We performed a comparison between Checkmarx One and Symantec Web Application Firewall based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."It allows for SAST scanning of uncompiled code. Further, it natively integrates with all key repos formats (Git, TFS, SVN, Perforce, etc)."
"The solution communicates where to fix the issue for the purpose of less iterations."
"The most valuable features of Checkmarx are difficult to pinpoint because of the way the functionalities and the features are intertwined, it's difficult to say which part of them I prefer most. You initiate the scan, you have a scan, you have the review set, and reporting, they all work together as one whole process. It's not like accounting software, where you have the different features, et cetera."
"The user interface is excellent. It's very user friendly."
"Most valuable features include: ease of use, dashboard. interface and the ability to report."
"Scan reviews can occur during the development lifecycle."
"Both automatic and manual code review (CxQL) are valuable."
"The UI is very intuitive and simple to use."
"The setup was straightforward."
"The interface is user-friendly."
"The solution has an up-to-date data repository to deal with external threats."
"Checkmarx could improve the REST APIs by including automation."
"Checkmarx could improve the solution reports and false positives. The false positives could be reduced. For example, we have alerts that are tagged as vulnerabilities but when you drill down they are not."
"The product can be improved by continuing to expand the application languages and frameworks that can be scanned for vulnerabilities. This includes expanded coverage for mobile applications as well as open-source development tools."
"We want to have a holistic view of the portfolio-level dashboard and not just an individual technical project level."
"This product requires you to create your own rulesets. You have to do a lot of customization."
"One area for improvement in Checkmarx is pricing, as it's more expensive than other products."
"The product's reporting feature could be better. The feature works well for developers, but reports generated to be shared with external parties are poor, it lacks the details one gets when viewing the results directly from the Checkmarx One platform."
"When we first ran it on a big project, there wasn't enough memory on the computer. It originally ran with eight gigabytes, and now it runs with 32. The software stopped at some point, and while I don't think it said it ran out of memory, it just said "stopped" and something else. We had to go to the logs and send them to the integrator, and eventually, they found a memory issue in the logs and recommended increasing the memory. We doubled it once, and it didn't seem enough. We doubled it again, and it helped."
"Sometimes scanning slows down the endpoints."
"It would be an improvement if the management dashboards were not reliant upon Java."
"I'm not convinced that it's necessary the best solution going forward in the future."
Earn 20 points
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Symantec Web Application Firewall is ranked 38th in Web Application Firewall (WAF). Checkmarx One is rated 7.6, while Symantec Web Application Firewall is rated 8.4. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Symantec Web Application Firewall writes "An excellent up-to-date data repository handling external threats successfully". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Symantec Web Application Firewall is most compared with F5 BIG-IP Local Traffic Manager (LTM).
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.