We performed a comparison between Fortify on Demand and GitLab based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We have the option to test applications with or without credentials."
"The UL is easy to use compared to that of other tools, and it is highly reliable. The findings provide a lower number of false positives."
"The SAST feature is the most valuable."
"The most valuable feature is that it connects with your development platforms, such as Microsoft Information Server and Jira."
"The installation was easy."
"The vulnerability detection and scanning are awesome features."
"The licensing was good."
"It's a stable and scalable solution."
"The code merging capability is something that we use very frequently."
"The solution makes the CI/CD pipelines easy to execute."
"I like GitLab's security and SAS tools."
"I have found the most valuable feature is security control. I also like the branching and cloning software."
"GitLab's best feature is Actions."
"The most valuable features of Gitlab are integration with CIE and the ability to rapidly deploy solutions, projects, and applications. It is very easy to use, and there are no complaints."
"The solution's service delivery model is fantastic."
"The stability is good."
"The thing that could be improved is reducing the cost of usage and including some of the most pricey features, such as dynamic analysis and that sort of functionality, which makes the difference between different types of tools."
"The Visual Studio plugin seems to hang when a scan is run on big projects. I would expect some improvements there."
"The solution has some issues with latency. Sometimes it takes a while to respond. This issue should be addressed."
"Micro Focus Fortify on Demand could improve the reports. They could benefit from being more user-friendly and intuitive."
"Micro Focus Fortify on Demand could improve the user interface by making it more user-friendly."
"It lacks of some important features that the competitors have, such as Software Composition Analysis, full dead code detection, and Agile Alliance's Best Practices and Technical Debt."
"I would like to see improvement in CI integration and integration with GitLab or Jenkins. It needs to be more simple."
"They have a release coming out, which is full of new features. Based on their roadmap, there's nothing that I would suggest for them to put in it that they haven't already suggested. However, I am a customer, so I always think the pricing is something that could be improved. I am working with them on that, and they're very flexible. They work with their customers and kind of tailor the product to the customer's needs. So far, I am very happy with what they're able to provide. Their subscriptions could use a little bit of a reworking, but that would be about it."
"The solution should be more cloud-native and have more cloud-native capabilities and features."
"I believe there's room for improvement in the advanced features, particularly in enhancing the pipeline functionalities."
"GitLab can improve the integration with third-party applications. It could be made easier. Additionally, having API control from my application could be helpful."
"I would like to have some features to support peer review."
"I rate the support from GitLab a four out of five."
"The documentation is confusing."
"The tool should include a feature that helps to edit the code directly."
"I would like to see static analysis also embedded in GitLab. That would also help us. If there's something that it does internally by GitLab and then that is already tied up with your pipeline and then it can tell you that you're coding is good or your code is not great. Based on that, it would pass or fail. That should be streamlined. I would think that would help to a greater extent, in terms of having one solution rather than depending on multiple vendors."
Fortify on Demand is ranked 10th in Application Security Tools with 57 reviews while GitLab is ranked 7th in Application Security Tools with 70 reviews. Fortify on Demand is rated 8.0, while GitLab is rated 8.6. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Fortify WebInspect, whereas GitLab is most compared with Microsoft Azure DevOps, SonarQube, Bamboo, AWS CodePipeline and Tekton. See our Fortify on Demand vs. GitLab report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.