We performed a comparison between Fortify on Demand and GitLab based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution saves us a lot of money. We're trying to reduce exposure and costs related to remediation."
"This product is top-notch solution and the technology is the best on the market."
"The licensing was good."
"What stands out to me is the user-friendliness of each feature."
"t's a cloud-based solution, so there was no installation involved."
"It has saved us a lot of time as we focus primarily on programming rather than tool operational work."
"The most valuable features are the detailed reporting and the ability to set up deep scanning of the software, both of which are in the same place."
"The solution is user-friendly."
"The tool helps to integrate CI/CD pipeline deployments. It is very easy to learn. Its security model is good."
"This product is always evolving, and they listen to the customers."
"We're only using the basic features of GitLab and haven't used any advanced features. The solution works fine, so that's what we like about GitLab. We're party using GitHub and GitLab. We have a GitHub server, while we use GitLab locally or only within our team, and it works okay. We don't have any significant problems with the solution. We also found the straightforward setup, stability, and scalability of GitLab valuable."
"The important feature is the entire process of versioning source code maintenance and easy deployment. It is a necessity for the CI/CD pipeline."
"It is very flexible and easy because you can store data on cloud."
"The most valuable feature of GitLab is the automatic merging of code."
"The most valuable features of GitLab are ease of use and highly intuitive UI and performance."
"I like that you can use GitLab as a double-sided solution for both DevOps and version management. It's a good product for working in these two areas, and the user interface makes it easy to understand."
"Micro Focus Fortify on Demand could improve the reports. They could benefit from being more user-friendly and intuitive."
"With Rapid7 I utilized its reporting capabilities to deliver Client Reports within just a few minutes of checking the data. I believe that HP’s FoD Clients could sell more services to clients if HP put more effort into delivering visually pleasing reporting capabilities."
"Not fully integrated with CIT processes."
"It natively supports only a few languages. They can include support for more native languages. The response time from the support team can also be improved. They can maybe include video tutorials explaining the remediation process. The remediation process is sometimes not that clear. It would be helpful to have videos. Sometimes, the solution that the tool gives in the GUI is not straightforward to understand for the developer. At present, for any such issues, you have to create a ticket for the support team and request help from the support team."
"Fortify on Demand needs to improve its pricing."
"The vulnerability analysis does not always provide guidelines for what the developer should do in order to correct the problem, which means that the code has to be manually inspected and understood."
"The biggest deficiency is the integration with bug tracker systems. It might be better if the configuration screen presented for accessing the bug tracking systems could provide some flexibility."
"Integration to CI/CD pipelines could be improved. The reporting format could be more user friendly so that it is easy to read."
"We would like to generate document pages from the sources."
"GitLab would be improved with the addition of templates for deployment on local PCs."
"There is room for improvement in GitLab Agents."
"It could have more security integrations and the ability to check the vulnerability of the code. I don't think it is a responsibility of Gitlab, but it would be nice to have more options to integrate with."
"I rate the support from GitLab a four out of five."
"We'd always like to see better pricing on the product."
"GitLab could consider introducing a code-scanning tool. Purchasing such tools from external markets can incur charges, which might not be favorable. Integrating these features into GitLab would streamline the pipeline and make it more convenient for users."
"It would be really good if they integrated more features in application security."
Fortify on Demand is ranked 10th in Application Security Tools with 57 reviews while GitLab is ranked 7th in Application Security Tools with 70 reviews. Fortify on Demand is rated 8.0, while GitLab is rated 8.6. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Fortify WebInspect, whereas GitLab is most compared with Microsoft Azure DevOps, SonarQube, Bamboo, AWS CodePipeline and Tekton. See our Fortify on Demand vs. GitLab report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.