We performed a comparison between Fortify on Demand and Fortify Software Security Center based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It has saved us a lot of time as we focus primarily on programming rather than tool operational work."
"It is an extremely robust, scalable, and stable solution."
"The quality of application security testing reduces risk and gives very few false positives."
"I don’t know of any other On-Demand enterprise solution like this one where we can load the details and within a few days, receive the results of intrusion attacks, and work with HP Security Experts when needed for clarification"
"I do not remember any issues with stability."
"The most important feature of the product is to follow today's technology fast, updated rules and algorithms (of the product)."
"The static code analyzers are the most valuable features of this solution."
"There is not only one specific feature that we find valuable. The idea is to integrate the solution in DevSecOps which we were able to do."
"You can easily download the tool's rule packs and update them."
"This is a stable solution at the end of the day."
"The reporting is very useful because you can always view an entire list of the issues that you have."
"The thing that could be improved is reducing the cost of usage and including some of the most pricey features, such as dynamic analysis and that sort of functionality, which makes the difference between different types of tools."
"There is room for improvement in the integration process."
"In terms of communication, they can integrate a few more third-party tools. It would be great if we can have more options for microservice communication. They can also improve the securability a bit more because security is one of the biggest aspects these days when you are using the cloud. Some more security features would be really helpful."
"I would like to see improvement in CI integration and integration with GitLab or Jenkins. It needs to be more simple."
"This solution would be improved if the code-quality perspective were added to it, on top of the security aspect."
"The reporting capabilities need improvement, as there are some features that we would like to have but are not available at the moment."
"The solution has some issues with latency. Sometimes it takes a while to respond. This issue should be addressed."
"The vulnerability analysis does not always provide guidelines for what the developer should do in order to correct the problem, which means that the code has to be manually inspected and understood."
"We are having issues with false positives that need to be resolved."
"This solution is difficult to implement, and it should be made more comfortable for the end-users."
"Fortify Software Security Center's setup is really painful."
More Fortify Software Security Center Pricing and Cost Advice →
Fortify on Demand is ranked 9th in Static Application Security Testing (SAST) with 56 reviews while Fortify Software Security Center is ranked 27th in Static Application Security Testing (SAST) with 3 reviews. Fortify on Demand is rated 8.0, while Fortify Software Security Center is rated 7.4. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Fortify Software Security Center writes "A fair-priced solution that helps with application security testing ". Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Sonatype Lifecycle, whereas Fortify Software Security Center is most compared with Tricentis Tosca, Checkmarx One and Fortify WebInspect. See our Fortify Software Security Center vs. Fortify on Demand report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.