We performed a comparison between Acunetix and Fortify on Demand based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Our developers can run the attacks directly from their environments, desktops."
"Picks up weaknesses in our app setups."
"The scalability is good. The scalability is more than good because it can operate both as a standalone and it can be integrated as part of applications. So that really makes it a very, very versatile solution to have."
"It's very user-friendly for the testing teams. It's very easy for them to understand things and to fix vulnerabilities."
"The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning time depends on the application's code."
"The solution is highly stable."
"The vulnerability scanning option for analyzing the security loopholes on the websites is the most valuable feature of this solution."
"There is a lot of documentation on their website which makes setting it up and using it quite simple."
"It's a stable and scalable solution."
"Being able to reduce risk overall is a very valuable feature for us."
"It improves future security scans."
"The user interface is good."
"The most valuable feature is that it connects with your development platforms, such as Microsoft Information Server and Jira."
"The static code analyzers are the most valuable features of this solution."
"What stands out to me is the user-friendliness of each feature."
"The UL is easy to use compared to that of other tools, and it is highly reliable. The findings provide a lower number of false positives."
"Currently only supports web scanning."
"In terms of what needs improvement, the way the licensing model is currently is not very convenient for us because initially, when we bought it, the licensing model was very flexible, but now it restricts us."
"The solution can be improved by adding the ability to scan subdomains automatically, and by providing reports that can be exported to external databases to share with other solutions."
"When monitoring the traffic we always have issues with the bandwidth consumption and the throttling of traffic."
"The solution limits the number of scans. It would be much better if we could have unlimited scans."
"Acunetix needs to include agent analysis."
"I had some issues with the JSON parameters where it found some strange vulnerabilities, but it didn't alert the person using it or me about these vulnerabilities, e.g., an error for SQL injection."
"The jargon used makes it difficult for project managers to understand the issues, and the technical explanations used make it difficult for developers to understand issues. These things should be simplified much more. That would be very helpful for us when explaining to them what needs to be fixed. The report output needs to be simplified."
"They could provide features for artificial intelligence similar to other vendors."
"It natively supports only a few languages. They can include support for more native languages. The response time from the support team can also be improved. They can maybe include video tutorials explaining the remediation process. The remediation process is sometimes not that clear. It would be helpful to have videos. Sometimes, the solution that the tool gives in the GUI is not straightforward to understand for the developer. At present, for any such issues, you have to create a ticket for the support team and request help from the support team."
"Micro Focus Fortify on Demand could improve the user interface by making it more user-friendly."
"Micro Focus Fortify on Demand can improve by having more graphs. For example, to show the improvement of the level of security."
"It's still a little bit too complex for regular developers. It takes a little bit more time than usual. I know static code scan is not the main focus of the tool, but the overall time span to scan the code, and even to set up the code scanning, is a bit overwhelming for regular developers."
"I would like the solution to add AI support."
".NET code scanning is still dependent on building the code base before running any scan. Also, it's dependent on an IDE such as Visual Studio."
"New technologies and DevOps could be improved. Fortify on Demand can be slow (slower than other vendors) to support new technologies or new software versions."
Acunetix is ranked 17th in Application Security Tools with 26 reviews while Fortify on Demand is ranked 8th in Application Security Tools with 57 reviews. Acunetix is rated 7.6, while Fortify on Demand is rated 8.0. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, PortSwigger Burp Suite Professional, HCL AppScan and Fortify WebInspect, whereas Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Fortify WebInspect. See our Acunetix vs. Fortify on Demand report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
