We performed a comparison between Checkmarx One and Imperva Bot Management based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."The solution communicates where to fix the issue for the purpose of less iterations."
"Checkmarx has helped us deliver more secure products. We are able to do static code analysis with the tool before shipping our code to production. When the integration is in the pipeline, this tool gives us early notifications on code fixes."
"The most valuable feature is the application tracking reporting."
"We use the solution for dynamic application testing."
"We were using HPE Security Fortify to scan code for security vulnerabilities, but it can scan only after a successful compile. If the code has dependencies or build errors, the scan fails. With Checkmarx, pre-compile scanning is seamless. This allows us to scan more code."
"The most valuable feature is the simple user interface."
"The reports are very good because they include details on the code level, and make suggestions about how to fix the problems."
"The solution allows us to create custom rules for code checks."
"The stability of the product is good since I haven't had any problems with the solution."
"I am impressed with the product's automatic bot mechanism. It also gives us the control to create our own custom bot rules."
"I expect application security vendors to cover all aspects of application security, including SAST, DAST, and even mobile application security testing. And it would be much better if they provided an on-premises and cloud option for all these main application security features."
"The product's reporting feature could be better. The feature works well for developers, but reports generated to be shared with external parties are poor, it lacks the details one gets when viewing the results directly from the Checkmarx One platform."
"Micro-services need to be included in the next release."
"Creating and editing custom rules in Checkmarx is difficult because the license for the editor comes at an additional cost, and there is a steep learning curve."
"Implementing a blackout time for any user or teams: Needs improvement."
"The pricing can get a bit expensive, depending on the company's size."
"Updating and debugging of queries is not very convenient."
"We are trying to find out if there is a way to identify the run-time null values. I am analyzing different tools to check if there is any tool that supports run-time null value identification, but I don't think any of the tools in the market currently supports this feature. It would be helpful if Checkmarx can identify and throw an exception for a null value at the run time. It would make things a lot easier if there is a way for Checkmarx to identify nullable fields or hard-coded values in the code. The accessibility for customized Checkmarx rules is currently limited and should be improved. In addition, it would be great if Checkmarx can do static code and dynamic code validation. It does a lot of security-related scanning, and it should also do static code and dynamic code validation. Currently, for security-related validation, we are using Checkmarx, and for static code and dynamic code validation, we are using some other tools. We are spending money on different tools. We can pay a little extra money and use Checkmarx for everything."
"The tool needs to include artificial intelligence and machine learning. It also needs to improve profiling."
"Sometimes, it takes a bit of time for the technical staff of the solution to get back to our company with a resolution for our problems."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Imperva Bot Management is ranked 4th in Bot Management with 2 reviews. Checkmarx One is rated 7.6, while Imperva Bot Management is rated 8.0. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Imperva Bot Management writes "A product that offers advanced bot detection capabilities and reporting features". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Imperva Bot Management is most compared with Cloudflare, Cequence Security, AWS WAF, Akamai Bot Manager and DataDome Real-Time Bot Protection.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.