We performed a comparison between Fortify on Demand and Fortify Software Security Center based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Provides good depth of scanning and we get good results."
"We identified a lot of security vulnerability much earlier in the development and could fix this well before the product was rolled out to a huge number of clients."
"It improves future security scans."
"The installation was easy."
"Its ability to perform different types of scans, keep everything in one place, and track the triage process in Fortify SSC stands out."
"Fortify helps us to stay updated with the newest languages and versions coming out."
"I don’t know of any other On-Demand enterprise solution like this one where we can load the details and within a few days, receive the results of intrusion attacks, and work with HP Security Experts when needed for clarification"
"The solution is very fast."
"The reporting is very useful because you can always view an entire list of the issues that you have."
"You can easily download the tool's rule packs and update them."
"This is a stable solution at the end of the day."
"Not fully integrated with CIT processes."
"We have some stability issues, but they are minimal."
"I would like to see improvement in CI integration and integration with GitLab or Jenkins. It needs to be more simple."
"We would like a reduction in the time frame of scans. It takes us three to five days to run a scan now. We would like that reduced to under three days."
"There's a bit of a learning curve. Our development team is struggling with following the rules and following the new processes."
"They have very good support, but there is always room for improvement."
"During development, when our developer makes changes to their code, they typically use GitHub or GitLab to track those changes. However, proper integration between Fortify on Demand and GitHub and GitLab is not there yet. Improved integration would be very valuable to us."
"It natively supports only a few languages. They can include support for more native languages. The response time from the support team can also be improved. They can maybe include video tutorials explaining the remediation process. The remediation process is sometimes not that clear. It would be helpful to have videos. Sometimes, the solution that the tool gives in the GUI is not straightforward to understand for the developer. At present, for any such issues, you have to create a ticket for the support team and request help from the support team."
"Fortify Software Security Center's setup is really painful."
"This solution is difficult to implement, and it should be made more comfortable for the end-users."
"We are having issues with false positives that need to be resolved."
More Fortify Software Security Center Pricing and Cost Advice →
Fortify on Demand is ranked 9th in Static Application Security Testing (SAST) with 56 reviews while Fortify Software Security Center is ranked 27th in Static Application Security Testing (SAST) with 3 reviews. Fortify on Demand is rated 8.0, while Fortify Software Security Center is rated 7.4. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Fortify Software Security Center writes "A fair-priced solution that helps with application security testing ". Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Sonatype Lifecycle, whereas Fortify Software Security Center is most compared with Tricentis Tosca, Checkmarx One and Fortify WebInspect. See our Fortify Software Security Center vs. Fortify on Demand report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.