We performed a comparison between Fortify on Demand and GitHub based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."What stands out to me is the user-friendliness of each feature."
"The static code analyzers are the most valuable features of this solution."
"The vulnerability detection and scanning are awesome features."
"The SAST feature is the most valuable."
"Fortify on Demand is easy to use and the reporting is good."
"Each bank may have its own core banking applications with proprietary support for different programming languages. This makes Fortify particularly relevant and advantageous in those cases."
"The scanning capabilities, particularly for our repositories, have been invaluable."
"The installation was easy."
"The deployment is fast since we just have to run the script, and once it's done, it takes a few minutes."
"The most valuable features are GitHub are the standard features, they are very useful."
"The product's initial setup phase is easy but it is always good to connect with GitHub's team that manages APIs."
"I like the CI/CD features."
"I have found GitHub stable."
"The flexibility of this solution has been most valuable. It operates on a pay per use basis where you can ramp up or decrease usage."
"The product helps our team collaborate across different locations."
"The initial setup was straightforward."
"The solution has some issues with latency. Sometimes it takes a while to respond. This issue should be addressed."
"The vulnerability analysis does not always provide guidelines for what the developer should do in order to correct the problem, which means that the code has to be manually inspected and understood."
"In terms of communication, they can integrate a few more third-party tools. It would be great if we can have more options for microservice communication. They can also improve the securability a bit more because security is one of the biggest aspects these days when you are using the cloud. Some more security features would be really helpful."
"I would like to see improvement in CI integration and integration with GitLab or Jenkins. It needs to be more simple."
"It does scanning for all virtual machines and other things, but it doesn't do the scanning for containers. It currently lacks the ability to do the scanning on containers. We're asking their product management team to expand this capability to containers."
"The Visual Studio plugin seems to hang when a scan is run on big projects. I would expect some improvements there."
"We typically do our bulk uploads of our scans with some automation at the end of the development cycle but the scanning can take a lot of time. If you were doing all of it at regular intervals it would still consume a lot of time. This could procedure could improve."
"They could provide features for artificial intelligence similar to other vendors."
"It is currently only from the development perspective. It doesn't have features related to project management and testing. It is not like Azure. So, there is a lot of room for improvement. It is a version control product, and it would be good if they can come up with a complete DevOps product."
"There can be conflict issues when two developers work on the same file or line of code, and it would be great to see that improved, possibly with an AI solution."
"It would be better if the amount of storage were increased."
"The support team needs to have a well-defined SLA model since it is an area where the tool currently has some shortcomings."
"The merging features can be improved."
"There is a bit of a learning curve."
"The security point should be addressed in the next release and scaling is also an issue."
"There is a bit of a learning curve."
Fortify on Demand is ranked 8th in Application Security Tools with 57 reviews while GitHub is ranked 9th in Application Security Tools with 74 reviews. Fortify on Demand is rated 8.0, while GitHub is rated 8.6. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of GitHub writes "Beneficial version control and continuous integration, but guides would be helpful". Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and GitHub Advanced Security, whereas GitHub is most compared with Snyk, AWS CodeCommit, Bitbucket, Atlassian SourceTree and Checkmarx One. See our Fortify on Demand vs. GitHub report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.