Try our new research platform with insights from 80,000+ expert users

Checkmarx One vs Fortinet FortiDDoS vs Imperva Application Security Platform comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Mindshare comparison

Application Security Tools Market Share Distribution
ProductMarket Share (%)
Checkmarx One9.9%
SonarQube16.9%
Snyk5.6%
Other67.6%
Application Security Tools
Distributed Denial-of-Service (DDoS) Protection Market Share Distribution
ProductMarket Share (%)
Fortinet FortiDDoS2.3%
Cloudflare16.6%
Arbor DDoS9.3%
Other71.8%
Distributed Denial-of-Service (DDoS) Protection
Distributed Denial-of-Service (DDoS) Protection Market Share Distribution
ProductMarket Share (%)
Imperva Application Security Platform8.2%
Cloudflare16.6%
Arbor DDoS9.3%
Other65.9%
Distributed Denial-of-Service (DDoS) Protection
 

Featured Reviews

Shahzad Shahzad - PeerSpot reviewer
Senior Solution Architect | L3+ Systems & Cloud Engineer | SRE Specialist at Canada Cloud Solution
Enable secure development workflows while identifying opportunities for faster scans and improved AI guidance
Checkmarx One is a very strong platform, but there are several areas where it can improve to support modern DevSecOps workflows even better. For example, better real-time developer guidance is needed. The IDE plugin should offer richer AI-powered auto-fixes similar to SNYK Code or GitHub Copilot Security, as current guidance is good but not deeply contextual for large-scale enterprise codebases. This matters because it reduces developer friction and accelerates shift-left adoption. More transparency control over the correlation engines is another need. The correlation engine is powerful but not fully transparent. Users want to understand why vulnerabilities were correlated or de-prioritized, which helps AppSec teams trust the prioritization logic. Faster SAST scan and more language coverage is needed since SAST scan can still be slow for very large mono-repos and there is limited deep support for new language frameworks like Rust and Go, along with advanced coverage for serverless-specific frameworks. This matters because large organizations want sub-minute scans in CI/CD as cloud-native ecosystems evolve fast. A strong API security module is another area for enhancement. API security scanning could be improved with active testing, API discovery, full Swagger, OpenAPI, drift detection, and schema-based fuzzing. This is important as API attacks are one of the biggest AppSec risks in 2025. Checkmarx One is strong, but I see a few areas for improvement including faster SAST scanning for large mono-repos, deeper language framework support, more transparent correlation logic, and stronger API security that includes discovery and runtime context. The IDE plugin could offer more AI-assisted fixes, and the SBOM lifecycle tracking can evolve further. Enhancing integration with SIEM and SOAR would also make enterprise adoption smoother, and these improvements would help developers and AppSec teams move faster with more accuracy.
MO
IT Analyst at Evapco, Inc.
Reliable protection and smooth setup enhance company security
Currently, I have two firewalls, with one located in Sorocaba, model 90D, and the other in São Paulo, model 30D. They are connected by VPN. I use the firewalls for VPN and final protection for my company, and my equipment is maintained by an internet company called Multiprox The equipment works…
reviewer1247523 - PeerSpot reviewer
Head of Sales Services Department at a comms service provider with 51-200 employees
Solution ensures website availability and proactive threat mitigation
Over the seven years, the most valuable features of Imperva DDoS that I have found are related to DDoS attacks, which are a group of attacks, and not all of them can be resolved on the endpoint level before the website. Using the web firewall before the website is a common use case to protect against malicious requests to the website. I have utilized Imperva's Intelligent Traffic Filtering feature. This feature helps me understand how the attack is progressing and what is happening inside the requests to our website. It allows me to granularly grant or deny access to certain parts of our website. This helps when we know our customers and the types of requests that can be sent from them, enabling us to block some malicious requests. Imperva DDoS has User Behavior Analytics and Threat Intelligence on its board, and this helps us to be protected proactively. Imperva DDoS connects to its database of threats, storing whole information about attacks all over the world in one simple engine. Everyone can use this feature, which can connect to this engine and get information about what is going on at the world level. That is the way to be protected at the company's level. The integration capabilities of Imperva DDoS are very easy and simple. We can run it in 2 hours.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The main thing we find valuable about Checkmarx is the ease of use. It's easy to initiate scans and triage defects."
"I have seen a return on investment from Checkmarx One."
"Checkmarx has helped us deliver more secure products. We are able to do static code analysis with the tool before shipping our code to production. When the integration is in the pipeline, this tool gives us early notifications on code fixes."
"The features and technologies are very good. The flexibility and the roadmap have also been very good. They're at the forefront of delivering the additional capabilities that are required with cloud delivery, etc. Their ability to deliver what customers require and when they require is very important."
"Overall, I use Checkmarx One as a strategic control point to improve developer velocity while strengthening application security across the full software lifecycle."
"The most valuable feature is the simple user interface."
"We use the solution to validate the source code and do SAST and security analysis."
"Checkmarx One has definitely helped us to save time and reduce the need for additional security resources, meaning employees."
"Packet inspection has been effective for mitigating DDoS attacks."
"The equipment works very well, and I have not encountered any issues with it."
"It allows me to see all the traffic on my network."
"It is a user-friendly product in terms of monitoring and updating policies."
"The product allows the users to adjust the thresholds."
"The solution already has security profiles and it can protect from DDoS attacks and other kinds of attacks."
"This solution can protect Layer 3, Layer 4 and Layer 7 attacks of applications for us."
"We have researched them all, and it's a good solution all around."
"I am impressed with the product's scalability, availability, easy management, and security. We were able to integrate the product with Azure and Sentinel."
"Provides Anti-DDoS protection, as well as other protections like SQL injection, Cross-Site Scripting, and antiscanner. These types of protection are valuable to the business due to the daily attacks on our portals, and that often cannot be seen without a tool like this."
"I like the user-friendly interface."
"We use Imperva DDoS to stop DDoS attacks and reduce the amount of unwanted queries against web services or web scraping."
"Configuration for different application sources is most valuable. We can segregate the traffic that an application is carrying and identify the sizing in Imperva."
"It fits our requirements, as well as our budget."
"Imperva WAF's strongest features are the detection of web application threats and vulnerabilities in the source code."
"There are some features that are configured by default, so even without doing much, it can still provide a level of protection."
 

