Micro Focus Fortify on Demand Review

It addresses the source code scanning and dynamic scanning in a known, correlated way.


Valuable Features

It's one of the leaders in the application security space. I've used Fortify since 2007, and I think the most valuable feature is its ability to address the source code scanning and dynamic scanning in a known, correlated way. I think the best way to address application security is to have multiple types of scanning and a unified view for the customer.

Improvements to My Organization

It's forced the incorporation of security in the development process. That's really the biggest benefit for us.

Room for Improvement

It could use better integration with the incident management processor. This would allow us to understand the vulnerabilities that arise in the software and how they're linked to the incident management center.

Deployment Issues

The deployment has not had issues.

Stability Issues

It is a quite stable solution.

Scalability Issues

It's quite scalable and addresses a huge volume.

Customer Service and Technical Support

It's good, but could be better to align with other main vendors, such as IBM.

Initial Setup

It's not straightforward, but it's not complex either. It could also be improved.

Other Solutions Considered

I'm very familiar with IBM and Barracuda and others. I always know HP's competition, but I feel most comfortable with HP.

Other Advice

My advice would be to look not only at the software, but also at the processor and the people who will be using the software. You should buy not just the software, but also the services to train people to use it.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 Comment
Fortify Business Development at a tech vendor with 10,001+ employeesVendor

In terms of integration with SIM/SIEM solution, what do you use?

05 January 16
Guest
Sign Up with Email