We performed a comparison between Fortify on Demand and Polyspace Code Prover based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's a stable and scalable solution."
"The SAST feature is the most valuable."
"Fortify supports most languages. Other tools are limited to Java and other typical languages. IBM's solutions aren't flexible enough to support any language. Fortify also integrates with lots of tools because it has API support."
"It has saved us a lot of time as we focus primarily on programming rather than tool operational work."
"The solution is user-friendly."
"Fortify on Demand's best feature is that there's no need to install and configure it locally since it's on the cloud."
"It is an extremely robust, scalable, and stable solution."
"While using Micro Focus Fortify on Demand we have been very happy with the results and findings."
"Polyspace Code Prover has made me realize it differs from other static code analysis tools because it runs the code. So it's quite distinct in that aspect."
"The product detects memory corruptions."
"When we work on safety modules, it is mandatory to fulfill ISO 26262 compliance. Using Prover helps fulfill the standard on top of many other quality checks, like division by zero, data type casts, and null pointer dereferences."
"Polyspace Code Prover is a very user-friendly tool."
"The outputs are very reliable."
"It does scanning for all virtual machines and other things, but it doesn't do the scanning for containers. It currently lacks the ability to do the scanning on containers. We're asking their product management team to expand this capability to containers."
"The Visual Studio plugin seems to hang when a scan is run on big projects. I would expect some improvements there."
"There were some regulated compliances, which were not there."
"There are many false positives identified by the solution."
"I would like to see improvement in CI integration and integration with GitLab or Jenkins. It needs to be more simple."
"Reporting could be improved."
".NET code scanning is still dependent on building the code base before running any scan. Also, it's dependent on an IDE such as Visual Studio."
"Takes up a lot of resources which can slow things down."
"One of the main disadvantages is the time it takes to initiate the first run."
"The tool has some stability issues."
"Using Code Prover on large applications crashes sometimes."
"I'd like the data to be taken from any format."
"Automation could be a challenge."
Fortify on Demand is ranked 8th in Application Security Tools with 57 reviews while Polyspace Code Prover is ranked 23rd in Application Security Tools with 5 reviews. Fortify on Demand is rated 8.0, while Polyspace Code Prover is rated 7.6. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Polyspace Code Prover writes "A stable solution for developing software components". Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Fortify WebInspect, whereas Polyspace Code Prover is most compared with SonarQube, Coverity, Klocwork, CodeSonar and Semmle QL. See our Fortify on Demand vs. Polyspace Code Prover report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.