Micro Focus Fortify on Demand Review

It addresses the source code scanning and dynamic scanning in a known, correlated way.

Valuable Features

It's one of the leaders in the application security space. I've used Fortify since 2007, and I think the most valuable feature is its ability to address the source code scanning and dynamic scanning in a known, correlated way. I think the best way to address application security is to have multiple types of scanning and a unified view for the customer.

Improvements to My Organization

It's forced the incorporation of security in the development process. That's really the biggest benefit for us.

Room for Improvement

It could use better integration with the incident management processor. This would allow us to understand the vulnerabilities that arise in the software and how they're linked to the incident management center.

Deployment Issues

The deployment has not had issues.

Stability Issues

It is a quite stable solution.

Scalability Issues

It's quite scalable and addresses a huge volume.

Customer Service and Technical Support

It's good, but could be better to align with other main vendors, such as IBM.

Initial Setup

It's not straightforward, but it's not complex either. It could also be improved.

Other Solutions Considered

I'm very familiar with IBM and Barracuda and others. I always know HP's competition, but I feel most comfortable with HP.

Other Advice

My advice would be to look not only at the software, but also at the processor and the people who will be using the software. You should buy not just the software, but also the services to train people to use it.

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More Micro Focus Fortify on Demand reviews from users
...who work at a Financial Services Firm
...at Large Enterprises
...who compared it with SonarQube
Free Report: Micro Focus Fortify on Demand Reviews and More
Learn what your peers think about Micro Focus Fortify on Demand. Get advice and tips from experienced pros sharing their opinions. Updated: April 2021.
Download now
476,483 professionals have used our research since 2012.
Add a Comment
Guest
1 Comment
author avatarit_user310152 (Fortify Business Development at a tech vendor with 10,001+ employees)
Vendor

In terms of integration with SIM/SIEM solution, what do you use?

Reply Like (0)
Author
Highlights
The solution scans our code and provides us with a dashboard of all the vulnerabilities and the criticality of the vulnerabilities. It is very useful that they provide right then and there all the information about the vulnerability, including possible fixes, as well as some additional documentation and links to the authoritative sources of why this is an issue and what's the correct way to deal with it.
The static code analyzers are the most valuable features of this solution.
t's a cloud-based solution, so there was no installation involved.
This product is top-notch solution and the technology is the best on the market.
The most valuable feature is that it connects with your development platforms, such as Microsoft Information Server and Jira.
Fortify on Demand is easy to use and the reporting is good.
The feature that I find the most useful is being able to just see the vulnerabilities online while checking the code and then checking suggestions for fixing them.
See more »
Buyer's Guide
Download our free Micro Focus Fortify on Demand Report and get advice and tips from experienced pros sharing their opinions.
Download Now
Quick Links
Learn More: Questions: