Micro Focus Fortify on Demand Review

It's reduced operational costs as we minimized security incidents and ensured all vulnerabilities are remediated during the development lifecycle.


Valuable Features

It's saved us a lot of time as we focus primarily on security consultancy work rather than tool operational work.

Also, the features SAST, DAST, Dashboard/Reports, Fortify on Demand Portal and Vulnerability Tracking, have all helped with our work.

Finally, it's reduced operational costs as we minimized security incidents and ensured all vulnerabilities are remediated during the development lifecycle.

Improvements to My Organization

The results it provides are more than 95% accurate, helping us to focus on the right things first.

Our new software procurement process benefited as well as we use this as a central control to provide security assurance and evaluate the quality of our deliverables.

Its ease-of-use has influenced developer behavior and enabled them to follow security principles.

Room for Improvement

It would be useful if they could integrate secure design reviews, security user stories in Fortify on Demand Portal, and also look for possible options to get just one view of risks for given services (Covering Application, Infrastructure, Pen. Test, etc.).

Use of Solution

I’ve used it since 2010.

Deployment Issues

We've had no issues with deployment.

Stability Issues

It’s a very stable product. We've had no issues with instability.

Scalability Issues

It’s scaled for our needs. We've had no issues with un-scalability.

Customer Service and Technical Support

Customer Service:

Customer service is excellent.

Technical Support:

The technical support is very good.

Previous Solutions

We've used various other tools, including the Fortify on-premise solution. We chose Fortify on Demand as it is cost effective, scalable, easy to deploy, and helps us to manage our vulnerabilities centrally.

Initial Setup

The initial setup was very easy and straightforward. We were able to roll out this service to all our business units.

Implementation Team

We performed the installation in-house.

Pricing, Setup Cost and Licensing

There is no setup cost as it is an on-demand solution. However, if there is any firewall change required for an internal application, we would need to raise that from our end.

Other Solutions Considered

We considered SonarQube, MSFox, and CodeInspect.

Other Advice

Fully utilize this product and its feature as it covers almost everything required for software security assurance.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Add a Comment
Guest

Sign Up with Email