Fortify WebInspect Review

Easy to use and has good cost/value


What is our primary use case?

We use WebInspect for dynamic application security testing, and integrating that into all our needs.

What is most valuable?

In terms of its most valuable features, it is scalable and very easy to use.

What needs improvement?

Right now, it's kind of bulky. There are a lot of newer generation tools coming out that are easier.

Also, when it comes to the installation and deployment, they inspect the enterprise. It was ok with the scale, but still I think they can make it a little lighter in nature.

For how long have I used the solution?

I have been using WebInspect for around six, seven years.

What do I think about the stability of the solution?

It's quite a stable product.

What do I think about the scalability of the solution?

WebInspect is a scalable product. We have users in the double digits, around 10-15 users. At any time there are a couple of project users, so I would say around eight to ten.

We require one person maximum for deployment and maintenance.

How are customer service and technical support?

I have been satisfied with my experience with the customer support.

Which solution did I use previously and why did I switch?

I previously used AppScan. We switched due to an overall change in our organization in Azure. IBM sold this to HCL so there is no IBM grant attached to it.

How was the initial setup?

The installation could be a bit easier. Usually it's simple to use, but the installation is painful and a bit laborious and complex.

The first time we deployed it, it really took awhile because of some issues on our side and on their side. Installation can last for more than three days.

What about the implementation team?

Our team implemented it along with some of the other professional departments.

Which other solutions did I evaluate?

We did evaluate AppScan for this task. Both solutions are good. We also evaluated Oracle of course, but it is purely a SaaS solution and that's the reason it was not considered.

What other advice do I have?

Yes, I would recommend WebInspect. It is a good product, comparable to AppScan. It is quite scalable, and good cost/value with the support and backing from Micro Focus. It's good and I definitely recommend it.

On a scale of one to ten, I would give it an eight.

Which deployment model are you using for this solution?

On-premises
**Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
More Fortify WebInspect reviews from users
...who compared it with Acunetix by Invicti
Find out what your peers are saying about Micro Focus, HCL, PortSwigger and others in Application Security Testing (AST). Updated: September 2021.
535,544 professionals have used our research since 2012.
Add a Comment
ITCS user
Guest