We performed a comparison between Fortify on Demand and GitHub Advanced Security based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It has saved us a lot of time as we focus primarily on programming rather than tool operational work."
"The most important feature of the product is to follow today's technology fast, updated rules and algorithms (of the product)."
"Fortify on Demand can be scaled very easily."
"The most valuable feature is the capacity to be able to check vulnerabilities during the development process. The development team can check whether the code they are using is vulnerable to some type of attack or there is some type of vulnerability so that they can mitigate it. It helps us in achieving a more secure approach towards internal applications. It is an intuitive solution. It gives all the information that a developer needs to remediate a vulnerability in the coding process. It also gives you some examples of how to remediate a vulnerability in different programming languages. This solution is pretty much what we were searching for."
"Fortify on Demand's best feature is that there's no need to install and configure it locally since it's on the cloud."
"The most valuable feature is that it connects with your development platforms, such as Microsoft Information Server and Jira."
"The vulnerability detection and scanning are awesome features."
"I don’t know of any other On-Demand enterprise solution like this one where we can load the details and within a few days, receive the results of intrusion attacks, and work with HP Security Experts when needed for clarification"
"Dependency scanning is a valuable feature."
"The product's most valuable features are security scan, dependency scan, and cost-effectiveness."
"It ensures user passwords or sensitive information are not accidentally exposed in code or reports."
"GitHub provides advanced security, which is why the customers choose this tool; it allows them to rely solely on GitHub as one platform for everything they need."
"It is a stable solution...It is a scalable solution as it can handle new applications along with the analysis part."
"The most valuable is the developer experience and the extensibility of the overall ecosystem."
"Micro Focus Fortify on Demand can improve by having more graphs. For example, to show the improvement of the level of security."
"There are many false positives identified by the solution."
"We want a user-based control and role-based access for developers. We want to give limited access to developers so that it only pertains to the code that they write and scanning of the codes for any vulnerabilities as they're progressing with writing the code. As of now, the interface to give restricted access to the developers is not the best. It gives them more access than what is basically required, but we don't want over-provisioning and over-access."
"They have a release coming out, which is full of new features. Based on their roadmap, there's nothing that I would suggest for them to put in it that they haven't already suggested. However, I am a customer, so I always think the pricing is something that could be improved. I am working with them on that, and they're very flexible. They work with their customers and kind of tailor the product to the customer's needs. So far, I am very happy with what they're able to provide. Their subscriptions could use a little bit of a reworking, but that would be about it."
"Integration to CI/CD pipelines could be improved. The reporting format could be more user friendly so that it is easy to read."
"There is room for improvement in the integration process."
"The Visual Studio plugin seems to hang when a scan is run on big projects. I would expect some improvements there."
"New technologies and DevOps could be improved. Fortify on Demand can be slow (slower than other vendors) to support new technologies or new software versions."
"There could be DST features included in the product."
"The deployment part of the product is an area of concern that needs to be made easier from an improvement perspective."
"The report limitations are the main issue."
"A more refined approach, categorizing and emphasizing specific vulnerabilities, would be beneficial."
"The customizations are a little bit difficult."
"There could be a centralized dashboard to view reports of all the projects on one platform."
Fortify on Demand is ranked 10th in Application Security Tools with 56 reviews while GitHub Advanced Security is ranked 14th in Application Security Tools with 6 reviews. Fortify on Demand is rated 8.0, while GitHub Advanced Security is rated 9.0. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of GitHub Advanced Security writes "A tool that provides ease of integration with the set of existing codes in an infrastructure". Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Fortify Software Security Center, whereas GitHub Advanced Security is most compared with SonarQube, Snyk, Veracode, Checkmarx One and GitLab. See our Fortify on Demand vs. GitHub Advanced Security report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
