We performed a comparison between Fortify on Demand and Trustwave App Scanner [EOL] based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."Fortify on Demand is easy to use and the reporting is good."
"Speed and efficiency are great features."
"What stands out to me is the user-friendliness of each feature."
"It helps deploy and track changes easily as per time-to-time market upgrades."
"Its ability to perform different types of scans, keep everything in one place, and track the triage process in Fortify SSC stands out."
"I don’t know of any other On-Demand enterprise solution like this one where we can load the details and within a few days, receive the results of intrusion attacks, and work with HP Security Experts when needed for clarification"
"The user interface is good."
"There is not only one specific feature that we find valuable. The idea is to integrate the solution in DevSecOps which we were able to do."
"The stability is great. We haven't had any issues at all with it."
"In terms of what could be improved, we need more strategic analysis reports, not just for one specific application, but for the whole enterprise. In the next release, we need more reports and more analytic views for all the applications. There is no enterprise view in Fortify. I would like enterprise views and reports."
"In terms of communication, they can integrate a few more third-party tools. It would be great if we can have more options for microservice communication. They can also improve the securability a bit more because security is one of the biggest aspects these days when you are using the cloud. Some more security features would be really helpful."
"We typically do our bulk uploads of our scans with some automation at the end of the development cycle but the scanning can take a lot of time. If you were doing all of it at regular intervals it would still consume a lot of time. This could procedure could improve."
"We would like a reduction in the time frame of scans. It takes us three to five days to run a scan now. We would like that reduced to under three days."
"Primarily for a complex, advanced website, they don't really understand some of the functionalities. So for instance, they could tell us that there is a vulnerability because somebody could possibly do something, but they don't really understand the code to realize that we actually negate that vulnerability through some other mechanism in the program. In addition, the technical support is just not there. We have open tickets. They don't respond. Even if they respond, we're not seeing eye to eye. As the company got sold and bought, the support got worse."
"They have very good support, but there is always room for improvement."
"Micro Focus Fortify on Demand cannot be run from a Linux Agent. When we are coding the endpoint it will not work, we have to use Windows Agent. This is something they could improve."
"The reporting capabilities need improvement, as there are some features that we would like to have but are not available at the moment."
"I would like to see a little more flexibility with regards to setting up profiles for vulnerabilities."
Earn 20 points
Fortify on Demand is ranked 11th in Application Security Tools with 56 reviews while Trustwave App Scanner [EOL] doesn't meet the minimum requirements to be ranked in Application Security Tools. Fortify on Demand is rated 8.0, while Trustwave App Scanner [EOL] is rated 7.6. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Trustwave App Scanner [EOL] writes "It helps us troubleshoot failed scans and incomplete statuses". Fortify on Demand is most compared with SonarQube, Checkmarx One, Veracode, Coverity and Fortify WebInspect, whereas Trustwave App Scanner [EOL] is most compared with .
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.