We performed a comparison between Fortify on Demand and GitHub Advanced Security based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."While using Micro Focus Fortify on Demand we have been very happy with the results and findings."
"The features that I have found most valuable include its security scan, the vulnerability finds, and the web interface to search and review the issues."
"Fortify on Demand is easy to use and the reporting is good."
"The static code analyzers are the most valuable features of this solution."
"Micro Focus WebInspect and Fortify code analysis tools are fully integrated with SSC portals and can instantly register to error tracking systems, like TFS and JIRA."
"The UL is easy to use compared to that of other tools, and it is highly reliable. The findings provide a lower number of false positives."
"The solution is user-friendly. One feature I find very effective is the tool's automatic scanning capability. It scans replicas of the code developers write and automatically detects any vulnerabilities. The integration with CI/CD tools is also useful for plugins."
"Almost all the features are good. This solution has simplified designing and architecting for our solutions. We were early adopters of microservices. Their documentation is good. You don't need to put in much effort in setting it up and learning stuff from scratch and start using it. The learning curve is not too much."
"Dependency scanning is a valuable feature."
"The most valuable is the developer experience and the extensibility of the overall ecosystem."
"GitHub provides advanced security, which is why the customers choose this tool; it allows them to rely solely on GitHub as one platform for everything they need."
"The product's most valuable features are security scan, dependency scan, and cost-effectiveness."
"It ensures user passwords or sensitive information are not accidentally exposed in code or reports."
"It is a stable solution...It is a scalable solution as it can handle new applications along with the analysis part."
"Integration to CI/CD pipelines could be improved. The reporting format could be more user friendly so that it is easy to read."
"The technical support is actually a problem that needs to be addressed. Since the acquisition and merger with Hewlett Packard, it has been really hard to know who the technical or salesperson to talk to."
"It does scanning for all virtual machines and other things, but it doesn't do the scanning for containers. It currently lacks the ability to do the scanning on containers. We're asking their product management team to expand this capability to containers."
"Reporting could be improved."
"This solution would be improved if the code-quality perspective were added to it, on top of the security aspect."
"Fortify on Demand needs to improve its pricing."
"Micro Focus Fortify on Demand could improve the user interface by making it more user-friendly."
"Not fully integrated with CIT processes."
"The report limitations are the main issue."
"The deployment part of the product is an area of concern that needs to be made easier from an improvement perspective."
"The customizations are a little bit difficult."
"A more refined approach, categorizing and emphasizing specific vulnerabilities, would be beneficial."
"There could be a centralized dashboard to view reports of all the projects on one platform."
"There could be DST features included in the product."
Fortify on Demand is ranked 8th in Application Security Tools with 57 reviews while GitHub Advanced Security is ranked 16th in Application Security Tools with 6 reviews. Fortify on Demand is rated 8.0, while GitHub Advanced Security is rated 9.0. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of GitHub Advanced Security writes "A tool that provides ease of integration with the set of existing codes in an infrastructure". Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Tenable.io Web Application Scanning, whereas GitHub Advanced Security is most compared with SonarQube, Snyk, Veracode, Checkmarx One and GitLab. See our Fortify on Demand vs. GitHub Advanced Security report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.