We performed a comparison between Fortify on Demand and Fortify WebInspect based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable features are the server, scanning, and it has helped identify issues with the security analysis."
"Almost all the features are good. This solution has simplified designing and architecting for our solutions. We were early adopters of microservices. Their documentation is good. You don't need to put in much effort in setting it up and learning stuff from scratch and start using it. The learning curve is not too much."
"There is not only one specific feature that we find valuable. The idea is to integrate the solution in DevSecOps which we were able to do."
"Provides good depth of scanning and we get good results."
"t's a cloud-based solution, so there was no installation involved."
"The solution is user-friendly."
"The installation was easy."
"We have the option to test applications with or without credentials."
"When we are integrating it with SSC, we're able to scan and trace and see all of the vulnerabilities. Comparison is easy in SSC."
"The user interface is ok and it is very simple to use."
"It is scalable and very easy to use."
"Good at scanning and finding vulnerabilities."
"The most valuable feature is the static analysis."
"There are lots of small settings and tools, like an HTTP editor, that are very useful."
"The solution is easy to use."
"I've found the centralized dashboard the most valuable. For the management, it helps a lot to have abilities at the central level."
"Not fully integrated with CIT processes."
"We have some stability issues, but they are minimal."
"It could have a little bit more streamlined installation procedure. Based on the things that I've done, it could also be a bit more automated. It is kind of taking a bunch of different scanners, and SSC is just kind of managing the results. The scanning doesn't really seem to be fully integrated into the SSC platform. More automation and any kind of integration in the SSC platform would definitely be good. There could be a way to initiate scans from SSC and more functionality on the server-side to initiate desk scans if it is not already available."
"There are many false positives identified by the solution."
"An improvement would be the ability to get vulnerabilities flowing automatically into another system."
"Temenos's (T-24) info basic is a separate programming interface, and such proprietary platforms and programming interfaces were not easily supported by the out-of-the-box versions of Fortify."
"Micro Focus Fortify on Demand can improve by having more graphs. For example, to show the improvement of the level of security."
"It lacks of some important features that the competitors have, such as Software Composition Analysis, full dead code detection, and Agile Alliance's Best Practices and Technical Debt."
"Our biggest complaint about this product is that it freezes up, and literally doesn't work for us."
"The scanner could be better."
"The installation could be a bit easier. Usually it's simple to use, but the installation is painful and a bit laborious and complex."
"Fortify WebInspect's shortcoming stems from the fact that it is a very expensive product in Korea, which makes it difficult for its potential customers to introduce the product in their IT environment."
"I'm not sure licensing, but on the pricing, it's a bit costly. It's a bit overpriced. Though it is an enterprise tool, there are other tools also with similar functionalities."
"Creating reports is very slow and it is something that should be improved."
"We have had a problem with authentification."
"One thing I would like to see them introduce is a cloud-based platform."
Fortify on Demand is ranked 11th in Application Security Tools with 56 reviews while Fortify WebInspect is ranked 2nd in Dynamic Application Security Testing (DAST) with 17 reviews. Fortify on Demand is rated 8.0, while Fortify WebInspect is rated 7.0. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Fortify WebInspect writes "A powerful tool catering to multiple use cases that provides reasonably good technical support". Fortify on Demand is most compared with SonarQube, Checkmarx One, Veracode, Coverity and Snyk, whereas Fortify WebInspect is most compared with PortSwigger Burp Suite Professional, Acunetix, OWASP Zap, HCL AppScan and Qualys Web Application Scanning. See our Fortify WebInspect vs. Fortify on Demand report.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.