We performed a comparison between Fortify on Demand and Fortify Software Security Center based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Testing (AST).
"Fortify on Demand can be scaled very easily."
"The UL is easy to use compared to that of other tools, and it is highly reliable. The findings provide a lower number of false positives."
"The feature that I find the most useful is being able to just see the vulnerabilities online while checking the code and then checking suggestions for fixing them."
"Once we have our project created with our application pipeline connected to the test scanning, it only takes two minutes. The report explaining what needs to be modified related to security and vulnerabilities in our code is very helpful. We are able to do static and dynamic code scanning."
"It helps deploy and track changes easily as per time-to-time market upgrades."
"What stands out to me is the user-friendliness of each feature."
"We have the option to test applications with or without credentials."
"We identified a lot of security vulnerability much earlier in the development and could fix this well before the product was rolled out to a huge number of clients."
"The reporting is very useful because you can always view an entire list of the issues that you have."
"You can easily download the tool's rule packs and update them."
"This is a stable solution at the end of the day."
"In terms of what could be improved, we need more strategic analysis reports, not just for one specific application, but for the whole enterprise. In the next release, we need more reports and more analytic views for all the applications. There is no enterprise view in Fortify. I would like enterprise views and reports."
"There is room for improvement in the integration process."
"The biggest deficiency is the integration with bug tracker systems. It might be better if the configuration screen presented for accessing the bug tracking systems could provide some flexibility."
"It lacks of some important features that the competitors have, such as Software Composition Analysis, full dead code detection, and Agile Alliance's Best Practices and Technical Debt."
"Fortify on Demand could be improved with support in Russia."
"It could have a little bit more streamlined installation procedure. Based on the things that I've done, it could also be a bit more automated. It is kind of taking a bunch of different scanners, and SSC is just kind of managing the results. The scanning doesn't really seem to be fully integrated into the SSC platform. More automation and any kind of integration in the SSC platform would definitely be good. There could be a way to initiate scans from SSC and more functionality on the server-side to initiate desk scans if it is not already available."
"The UI could be better. Fortify should also suggest new packages in the product that can be upgraded. Currently, it shows that, but it's not visible enough. In future versions, I would like more insights about the types of vulnerabilities and the pages associated with the exact CVE."
"They have very good support, but there is always room for improvement."
"Fortify Software Security Center's setup is really painful."
"This solution is difficult to implement, and it should be made more comfortable for the end-users."
"We are having issues with false positives that need to be resolved."
More Fortify Software Security Center Pricing and Cost Advice →
Fortify on Demand is ranked 9th in Application Security Testing (AST) with 56 reviews while Fortify Software Security Center is ranked 27th in Application Security Testing (AST) with 3 reviews. Fortify on Demand is rated 8.0, while Fortify Software Security Center is rated 7.4. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Fortify Software Security Center writes "A fair-priced solution that helps with application security testing ". Fortify on Demand is most compared with SonarQube, Checkmarx One, Veracode, Coverity and Sonatype Lifecycle, whereas Fortify Software Security Center is most compared with Tricentis Tosca and Fortify WebInspect.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
