We performed a comparison between Fortify on Demand and Polyspace Code Prover based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Speed and efficiency are great features."
"The feature that I find the most useful is being able to just see the vulnerabilities online while checking the code and then checking suggestions for fixing them."
"We identified a lot of security vulnerability much earlier in the development and could fix this well before the product was rolled out to a huge number of clients."
"Its ability to perform different types of scans, keep everything in one place, and track the triage process in Fortify SSC stands out."
"We have the option to test applications with or without credentials."
"t's a cloud-based solution, so there was no installation involved."
"Almost all the features are good. This solution has simplified designing and architecting for our solutions. We were early adopters of microservices. Their documentation is good. You don't need to put in much effort in setting it up and learning stuff from scratch and start using it. The learning curve is not too much."
"The licensing was good."
"Polyspace Code Prover is a very user-friendly tool."
"When we work on safety modules, it is mandatory to fulfill ISO 26262 compliance. Using Prover helps fulfill the standard on top of many other quality checks, like division by zero, data type casts, and null pointer dereferences."
"The product detects memory corruptions."
"Polyspace Code Prover has made me realize it differs from other static code analysis tools because it runs the code. So it's quite distinct in that aspect."
"The outputs are very reliable."
"It does scanning for all virtual machines and other things, but it doesn't do the scanning for containers. It currently lacks the ability to do the scanning on containers. We're asking their product management team to expand this capability to containers."
"I would like to see improvement in CI integration and integration with GitLab or Jenkins. It needs to be more simple."
"Takes up a lot of resources which can slow things down."
"If you have a continuous integration in place, for example, and you want it to run along with your build and you want it to be fast, you're not going to get it. It adds to your development time."
"The technical support is actually a problem that needs to be addressed. Since the acquisition and merger with Hewlett Packard, it has been really hard to know who the technical or salesperson to talk to."
"There is room for improvement in the integration process."
"Reporting could be improved."
"With Rapid7 I utilized its reporting capabilities to deliver Client Reports within just a few minutes of checking the data. I believe that HP’s FoD Clients could sell more services to clients if HP put more effort into delivering visually pleasing reporting capabilities."
"I'd like the data to be taken from any format."
"One of the main disadvantages is the time it takes to initiate the first run."
"Automation could be a challenge."
"The tool has some stability issues."
"Using Code Prover on large applications crashes sometimes."
Fortify on Demand is ranked 10th in Application Security Tools with 56 reviews while Polyspace Code Prover is ranked 23rd in Application Security Tools with 5 reviews. Fortify on Demand is rated 8.0, while Polyspace Code Prover is rated 7.6. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Polyspace Code Prover writes "A stable solution for developing software components". Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Fortify WebInspect, whereas Polyspace Code Prover is most compared with SonarQube, Coverity, Klocwork and CodeSonar. See our Fortify on Demand vs. Polyspace Code Prover report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.