We performed a comparison between Checkmarx One, Cloudflare, and Fortinet FortiDDoS based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."Most valuable features include: ease of use, dashboard. interface and the ability to report."
"Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%."
"The reports are very good because they include details on the code level, and make suggestions about how to fix the problems."
"The solution is always updating to continuously add items that create a level of safety from vulnerabilities. It's one of the key features they provide that's an excellent selling point. They're always ahead of the game when it comes to finding any vulnerabilities within the database."
"The UI is very intuitive and simple to use."
"The most valuable features of Checkmarx are difficult to pinpoint because of the way the functionalities and the features are intertwined, it's difficult to say which part of them I prefer most. You initiate the scan, you have a scan, you have the review set, and reporting, they all work together as one whole process. It's not like accounting software, where you have the different features, et cetera."
"The most valuable feature for me is the Jenkins Plugin."
"It's not an obstacle for developers. They can easily write their code and make it more secure with Checkmarx."
"New and innovative way to protect the client's data."
"The simplicity of the overall dashboard makes it a great product for a user like me who has less understanding of the internet than a developer or other more technical people. It gives me peace of mind. I also love the easy customization of the Page Rules."
"The most valuable feature is the web application firewall."
"Smaller businesses have seen great ROI due to the low investment and strong performance."
"Generally, I am satisfied with this product."
"The solution provides good load balancing and protection against DDoS attacks."
"Cloudflare has many features."
"There are key things that are used for our enterprise customers, such as Lambda and DNS."
"The solution is very user-friendly and very easy to use."
"It allows me to see all the traffic on my network."
"The product allows the users to adjust the thresholds."
"It is a user-friendly product in terms of monitoring and updating policies."
"The most valuable feature is the cloud DDoS scrubbing capability."
"I find the interface easy to use."
"Among its key features: Detects and mitigates DDoS attacks at L3 to L7; negligible to zero false-positives; Generates and sends reports without the need for an expensive third-party solution."
"The product's initial setup phase was really easy."
"Checkmarx needs to improve the false positives and provide more accuracy in identifying vulnerabilities. It misses important vulnerabilities."
"They should make it more container-friendly and optimized for the CI pipeline. They should make it a little less heavy. Right now, it requires a SQL database, and the way the tool works is that it has an engine and then it has an analysis database in which it stores the information. So, it is pretty heavy from that perspective because you have to have a full SQL Server. They're working on something called Checkmarx Light, which is a slim-down version. They haven't released it yet, but that's what we need. There should be something a little more slimmed down that can just run the analysis and output the results in a format that's readable as opposed to having a full, really big, and thick deployment with a full database server."
"The product can be improved by continuing to expand the application languages and frameworks that can be scanned for vulnerabilities. This includes expanded coverage for mobile applications as well as open-source development tools."
"The resolutions should also be provided. For example, if the user faces any problem regarding an installation due to the internal security policies of their company, there should be a resolution offered."
"Checkmarx could be improved with more integration with third-party software."
"The integration could improve by including, for example, DevSecOps."
"Checkmarx could improve the solution reports and false positives. The false positives could be reduced. For example, we have alerts that are tagged as vulnerabilities but when you drill down they are not."
"Checkmarx reports many false positives that we need to manually segregate and mark “Not exploitable”."
"It should have easier documentation for the configuration. It's very technical and people who aren't technical should also be able to do the configuration."
"The reporting can definitely be improved to offer a lot more explanation on something that may have happened or has actually happened."
"Cloudflare could offer a better view or maybe dashboards of the main resources used in the client."
"The pricing could be improved."
"The product support needs to be accessible from more places, a wider area of coverage."
"We are a product integrator and reseller, and we would like to have a better partner relationship, similar to a channel sales relationship. Sometimes we are on our own or get diverted by Cloudflare because they have direct sales, which competes with us and makes it difficult to build a relationship with this company since we want to be an MSP or a managed service provider for the solution."
"They lack a good way to manage DNS as a company, since everything is relegated to single account logins until you get to the higher levels. They have come out with a paid feature to remedy this, but I have not had a chance to fully review it yet to know if it fixes the access problem."
"The product needs to improve its automation."
"The tool needs to focus more on the area of application traffic management, where it currently has some shortcomings."
"All the thresholds that need to be configured should be included in the default so that user will not forget or misconfigure."
"The product’s pricing needs improvement."
"Alerts and reporting features must be improved."
"I would like to see analytics, big data."
"I find that there have been issues in the past year with the solution hanging. It freezes often."
"The only thing they need to do is to automate it. Today, you must create tools that do not require the use of an expert or anyone with special skills."
"The primary area for improvement is the on-premises capacity limit, currently fixed at 10 GB."
