We performed a comparison between Fortify on Demand and Ixia BreakingPoint based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Being able to reduce risk overall is a very valuable feature for us."
"We have the option to test applications with or without credentials."
"The user interface is good."
"While using Micro Focus Fortify on Demand we have been very happy with the results and findings."
"I don’t know of any other On-Demand enterprise solution like this one where we can load the details and within a few days, receive the results of intrusion attacks, and work with HP Security Experts when needed for clarification"
"What stands out to me is the user-friendliness of each feature."
"The most valuable features of Micro Focus Fortify on Demand have been SAT analysis and application security."
"The most valuable feature is the capacity to be able to check vulnerabilities during the development process. The development team can check whether the code they are using is vulnerable to some type of attack or there is some type of vulnerability so that they can mitigate it. It helps us in achieving a more secure approach towards internal applications. It is an intuitive solution. It gives all the information that a developer needs to remediate a vulnerability in the coding process. It also gives you some examples of how to remediate a vulnerability in different programming languages. This solution is pretty much what we were searching for."
"We use Ixia BreakingPoint for Layer 7 traffic generation. That's what we like."
"It is a scalable solution."
"The solution has many protocols and options, making it very flexible."
"The most valuable feature of Ixia BreakingPoint is the ransomware and malware database for simulated attacks."
"There is a virtual version of the product which is scaled to 100s of virtual testing blades."
"I like that we can test cloud applications."
"The DDoS testing module is useful and quick to use."
"There's a bit of a learning curve. Our development team is struggling with following the rules and following the new processes."
"It's still a little bit too complex for regular developers. It takes a little bit more time than usual. I know static code scan is not the main focus of the tool, but the overall time span to scan the code, and even to set up the code scanning, is a bit overwhelming for regular developers."
"The reporting capabilities need improvement, as there are some features that we would like to have but are not available at the moment."
"Takes up a lot of resources which can slow things down."
"Primarily for a complex, advanced website, they don't really understand some of the functionalities. So for instance, they could tell us that there is a vulnerability because somebody could possibly do something, but they don't really understand the code to realize that we actually negate that vulnerability through some other mechanism in the program. In addition, the technical support is just not there. We have open tickets. They don't respond. Even if they respond, we're not seeing eye to eye. As the company got sold and bought, the support got worse."
"Temenos's (T-24) info basic is a separate programming interface, and such proprietary platforms and programming interfaces were not easily supported by the out-of-the-box versions of Fortify."
"They have a release coming out, which is full of new features. Based on their roadmap, there's nothing that I would suggest for them to put in it that they haven't already suggested. However, I am a customer, so I always think the pricing is something that could be improved. I am working with them on that, and they're very flexible. They work with their customers and kind of tailor the product to the customer's needs. So far, I am very happy with what they're able to provide. Their subscriptions could use a little bit of a reworking, but that would be about it."
".NET code scanning is still dependent on building the code base before running any scan. Also, it's dependent on an IDE such as Visual Studio."
"I would appreciate some preconfigured network neighborhoods, which are predefined settings for testing networks."
"The integration could improve in Ixia BreakingPoint."
"They should improve UI mode packages for the users."
"The production traffic simulations are not realistic enough for some types of DDoS attacks."
"The price could be better."
"The solution originally was hard to configure; I'm not sure if they've updated this to make it simpler, but if not, it's something that could be streamlined."
"The quality of the traffic generation could be improved with Ixia BreakingPoint, i.e. to get closer to being accurate in what a real user will do."
Fortify on Demand is ranked 9th in Application Security Testing (AST) with 56 reviews while Ixia BreakingPoint is ranked 23rd in Application Security Testing (AST) with 8 reviews. Fortify on Demand is rated 8.0, while Ixia BreakingPoint is rated 8.4. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Ixia BreakingPoint writes "Works better for testing traffic, mix profile, and enrollment scenarios than other solutions". Fortify on Demand is most compared with SonarQube, Checkmarx One, Veracode, Coverity and Fortify WebInspect, whereas Ixia BreakingPoint is most compared with Spirent CyberFlood and Synopsys Defensics. See our Fortify on Demand vs. Ixia BreakingPoint report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
