It's saved us a lot of time as we focus primarily on security consultancy work rather than tool operational work.
Also, the features SAST, DAST, Dashboard/Reports, Fortify on Demand Portal and Vulnerability Tracking, have all helped with our work.
Finally, it's reduced operational costs as we minimized security incidents and ensured all vulnerabilities are remediated during the development lifecycle.
Improvements to My Organization
The results it provides are more than 95% accurate, helping us to focus on the right things first.
Our new software procurement process benefited as well as we use this as a central control to provide security assurance and evaluate the quality of our deliverables.
Its ease-of-use has influenced developer behavior and enabled them to follow security principles.
Room for Improvement
It would be useful if they could integrate secure design reviews, security user stories in Fortify on Demand Portal, and also look for possible options to get just one view of risks for given services (Covering Application, Infrastructure, Pen. Test, etc.).
Use of Solution
We've had no issues with deployment.
It’s a very stable product. We've had no issues with instability.
It’s scaled for our needs. We've had no issues with un-scalability.
Customer Service and Technical Support
Customer service is excellent. Technical Support
The technical support is very good.
We've used various other tools, including the Fortify on-premise solution. We chose Fortify on Demand as it is cost effective, scalable, easy to deploy, and helps us to manage our vulnerabilities centrally.
The initial setup was very easy and straightforward. We were able to roll out this service to all our business units.
We performed the installation in-house.
Pricing, Setup Cost and Licensing
There is no setup cost as it is an on-demand solution. However, if there is any firewall change required for an internal application, we would need to raise that from our end.
Other Solutions Considered
We considered SonarQube, MSFox, and CodeInspect.
Fully utilize this product and its feature as it covers almost everything required for software security assurance.
Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
May 15 2016