We performed a comparison between Checkmarx One and Microsoft Azure Application Gateway based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."The report function is the solution's greatest asset."
"It shows in-depth code of where actual vulnerabilities are."
"The features and technologies are very good. The flexibility and the roadmap have also been very good. They're at the forefront of delivering the additional capabilities that are required with cloud delivery, etc. Their ability to deliver what customers require and when they require is very important."
"The most valuable features of Checkmarx are the SCA module and the code-checking module. Additionally, the solutions are explanatory and helpful."
"I like that you don't have to compile the code in order to execute static code analysis. So, it's very handy."
"The solution is scalable, but other solutions are better."
"We were using HPE Security Fortify to scan code for security vulnerabilities, but it can scan only after a successful compile. If the code has dependencies or build errors, the scan fails. With Checkmarx, pre-compile scanning is seamless. This allows us to scan more code."
"The reports are very good because they include details on the code level, and make suggestions about how to fix the problems."
"Good customization; able to report and take action on alerts."
"Some of the key features of this solution are the low-level maintenance required, floating proxy service, and load balancing."
"The security feature in all the layers of the application is the most valuable."
"The solution was very easy to configure. It wasn't hard at all to adjust it to our needs."
"The simplicity of the solution and its ability to integrate easily with others are its most valuable aspects."
"The production is a valuable feature."
"It has a filter available, although we are not currently using it because it is not part of our requirements. But it is a good option and when it becomes part of our requirements we will definitely use it."
"The solution's most valuable feature is an HTTP solution and SSL certificate. It is also easy to use."
"Its pricing model can be improved. Sometimes, it is a little complex to understand its pricing model."
"Checkmarx could improve the REST APIs by including automation."
"I expect application security vendors to cover all aspects of application security, including SAST, DAST, and even mobile application security testing. And it would be much better if they provided an on-premises and cloud option for all these main application security features."
"They could work to improve the user interface. Right now, it really is lacking."
"The resolutions should also be provided. For example, if the user faces any problem regarding an installation due to the internal security policies of their company, there should be a resolution offered."
"Licensing models and Swift language support are the aspects in which this product needs to improve. Swift is a new language, in which major customers require support for lower prices."
"I would like the product to include more debugging and developed tools. It needs to also add enhancements on the coding side."
"The integration could improve by including, for example, DevSecOps."
"It could be more stable, and support could be better. It would also be better if they offered more features. For example, it lacks security features. Before we used another English solution, and we realized that some of the rules were not set up correctly and passed through the Application Gateway's English controllers. But the problem, in this case, is if you send ten rules, for example, six rules hit some issues. IP address blocking could be better. The rules, for example, don't work properly. If you have one issue, one rule or another rule will not work. This sounds like total madness to me."
"One of the challenges we faced was the solution does not support any other PCP protocols apart from HTTP and HTTPS."
"The solution should provide more security for certificate-based services so that we can implement more security on that."
"The solution is easy to use overall, but the dashboard could be updated with a better layout and graphical design so that we can see the data a bit easier. Microsoft could also add more documentation. The documentation Microsoft provides doesn't tell us about resource requirements. We found that the instances we had weren't sufficient to support the firewall, so we had to increase them."
"The increased security that we are considering is because of some of the things that the security team has brought to our attention. They have pointed out that we would most likely require a better web application firewall than Azure Application Gateway."
"It could be easier to change servicing."
"The graphical interface needs improvement because it is not user friendly."
"The working speed of the solution needs improvement."
More Microsoft Azure Application Gateway Pricing and Cost Advice →
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Microsoft Azure Application Gateway is ranked 4th in Application Delivery Controllers (ADC) with 38 reviews. Checkmarx One is rated 7.6, while Microsoft Azure Application Gateway is rated 7.2. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Microsoft Azure Application Gateway writes "High stability with built-in rules that reduce alerts and are easy to configure". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Microsoft Azure Application Gateway is most compared with Azure Front Door, Citrix NetScaler, F5 Advanced WAF, AWS WAF and Cloudflare Web Application Firewall.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.