We performed a comparison between Fortify on Demand and ShiftLeft based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."The most important feature of the product is to follow today's technology fast, updated rules and algorithms (of the product)."
"Being able to reduce risk overall is a very valuable feature for us."
"The user interface is good."
"The solution saves us a lot of money. We're trying to reduce exposure and costs related to remediation."
"We have the option to test applications with or without credentials."
"It's a stable and scalable solution."
"The solution scans our code and provides us with a dashboard of all the vulnerabilities and the criticality of the vulnerabilities. It is very useful that they provide right then and there all the information about the vulnerability, including possible fixes, as well as some additional documentation and links to the authoritative sources of why this is an issue and what's the correct way to deal with it."
"There is not only one specific feature that we find valuable. The idea is to integrate the solution in DevSecOps which we were able to do."
"When it comes to ShiftLeft, the most valuable feature is definitely its ease of use and cost-effectiveness."
"They could provide features for artificial intelligence similar to other vendors."
"An improvement would be the ability to get vulnerabilities flowing automatically into another system."
"We want a user-based control and role-based access for developers. We want to give limited access to developers so that it only pertains to the code that they write and scanning of the codes for any vulnerabilities as they're progressing with writing the code. As of now, the interface to give restricted access to the developers is not the best. It gives them more access than what is basically required, but we don't want over-provisioning and over-access."
"Temenos's (T-24) info basic is a separate programming interface, and such proprietary platforms and programming interfaces were not easily supported by the out-of-the-box versions of Fortify."
"Fortify on Demand could be improved with support in Russia."
"They have a release coming out, which is full of new features. Based on their roadmap, there's nothing that I would suggest for them to put in it that they haven't already suggested. However, I am a customer, so I always think the pricing is something that could be improved. I am working with them on that, and they're very flexible. They work with their customers and kind of tailor the product to the customer's needs. So far, I am very happy with what they're able to provide. Their subscriptions could use a little bit of a reworking, but that would be about it."
"I would like to see improvement in CI integration and integration with GitLab or Jenkins. It needs to be more simple."
"There is room for improvement in the integration process."
"Having support from senior management is crucial in making it mandatory for teams to collaborate with the security team throughout the development process."
Fortify on Demand is ranked 10th in Application Security Tools with 56 reviews while ShiftLeft is ranked 26th in Application Security Tools with 1 review. Fortify on Demand is rated 8.0, while ShiftLeft is rated 10.0. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of ShiftLeft writes "Effectively in identify and fix bugs early in the development lifecycle". Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Fortify WebInspect, whereas ShiftLeft is most compared with SonarQube, Black Duck and Semgrep Supply Chain.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.