WebInspect Review

Good static code analysis helps to discover vulnerabilities


What is our primary use case?

I am using WebInspect for finding vulnerabilities.

What is most valuable?

The most valuable feature is the static analysis.

What needs improvement?

Creating reports is very slow and it is something that should be improved.

In the future, I would like to see better integration between static analysis and dynamic analysis.

For how long have I used the solution?

I have been working with WebInspect for one year.

What do I think about the stability of the solution?

We have never had a problem with stability.

What do I think about the scalability of the solution?

This is a scalable solution. I performed an analysis of more than five million rows and it took perhaps three hours.

How are customer service and technical support?

Technical support is a bit slow, as sometimes it takes too long to get responses. However, the support is good because our problem was fixed after just one interaction with them.

Which solution did I use previously and why did I switch?

Prior to using WebInspect, I was using SonarQube. The problem with SonarQube is that they are not very good at analyzing ASP.NET applications, so I gave up on it.

What's my experience with pricing, setup cost, and licensing?

The pricing is not clear and while it is not high, it is difficult to understand.

What other advice do I have?

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More WebInspect reviews from users
...who compared it with HCL AppScan
Add a Comment
Guest
1 Comment

author avatarHansEnders (Micro Focus)
Vendor

I believe the reviewer or the forum organizer has posted this review in the wrong area, or confused Fortify's WebInspect product (DAST) with their Static Code Analyzer ("Fortify SCA") product (SCA).

+++++++++
Fortify general: https://www.microfocus.com/en-us/solutions/application-security" target="_blank">https://www.microfocus.com/en-us/solutions/application-security

SCA: https://www.microfocus.com/en-us/products/static-code-analysis-sast/overview" target="_blank">https://www.microfocus.com/en-us/products/static-code-analysis-sast/overview

WebInspect: https://www.microfocus.com/en-us/products/webinspect-dynamic-analysis-dast/overview" target="_blank">https://www.microfocus.com/en-us/products/webinspect-dynamic-analysis-dast/overview