We performed a comparison between Contrast Security Protect and Fortify on Demand based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product gives a few false positives. We get 99 percent true positives."
"Protect provides us with more in-depth visibility into ongoing attacks."
"The solution has excellent real-time capabilities."
"It is a very easy tool for developers to use in parallel while they're doing the coding. It does auto scanning as we are progressing with the CI/CD pipeline. It has got very simple and efficient API support."
"It has saved us a lot of time as we focus primarily on programming rather than tool operational work."
"Fortify supports most languages. Other tools are limited to Java and other typical languages. IBM's solutions aren't flexible enough to support any language. Fortify also integrates with lots of tools because it has API support."
"Almost all the features are good. This solution has simplified designing and architecting for our solutions. We were early adopters of microservices. Their documentation is good. You don't need to put in much effort in setting it up and learning stuff from scratch and start using it. The learning curve is not too much."
"The user interface is good."
"The most valuable features are the server, scanning, and it has helped identify issues with the security analysis."
"Its ability to perform different types of scans, keep everything in one place, and track the triage process in Fortify SSC stands out."
"This product is top-notch solution and the technology is the best on the market."
"Contrast Security Protect needs to improve integration."
"Protect's reporting GUI is very basic. To get all statuses from the APIs, we needed to write our own KPI dashboard to provide reports."
"There's room for improvement in the initial setup."
"New technologies and DevOps could be improved. Fortify on Demand can be slow (slower than other vendors) to support new technologies or new software versions."
"In terms of what could be improved, we need more strategic analysis reports, not just for one specific application, but for the whole enterprise. In the next release, we need more reports and more analytic views for all the applications. There is no enterprise view in Fortify. I would like enterprise views and reports."
"Integration to CI/CD pipelines could be improved. The reporting format could be more user friendly so that it is easy to read."
"Sometimes when we run a full scan, we have a bunch of issues in the code. We should not have any issues."
"We would like a reduction in the time frame of scans. It takes us three to five days to run a scan now. We would like that reduced to under three days."
"Fortify on Demand could be improved with support in Russia."
"We typically do our bulk uploads of our scans with some automation at the end of the development cycle but the scanning can take a lot of time. If you were doing all of it at regular intervals it would still consume a lot of time. This could procedure could improve."
"An improvement would be the ability to get vulnerabilities flowing automatically into another system."
Contrast Security Protect is ranked 33rd in Application Security Tools with 3 reviews while Fortify on Demand is ranked 8th in Application Security Tools with 57 reviews. Contrast Security Protect is rated 8.4, while Fortify on Demand is rated 8.0. The top reviewer of Contrast Security Protect writes "It provides us with more in-depth visibility into ongoing attacks". On the other hand, the top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". Contrast Security Protect is most compared with SonarQube, Snyk, Tenable.io Web Application Scanning and Sonatype Lifecycle, whereas Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Fortify WebInspect. See our Contrast Security Protect vs. Fortify on Demand report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.