Cons

"You can't use it in the continuous delivery pipeline because the scanning takes too much time."
"The solution's user interface could be improved because it seems outdated."
"Checkmarx could improve the solution reports and false positives. The false positives could be reduced. For example, we have alerts that are tagged as vulnerabilities but when you drill down they are not."
"Licensing models and Swift language support are the aspects in which this product needs to improve. Swift is a new language, in which major customers require support for lower prices."
"We have received some feedback from our customers who are receiving a large number of false positives."
"It provides us with quite a handful of false positive issues. If Checkmarx could reduce this number, it would be a great tool to use."
"The cost per user is high and should be reduced."
"There is nothing particular that I don't like in this solution. It can have more integrations, but the integrations that we would like are in the roadmap anyway, and they just need to deliver the roadmap. What I like about the roadmap is that it is going where it needs to go. If I were to look at the roadmap, there is nothing that is jumping out there that says to me, "Yeah. I'd like something else on the roadmap." What they're looking to deliver is what I would expect and forecast them to deliver."
"I find that there have been issues in the past year with the solution hanging. It freezes often."
"The solution can be a little more user-friendly and it can be more affordable."
"I would like to see analytics, big data."
"There aren't really any aspects of the solution we are unhappy with. It's been a positive experience overall."
"The primary area for improvement is the on-premises capacity limit, currently fixed at 10 GB."
"All the thresholds that need to be configured should be included in the default so that user will not forget or misconfigure."
"The web interface could be much better."
"The only thing they need to do is to automate it. Today, you must create tools that do not require the use of an expert or anyone with special skills."
"Some of the features should be included in the next release is a file integrating monitoring tool. This feature should be improved."
"I am not sure if this application has a policy where you can create your custom policy and run it as our firewall. We should have some ability to also create some custom policy, then run it as a firewall."
"It needs to be improved every time there are new attacks."
"The log analytics interface within Incapsula isn't really good. For example, if you have to get all logs from there, it's a very cumbersome process."
"The signature updates could be faster. Sometimes we have to upload signatures to the Imperva portal for checking and analysis before we can use them."
"There's always room for improvement. Occasionally, there might be false-positive alerts."
"It would be beneficial to include vulnerability management in the solution, similar to what they have for their on-premise solution."
"The cost could be lower; our end clients need to have a high budget to purchase this solution."
 

