Most Helpful Review
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
Used for controlling the technical debt and code quality.
It supports most programming languages.
Fortify on Demand is easy to use and the reporting is good.
The most valuable feature is that it connects with your development platforms, such as Microsoft Information Server and Jira.
This product is top-notch solution and the technology is the best on the market.
t's a cloud-based solution, so there was no installation involved.
The static code analyzers are the most valuable features of this solution.
The solution scans our code and provides us with a dashboard of all the vulnerabilities and the criticality of the vulnerabilities. It is very useful that they provide right then and there all the information about the vulnerability, including possible fixes, as well as some additional documentation and links to the authoritative sources of why this is an issue and what's the correct way to deal with it.
I do not remember any issues with stability.
The licensing was good.
It has very few plugins to access different code repositories, so source code has to be fed.
Implementation could be made more simpler as it is complex.
The vulnerability analysis does not always provide guidelines for what the developer should do in order to correct the problem, which means that the code has to be manually inspected and understood.
This solution would be improved if the code-quality perspective were added to it, on top of the security aspect.
The technical support is actually a problem that needs to be addressed. Since the acquisition and merger with Hewlett Packard, it has been really hard to know who the technical or salesperson to talk to.
The solution has some issues with latency. Sometimes it takes a while to respond. This issue should be addressed.
The reporting capabilities need improvement, as there are some features that we would like to have but are not available at the moment.
Primarily for a complex, advanced website, they don't really understand some of the functionalities. So for instance, they could tell us that there is a vulnerability because somebody could possibly do something, but they don't really understand the code to realize that we actually negate that vulnerability through some other mechanism in the program. In addition, the technical support is just not there. We have open tickets. They don't respond. Even if they respond, we're not seeing eye to eye. As the company got sold and bought, the support got worse.
There were some regulated compliances, which were not there.
Sometimes when we run a full scan, we have a bunch of issues in the code. We should not have any issues.
Pricing and Cost Advice
Information Not Available
The pricing can be improved because it is complex when compared to the competition.
It's a yearly contract, but I don't remember the dollar amount.
The licensing was good because the licenses have the heavy centralized server.
The subscription model, on a per-scan basis, is a bit expensive. That's another reason we are not using it for all the apps.
out of 5 in Software Development Analytics
Average Words per Review
out of 41 in Application Security
Average Words per Review
Compared 74% of the time.
Compared 7% of the time.
Compared 6% of the time.
Compared 39% of the time.
Compared 18% of the time.
Compared 17% of the time.
Also Known As
|CAST AIP||Fortify on Demand|
CAST Application Intelligence Platform (AIP), a result of over $130M in R&D investment over two decades, is an enterprise-grade software measurement and quality analysis solution designed to analyze multi-tiered, multi-technology applications for technical vulnerabilities and adherence to architectural and coding standards and then provide business relevant information to the IT organization through various dashboards and products built with end users in mind.
CAST’s underlying system-level analysis technology assesses both the health of an application, as measured through, as well as specific structural and system-level defects that drive performance and stability issues providing true .
Micro Focus Fortify on Demand’s application security-as-a-service is the easy and flexible way to identify vulnerabilities in your applications without additional investment in software or personnel. Allow our global team to work for you, providing support and technical expertise 24/7.
Learn more about CAST Application Intelligence Platform
Learn more about Micro Focus Fortify on Demand
|Steria, T-Systems MMS, Atos Origin, Accenture, Capgemini||SAP, Aaron's, British Gas, FICO, Cox Automative, Callcredit Information Group, Vital and more.|
Software R&D Company44%
Comms Service Provider11%
Financial Services Firm42%
Software R&D Company8%
Software R&D Company41%
Comms Service Provider12%
Financial Services Firm7%