Checkmarx vs. Cloudflare One (SASE) vs. Onapsis

If you are going with SAST process or want to improve overall security posture then go for it like integrating it with post deployment steps. If you are more concerned about proactive controls better choose other options such as pee-commit hooks and CI security. Also choose other tools for DAST and API scans.

Incentivized

I wanted to securely connect to my servers without getting tracked by malicious attackers, even though I was on public Wi-Fi. Security was my top priority, and I also wanted a setup that was easy and quick to start and provided great network performance. Cloudflare's Zero trust matches my criteria for becoming my first choice.

Incentivized

Onapsis is divided into 4 major components,

1. Assess
2. Comply
3. Defend
4. Control

In assess, it does a whitebox and blackbox testing of the ERP systems that have been added to the Onapsis console. It highlights relevant application issues and automates the process, also provides the solutions to implement the fix. In comply, it provides a governance on the various regulatory compliances which the firm has to follow, as well as provides a firm grip to the audit and ERP admin team. In control, it enables a workflow of 15 pre-defined parameter values within the SAP system and helps monitor, and track the changes made to those parameters. The capabilities are to either block, or request for an approval for changes made to those parameters in addition to just monitoring them. In defend, it goes through the SAP logs; and compares it with a pre-defined ruleset to alert the end-users via email or SIEM tool or both.

Incentivized

• Detects security vulnerabilities in source code with accuracy and detail.
• Integrates seamlessly with CI/CD pipelines, IDEs, and repositories.
• Provides clear reports and actionable fix recommendations for developers.

Incentivized

• Block access to known bad, risky, or unwanted destinations at the DNS or HTTP level.
• Excellent protection for remote users.
• Best in class browser isolation techniques.

Incentivized

• Eliminating the manual process improves the overall accuracy of results and also frees up valuable resources to focus on other different projects.
• Onapsis provides great leverage to our technical teams in order to review in a standardized way of the landscape.
• Onapsis always matches vulnerabilities with useful context and finds possible solutions.
• Onapsis is usually implemented to continuously monitor, and alert us on any issues on the SAP systems. Not only this but implementing Onapsis also eliminates the network on the year-end and month-end audits and helps in making the overall process faster, smooth, efficient as well as accurate.

Incentivized

• Scan duration
• False positives
• Integration with other tools like Jenkins comes with some inconveniences.

Incentivized

• Cloudflare still need to improve CASB direction to complete set of SASE tools.
• More integrations with the third-party agents to check device posture in the Zero Trust framework.
• More granularity in firewall rules for full replacement of on-premise solutions.

Incentivized

• Multiple UIs
• No proper customization of UI log-off
• Tedious setup of Control component
• No proper error messages received

Incentivized

Their API based customizations which I leveraged to create an ASPM package, which is developer friendly and can extend above the dashboard features, other ones are UI which is great and feels clutter free. Menu and navigation is also good so as support. Only drawback is sometimes scan takes longer which I feel so can be reduced

Incentivized

Within a few hours, new engineers are trained in basic tasks and are quite happy they are able to resolve issues independently. After SSO is configured, onboarding is as simple as signing into m365 via a web browser popup.

Incentivized

Good chat support from the portal for basic questions and minor issues. The enterprise support line is provided as well.

Checkmarx is easier to integrate with development tools and gives quick feedback during coding, which is helpful for developers. Veracode is more focused on scanning and reporting for compliance, but it’s more complex to set up. We chose Checkmarx because it fits better into our development process, offering faster scans and more useful suggestions for fixing problems

Incentivized

Cloudflare was both the most feature-rich and cost-effective of comparisons. Presales engagement understood our challenges and was keen to solve them.

Incentivized

Honestly, I havent use something like Onapsis before and currently I am not aware if there is something similiar out there. They are one of a kind and is a complete suit, so is unlikelly that someone from outside will appear with a better solution.

Incentivized

• Improved ability to provide high level of IA confidence
• Improved confidence in application-level security

Incentivized

• The cost of Cloudflare Zero trust is much lower, hence reducing spending on infrastructure security.
• The Network performance is improved thanks to Warp protocol.
• Requires less maintenance and hence saves time.

Incentivized

• It offers very reasonable packages.
• The customer support of Onapsis is reliable and efficient.
• It is a great platform as it shows a unified and easy-to-read different and complex topics in a simpler way.

Incentivized