We performed a comparison between Fortify on Demand and Fortify WebInspect based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The features that I have found most valuable include its security scan, the vulnerability finds, and the web interface to search and review the issues."
"The solution is very fast."
"Fortify on Demand can be scaled very easily."
"The SAST feature is the most valuable."
"The installation was easy."
"The most valuable feature is the capacity to be able to check vulnerabilities during the development process. The development team can check whether the code they are using is vulnerable to some type of attack or there is some type of vulnerability so that they can mitigate it. It helps us in achieving a more secure approach towards internal applications. It is an intuitive solution. It gives all the information that a developer needs to remediate a vulnerability in the coding process. It also gives you some examples of how to remediate a vulnerability in different programming languages. This solution is pretty much what we were searching for."
"Its ability to perform different types of scans, keep everything in one place, and track the triage process in Fortify SSC stands out."
"While using Micro Focus Fortify on Demand we have been very happy with the results and findings."
"The solution is easy to use."
"Technical support has been good."
"The solution's technical support was very helpful."
"It's a well-known platform for doing dynamic application scanning."
"The user interface is ok and it is very simple to use."
"Fortify WebInspect is a scalable solution, it is good for a lot of applications."
"There are lots of small settings and tools, like an HTTP editor, that are very useful."
"I've found the centralized dashboard the most valuable. For the management, it helps a lot to have abilities at the central level."
"In terms of communication, they can integrate a few more third-party tools. It would be great if we can have more options for microservice communication. They can also improve the securability a bit more because security is one of the biggest aspects these days when you are using the cloud. Some more security features would be really helpful."
"During development, when our developer makes changes to their code, they typically use GitHub or GitLab to track those changes. However, proper integration between Fortify on Demand and GitHub and GitLab is not there yet. Improved integration would be very valuable to us."
"Micro Focus Fortify on Demand cannot be run from a Linux Agent. When we are coding the endpoint it will not work, we have to use Windows Agent. This is something they could improve."
"We would like a reduction in the time frame of scans. It takes us three to five days to run a scan now. We would like that reduced to under three days."
"This solution would be improved if the code-quality perspective were added to it, on top of the security aspect."
"Sometimes when we run a full scan, we have a bunch of issues in the code. We should not have any issues."
"We have some stability issues, but they are minimal."
"New technologies and DevOps could be improved. Fortify on Demand can be slow (slower than other vendors) to support new technologies or new software versions."
"It took us between eight and ten hours to scan an entire site, which is somewhat slow and something that I think can be improved."
"A localized version, for example, in Korean would be a big improvement to this solution."
"We have had a problem with authentification."
"Fortify WebInspect could improve user-friendliness. Additionally, it is very bulky to use."
"The solution needs better integration with Microsoft's Azure Cloud or an extension of Azure DevOps. In fact, it should better integrate with any cloud provider. Right now, it's quite difficult to integrate with that solution, from the cloud perspective."
"I'm not sure licensing, but on the pricing, it's a bit costly. It's a bit overpriced. Though it is an enterprise tool, there are other tools also with similar functionalities."
"Not sufficiently compatible with some of our systems."
"Lately, we've seen more false negatives."
Fortify on Demand is ranked 11th in Application Security Tools with 56 reviews while Fortify WebInspect is ranked 2nd in Dynamic Application Security Testing (DAST) with 17 reviews. Fortify on Demand is rated 8.0, while Fortify WebInspect is rated 7.0. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Fortify WebInspect writes "A powerful tool catering to multiple use cases that provides reasonably good technical support". Fortify on Demand is most compared with SonarQube, Checkmarx One, Veracode, Coverity and Snyk, whereas Fortify WebInspect is most compared with PortSwigger Burp Suite Professional, Acunetix, OWASP Zap, HCL AppScan and Qualys Web Application Scanning. See our Fortify WebInspect vs. Fortify on Demand report.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.