We performed a comparison between Contrast Security Protect and Fortify on Demand based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product gives a few false positives. We get 99 percent true positives."
"The solution has excellent real-time capabilities."
"Protect provides us with more in-depth visibility into ongoing attacks."
"Each bank may have its own core banking applications with proprietary support for different programming languages. This makes Fortify particularly relevant and advantageous in those cases."
"Fortify supports most languages. Other tools are limited to Java and other typical languages. IBM's solutions aren't flexible enough to support any language. Fortify also integrates with lots of tools because it has API support."
"Its ability to perform different types of scans, keep everything in one place, and track the triage process in Fortify SSC stands out."
"We have the option to test applications with or without credentials."
"Once we have our project created with our application pipeline connected to the test scanning, it only takes two minutes. The report explaining what needs to be modified related to security and vulnerabilities in our code is very helpful. We are able to do static and dynamic code scanning."
"The most valuable features are the server, scanning, and it has helped identify issues with the security analysis."
"Almost all the features are good. This solution has simplified designing and architecting for our solutions. We were early adopters of microservices. Their documentation is good. You don't need to put in much effort in setting it up and learning stuff from scratch and start using it. The learning curve is not too much."
"Being able to reduce risk overall is a very valuable feature for us."
"Protect's reporting GUI is very basic. To get all statuses from the APIs, we needed to write our own KPI dashboard to provide reports."
"Contrast Security Protect needs to improve integration."
"There's room for improvement in the initial setup."
"There are lots of limitations with code technology. It cannot scan .net properly either."
"They could provide features for artificial intelligence similar to other vendors."
"They have very good support, but there is always room for improvement."
"An improvement would be the ability to get vulnerabilities flowing automatically into another system."
"Integration to CI/CD pipelines could be improved. The reporting format could be more user friendly so that it is easy to read."
"The products must provide better integration with build tools."
"There is room for improvement in the integration process."
"The reporting capabilities need improvement, as there are some features that we would like to have but are not available at the moment."
Contrast Security Protect is ranked 33rd in Application Security Tools with 3 reviews while Fortify on Demand is ranked 8th in Application Security Tools with 57 reviews. Contrast Security Protect is rated 8.4, while Fortify on Demand is rated 8.0. The top reviewer of Contrast Security Protect writes "It provides us with more in-depth visibility into ongoing attacks". On the other hand, the top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". Contrast Security Protect is most compared with SonarQube, Snyk, Tenable.io Web Application Scanning and Sonatype Lifecycle, whereas Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Fortify WebInspect. See our Contrast Security Protect vs. Fortify on Demand report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
