We performed a comparison between Fortify on Demand and GitHub based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I don’t know of any other On-Demand enterprise solution like this one where we can load the details and within a few days, receive the results of intrusion attacks, and work with HP Security Experts when needed for clarification"
"I do not remember any issues with stability."
"Its ability to perform different types of scans, keep everything in one place, and track the triage process in Fortify SSC stands out."
"The feature that I find the most useful is being able to just see the vulnerabilities online while checking the code and then checking suggestions for fixing them."
"It is a very easy tool for developers to use in parallel while they're doing the coding. It does auto scanning as we are progressing with the CI/CD pipeline. It has got very simple and efficient API support."
"The installation was easy."
"While using Micro Focus Fortify on Demand we have been very happy with the results and findings."
"This product is top-notch solution and the technology is the best on the market."
"The code sharing and updated history are valuable features."
"It is really simple to set up."
"GitHub provides the SFH key to protect our passwords and connection."
"GitHub provides good time reduction and this is what I value the most."
"During our use of GitHub, we have not encountered any problems and GitHub adds new features frequently."
"We are finding GitHub is very stable."
"I'm able to access any repository that I like, whether it's public or private."
"GitHub's version control is valuable."
"Fortify on Demand could be improved with support in Russia."
"If you have a continuous integration in place, for example, and you want it to run along with your build and you want it to be fast, you're not going to get it. It adds to your development time."
"I would like the solution to add AI support."
"It could have a little bit more streamlined installation procedure. Based on the things that I've done, it could also be a bit more automated. It is kind of taking a bunch of different scanners, and SSC is just kind of managing the results. The scanning doesn't really seem to be fully integrated into the SSC platform. More automation and any kind of integration in the SSC platform would definitely be good. There could be a way to initiate scans from SSC and more functionality on the server-side to initiate desk scans if it is not already available."
"Primarily for a complex, advanced website, they don't really understand some of the functionalities. So for instance, they could tell us that there is a vulnerability because somebody could possibly do something, but they don't really understand the code to realize that we actually negate that vulnerability through some other mechanism in the program. In addition, the technical support is just not there. We have open tickets. They don't respond. Even if they respond, we're not seeing eye to eye. As the company got sold and bought, the support got worse."
"There's a bit of a learning curve. Our development team is struggling with following the rules and following the new processes."
"There were some regulated compliances, which were not there."
"There are many false positives identified by the solution."
"The solution needs some more controls for deleting code."
"I would like a more graphical, user-friendly UI, to avoid writing so much code on cmd."
"The initial setup requires heavy documentation which can be challenging for new developers."
"We would like this solution to have a more user-friendly interface."
"Could be more user friendly."
"I would like to see more security where a plugin was available for us to update in relation to security."
"It is difficult to merge a code or restore it to an older version."
"GitHub storage is one of the main requirements and it could improve."
Fortify on Demand is ranked 10th in Application Security Tools with 56 reviews while GitHub is ranked 12th in Application Security Tools with 71 reviews. Fortify on Demand is rated 8.0, while GitHub is rated 8.6. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of GitHub writes "Beneficial version control and continuous integration, but guides would be helpful". Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Tenable.io Web Application Scanning, whereas GitHub is most compared with Snyk, AWS CodeCommit, Bitbucket, Atlassian SourceTree and Checkmarx One. See our Fortify on Demand vs. GitHub report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
