the application."
"It gives the proper code flow of vulnerabilities and the number of occurrences."
"The user interface is excellent. It's very user friendly."
"I like Cloudflare's application gateway and DDoS protection."
"New and innovative way to protect the client's data."
"Cloudflare has many features."
"The most valuable feature is the web application firewall."
"The most valuable feature of Cloudflare is that it has a free version. They give us the free version with the anti-DDoS features and also the load balancing solution."
"Many websites require an SSL certificate because they sell stuff and want SSL. Cloudflare comes with an SSL certificate built in. It's automatic. You sign yourself up for Cloudflare, and an SSL certificate automatically protects your website. You don't necessarily need a certificate if you have a connection between your website and your host, the server, Cloudflare, and the host."
"There are key things that are used for our enterprise customers, such as Lambda and DNS."
"From what I've seen so far, there are no negatives to report as of yet"
"They could work to improve the user interface. Right now, it really is lacking."
"Implementing a blackout time for any user or teams: Needs improvement."
"The plugins for the development environment have room for improvements such as for Android Studio and X code."
"The statistics module has a function that allows you to show some statistics, but I think it's limited. Maybe it needs more information."
"We are trying to find out if there is a way to identify the run-time null values. I am analyzing different tools to check if there is any tool that supports run-time null value identification, but I don't think any of the tools in the market currently supports this feature. It would be helpful if Checkmarx can identify and throw an exception for a null value at the run time. It would make things a lot easier if there is a way for Checkmarx to identify nullable fields or hard-coded values in the code. The accessibility for customized Checkmarx rules is currently limited and should be improved. In addition, it would be great if Checkmarx can do static code and dynamic code validation. It does a lot of security-related scanning, and it should also do static code and dynamic code validation. Currently, for security-related validation, we are using Checkmarx, and for static code and dynamic code validation, we are using some other tools. We are spending money on different tools. We can pay a little extra money and use Checkmarx for everything."
"The integration could improve by including, for example, DevSecOps."
"The validation process needs to be sped up."
"The product can be improved by continuing to expand the application languages and frameworks that can be scanned for vulnerabilities. This includes expanded coverage for mobile applications as well as open-source development tools."
"It should confirm audit findings of the assigned area with auditees to ensure that the audit conclusions are based on an accurate understanding of the issues."
"There should be a specific price list for enterprise-level customers."
"We're facing challenges due to an upgrade in the machine learning model. The problem arises from some users abusing the APIs, resulting in an influx of suspicious traffic. Cloudflare's learning model mistakenly identifies this traffic as human. Consequently, it assigns it a higher trust score, akin to legitimate human traffic, causing complications in our architecture. Previously, such traffic would have been categorized as suspicious, enabling us to apply appropriate blocking rules. However, we encounter difficulties distinguishing between genuine and suspicious traffic with the new categorization. Despite these challenges, overall, Cloudflare remains the preferred solution compared to Azure, AWS CloudFront, and Google Cloud Armor."
"The product support needs to be accessible from more places, a wider area of coverage."
"If they improve on the placement of their data centers, it would be better. I'm living in a remote area. I would like to connect to them without any kind of lag."
"For the free and Pro plans, Cloudflare could use a simple bot to provide information to users. This would improve support, especially for less advanced users who utilize the free components."
"In the last two years, there has been a certain amount of downtime when using the VDM."
"It should be easier to collect the logs with companies like Sumo. However, based on my discussions with the salespeople, I understand that's how they make their money. With the enterprise product, they want people doing those kinds of enterprise features to do the logging. They want them to pay a lot of money, and that's where I have an issue with them. That should be a default. You should be able to get the log no matter what. The logging should be universal."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Cloudflare is ranked 1st in Distributed Denial of Service (DDOS) Protection with 56 reviews. Checkmarx One is rated 7.6, while Cloudflare is rated 8.4. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Cloudflare writes "It's easy to set up because you point the DNS to it, and it's working in under 15 minutes". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Cloudflare is most compared with Akamai, Azure Front Door, Imperva DDoS, Microsoft Azure Application Gateway and AWS Shield. See our Checkmarx One vs. Cloudflare report.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.