We primarily use the solution for web applications and tests.
Fortify WebInspect Review
Easy to use with a simple deployment and good documentation
Oct 29 2020
What is our primary use case?
How has it helped my organization?
It helped us much as it's a really good automated scanner with nice number of checks.
What is most valuable?
The solution is easy to use.
The initial setup is pretty straightforward and the deployment is quick.
The solution has good documentation.
The product is a good option for enterprise-level organizations.
What needs improvement?
The scanner could be better.
The out of bounds channel is missing and it makes it hard to nail down the vulnerabilities.
For how long have I used the solution?
I hadn't been working with the solution for very long; I worked with it at my last company.
What do I think about the stability of the solution?
The first time we ran the module, it was okay, however, the next time we ran it, it almost crashed. For example, when I started the proxy, I tried to create some traffic from the application and nothing happened, but then, after that, everything began to hang. I'm not sure if this was an issue with a particular version or not. I'm not sure if it was some sort of bug.
How are customer service and technical support?
Typically, if I have an issue, I contact my internal support team. They may directly contact technical support. However, I have not done so myself. Therefore, I can't speak to their responsiveness or knowledge levels.
Which solution did I use previously and why did I switch?
I've used PortSwigger in the past, and it was a pretty good product as well.
How was the initial setup?
The initial setup is not complex. It's pretty straightforward. You just have to download it to the Microsoft server and you're done.
The total deployment may take an hour, or, at maximum, two.
What about the implementation team?
I handled the implementation myself.
Which other solutions did I evaluate?
We used Acunetix and Netsparker with Burp Suite.
What other advice do I have?
We're just customers. We don't have a business relationship with the company.
I would recommend WebInspect to enterprise-level organizations. to use. For a smaller company, I'd recommend something more automated. WebInspect has far more manual work, however, it does have good documentation.
Overall, I'd rate the solution eight out of ten.
Which deployment model are you using for this solution?
On-premises
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More Fortify WebInspect reviews from users...at Large Enterprises
...who compared it with Acunetix Vulnerability Scanner
Find out what your peers are saying about Micro Focus, HCL, PortSwigger and others in Application Security Testing (AST). Updated: February 2021.
465,623 professionals have used our research since 2012.
Author
IvanBiagi
Security Engineer at Secure Network
Real User
Top 5Highlights
Pros
The solution is easy to use.
Cons
The scanner could be better.
Product Categories
Application Security Testing (AST)Popular Comparisons
OWASP Zap
Micro Focus Fortify on Demand
PortSwigger Burp
HCL AppScan
Acunetix Vulnerability Scanner
Veracode
Qualys Web Application Scanning
Netsparker Web Application Security Scanner
Checkmarx
Rapid7 AppSpider
WhiteHat Sentinel
Contrast Security Assess
Rapid7 InsightAppSec
Buyer's Guide
Download our free Application Security Testing (AST) Report and find out what your peers are saying about Micro Focus, HCL, PortSwigger, and more!
Quick Links
Learn More: Questions: