What is our primary use case?
When choosing a software security product, we expect the product not only has the ability to find exploits, but also has educational and instructional capabilities related to exploits. This makes both the security auditor's job easier and helps the software developer to improve himself and write safer code. Here we have seen that the Micro Focus family has exactly what we want. For this reason, we chose Micro Focus software security products. In addition, the quality of the support and updating services ensures that we gain confidence in their products.
How has it helped my organization?
In large software development teams, the most important issue related to software and application security is to identify vulnerabilities and weaknesses quickly and accurately, then to gather those findings on a common platform so they can be distributed and tracked by teams and developers.
Micro Focus WebInspect and Fortify code analysis tools are fully integrated with SSC portals and can instantly register to error tracking systems, like TFS and JIRA. This facilitates error and vulnerability management and makes the "Secure Software Development Lifecycle" work well.
What is most valuable?
The most important feature of the product is to follow today's technology fast, updated rules and algorithms (of the product). It also allows for more efficient and custom integration by allowing customized enhancements through the API support offered through the SSC portal.
What needs improvement?
Though it is generally close to perfection, the biggest deficiency is the integration with bug tracker systems. It might be better if the configuration screen presented for accessing the bug tracking systems could provide some flexibility. Since there are different templates on TFS in particular (CMMI, Agile etc.), the configuration for different templates can also be customized with the flexibility to be provided here.
For how long have I used the solution?
One to three years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Jan 16 2018