We performed a comparison between Fortify on Demand and GitHub based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."t's a cloud-based solution, so there was no installation involved."
"Fortify supports most languages. Other tools are limited to Java and other typical languages. IBM's solutions aren't flexible enough to support any language. Fortify also integrates with lots of tools because it has API support."
"The solution is very fast."
"Fortify on Demand is easy to use and the reporting is good."
"Its ability to perform different types of scans, keep everything in one place, and track the triage process in Fortify SSC stands out."
"The most valuable features are the detailed reporting and the ability to set up deep scanning of the software, both of which are in the same place."
"The user interface is good."
"While using Micro Focus Fortify on Demand we have been very happy with the results and findings."
"The learning curve is small."
"GitHub provides the SFH key to protect our passwords and connection."
"The code versioning is excellent, and having a detailed log, including every change made to the code by every developer, is invaluable. It makes it so that if there is a bug or problem in the product channel, we can find exactly where it happened and how to fix it."
"This product is very good for storing and versioning code."
"A great feature is being able to have different repositories and different kinds of projects in a single solution at a single time. It's just a click away."
"It has a lot of features from the code development perspective. You get a lot of features such as repo, commit, merge, and branch. You can play around and do things on the fly. It is easy and simple to deploy. It is also easier to use when working from home."
"We use GitHub as a repository."
"We use GitHub instead of our regular shared drive. It offers instant access to shared folders as well as good security."
"This solution would be improved if the code-quality perspective were added to it, on top of the security aspect."
"It would be highly beneficial if Fortify on Demand incorporated runtime analysis, similar to how Contrast Security utilizes agents for proactive application security."
".NET code scanning is still dependent on building the code base before running any scan. Also, it's dependent on an IDE such as Visual Studio."
"Micro Focus Fortify on Demand cannot be run from a Linux Agent. When we are coding the endpoint it will not work, we have to use Windows Agent. This is something they could improve."
"Micro Focus Fortify on Demand can improve by having more graphs. For example, to show the improvement of the level of security."
"There are many false positives identified by the solution."
"Not fully integrated with CIT processes."
"The solution has some issues with latency. Sometimes it takes a while to respond. This issue should be addressed."
"GitHub could have better integration or capability with other solutions."
"There is a bit of a learning curve."
"Could be more user friendly."
"I think it would be valuable to have more security. Some of the data is very open to everyone."
"The GitHub repository needs an upgraded user interface and overall UI improvements."
"I would like to see more security where a plugin was available for us to update in relation to security."
"The ticketing system is not working."
"It would be better if the amount of storage were increased."
Fortify on Demand is ranked 10th in Application Security Tools with 56 reviews while GitHub is ranked 12th in Application Security Tools with 71 reviews. Fortify on Demand is rated 8.0, while GitHub is rated 8.6. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of GitHub writes "Beneficial version control and continuous integration, but guides would be helpful". Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Tenable.io Web Application Scanning, whereas GitHub is most compared with Snyk, AWS CodeCommit, Bitbucket, Atlassian SourceTree and Checkmarx One. See our Fortify on Demand vs. GitHub report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.