We performed a comparison between Fortify on Demand and GitHub Advanced Security based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The scanning capabilities, particularly for our repositories, have been invaluable."
"It improves future security scans."
"The installation was easy."
"The most valuable features of Micro Focus Fortify on Demand have been SAT analysis and application security."
"The static code analyzers are the most valuable features of this solution."
"The most valuable feature is that it connects with your development platforms, such as Microsoft Information Server and Jira."
"t's a cloud-based solution, so there was no installation involved."
"The most valuable features are the detailed reporting and the ability to set up deep scanning of the software, both of which are in the same place."
"Dependency scanning is a valuable feature."
"The product's most valuable features are security scan, dependency scan, and cost-effectiveness."
"It is a stable solution...It is a scalable solution as it can handle new applications along with the analysis part."
"The most valuable is the developer experience and the extensibility of the overall ecosystem."
"GitHub provides advanced security, which is why the customers choose this tool; it allows them to rely solely on GitHub as one platform for everything they need."
"It ensures user passwords or sensitive information are not accidentally exposed in code or reports."
"The Visual Studio plugin seems to hang when a scan is run on big projects. I would expect some improvements there."
"They have very good support, but there is always room for improvement."
"The thing that could be improved is reducing the cost of usage and including some of the most pricey features, such as dynamic analysis and that sort of functionality, which makes the difference between different types of tools."
"We would like a reduction in the time frame of scans. It takes us three to five days to run a scan now. We would like that reduced to under three days."
"In terms of communication, they can integrate a few more third-party tools. It would be great if we can have more options for microservice communication. They can also improve the securability a bit more because security is one of the biggest aspects these days when you are using the cloud. Some more security features would be really helpful."
"We typically do our bulk uploads of our scans with some automation at the end of the development cycle but the scanning can take a lot of time. If you were doing all of it at regular intervals it would still consume a lot of time. This could procedure could improve."
"It would be highly beneficial if Fortify on Demand incorporated runtime analysis, similar to how Contrast Security utilizes agents for proactive application security."
"New technologies and DevOps could be improved. Fortify on Demand can be slow (slower than other vendors) to support new technologies or new software versions."
"There could be a centralized dashboard to view reports of all the projects on one platform."
"The customizations are a little bit difficult."
"The deployment part of the product is an area of concern that needs to be made easier from an improvement perspective."
"The report limitations are the main issue."
"There could be DST features included in the product."
"A more refined approach, categorizing and emphasizing specific vulnerabilities, would be beneficial."
Fortify on Demand is ranked 10th in Application Security Tools with 56 reviews while GitHub Advanced Security is ranked 14th in Application Security Tools with 6 reviews. Fortify on Demand is rated 8.0, while GitHub Advanced Security is rated 9.0. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of GitHub Advanced Security writes "A tool that provides ease of integration with the set of existing codes in an infrastructure". Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Fortify Software Security Center, whereas GitHub Advanced Security is most compared with SonarQube, Snyk, Veracode, Checkmarx One and GitLab. See our Fortify on Demand vs. GitHub Advanced Security report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.