Pricing and Cost Advice

"We're using a commercial version of Checkmarx, and we paid for the solution for one year. The price is high and could be reduced."
"For around 250 users or committers, the cost is approximately $500,000."
"Checkmarx is comparatively costlier than other products, which is why some of the customers feel reluctant to go for it, though performance-wise, Checkmarx can compete with other products."
"It is a good product but a little overpriced."
"The solution is costly."
"It is the right price for quality delivery."
"The average deal size was usually anywhere between $120K to $175K on an annual basis, which could be divided across 12 months."
"Most of my customers opted for a perpetual license. They prefer to pay the highest amount up front for the perpetual license and then pay for additional support annually."
"The solution is reasonably priced."
"It's quite pricey."
"The product’s pricing needs improvement."
"For enterprise contracts you will be in touch with a dedicated account manager who will guide you regarding licensing."
"There are a couple of different licensing models."
"It's an excellent product, but it can be very costly."
"The pricing is somewhat expensive. It is actually a huge investment when compared to other countries."
"Imperva Web Application Firewall price is higher compared to other solutions. However, everything is included in the price."
"Licensing can range from one to twenty thousand dollars annually. Additionally, some features, including software support, require an annual subscription as well."
"On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a five out of ten."
"Imperva Web Application Firewall is expensive."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
881,757 professionals have used our research since 2012.
 

Comparison Review

it_user68487 - PeerSpot reviewer
Security Expert with 51-200 employees
Nov 6, 2013
CloudFlare vs Incapsula: Web Application Firewall
CloudFlare vs Incapsula: Round 2 Web Application Firewall Comparative Penetration Testing Analysis Report v1.0 Summary This document contains the results of a second comparative penetration test conducted by a team of security specialists at Zero Science Lab against two cloud-based Web…
 

Top Industries

By visitors reading reviews
Financial Services Firm
18%
Computer Software Company
10%
Manufacturing Company
10%
Government
5%
Manufacturing Company
12%
Comms Service Provider
10%
Financial Services Firm
9%
Government
7%
Financial Services Firm
12%
Computer Software Company
9%
Manufacturing Company
9%
Insurance Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business32
Midsize Enterprise9
Large Enterprise46
By reviewers
Company SizeCount
Small Business10
Large Enterprise6
By reviewers
Company SizeCount
Small Business83
Midsize Enterprise25
Large Enterprise61
 

Questions from the Community

What alternatives are there for Fortify WebInspect and Fortify SCA?
I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as ...
What do you like most about Checkmarx?
Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%.
What is your experience regarding pricing and costs for Checkmarx?
Checkmarx One is a premium solution, so budget accordingly. Make sure you understand how licensing scales with additi...
Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?
Arbor would be the best bid, apart from Arbor, Palo Alto and Fortinet have good solutions. As this is an ISP, I would...
What is your experience regarding pricing and costs for Fortinet FortiDDoS?
Fortinet FortiDDoS offers lower costs compared to other solutions. The licensing costs are annually renewed.
What needs improvement with Fortinet FortiDDoS?
There is a need for more features that protect personal information, especially given the PDP issue in Indonesia.
Which Web Application Firewall (WAF) would you recommend? R&S or Imperva?
Imperva is a strong choice, given their security focus and ongoing R&D into the product in areas such as bot mana...
What do you like most about Imperva Incapsula?
We use Imperva DDoS to stop DDoS attacks and reduce the amount of unwanted queries against web services or web scraping.
What is your experience regarding pricing and costs for Imperva DDoS?
The pricing, setup costs, and licensing of Imperva DDoS are reasonable for the amount of technical capabilities provi...
 

Also Known As

No data available
Fortinet DDoS, FortiDDos
Imperva Bot Management, Imperva Web Application Firewall, Imperva API Security
 

Overview

 

Sample Customers

YIT, Salesforce, Coca-Cola, SAP, U.S. Army, Liveperson, Playtech Case Study: Liveperson Implements Innovative Secure SDLC
Black Gold Regional Schools, Amadeus Hospitality, Jefferson County, Chunghwa Telecom, City of Boroondara, Dimension Data
Hitachi, BNZ, Bitstamp, Moz, InnoGames, BTCChina, Wix, LivePerson, Zillow and more.
Find out what your peers are saying about SonarSource Sàrl, Checkmarx, Veracode and others in Application Security Tools. Updated: February 2026.
881,757 professionals have used our research since 2012.