We performed a comparison between Fortify on Demand and GitLab based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It helps deploy and track changes easily as per time-to-time market upgrades."
"It is a very easy tool for developers to use in parallel while they're doing the coding. It does auto scanning as we are progressing with the CI/CD pipeline. It has got very simple and efficient API support."
"Fortify supports most languages. Other tools are limited to Java and other typical languages. IBM's solutions aren't flexible enough to support any language. Fortify also integrates with lots of tools because it has API support."
"The most valuable features of Micro Focus Fortify on Demand have been SAT analysis and application security."
"The vulnerability detection and scanning are awesome features."
"The solution scans our code and provides us with a dashboard of all the vulnerabilities and the criticality of the vulnerabilities. It is very useful that they provide right then and there all the information about the vulnerability, including possible fixes, as well as some additional documentation and links to the authoritative sources of why this is an issue and what's the correct way to deal with it."
"Provides good depth of scanning and we get good results."
"Speed and efficiency are great features."
"The important feature is the entire process of versioning source code maintenance and easy deployment. It is a necessity for the CI/CD pipeline."
"The solution has an established roadmap that lays out its plans for upgrades over the next two to three years."
"The most valuable features of GitLab are the CI/CD pipeline and code management."
"This product is always evolving, and they listen to the customers."
"We use the Git repository and tagging feature. We are a product-based company and use this solution to move to a forward or backward tag."
"The solution makes the CI/CD pipelines easy to execute."
"I like that it's easy to deploy our services over GitLab. The customer support is also good with a really active community. You have a lot of support that you can get online with your stack. That is probably one of the benefits of using GitLab. It's also really fast."
"It is very flexible and easy because you can store data on cloud."
"They could provide features for artificial intelligence similar to other vendors."
"Integration to CI/CD pipelines could be improved. The reporting format could be more user friendly so that it is easy to read."
"I would like to see improvement in CI integration and integration with GitLab or Jenkins. It needs to be more simple."
"Micro Focus Fortify on Demand can improve by having more graphs. For example, to show the improvement of the level of security."
"Micro Focus Fortify on Demand cannot be run from a Linux Agent. When we are coding the endpoint it will not work, we have to use Windows Agent. This is something they could improve."
"New technologies and DevOps could be improved. Fortify on Demand can be slow (slower than other vendors) to support new technologies or new software versions."
"This solution would be improved if the code-quality perspective were added to it, on top of the security aspect."
"With Rapid7 I utilized its reporting capabilities to deliver Client Reports within just a few minutes of checking the data. I believe that HP’s FoD Clients could sell more services to clients if HP put more effort into delivering visually pleasing reporting capabilities."
"We would like to generate document pages from the sources."
"GitLab can improve the integration with third-party applications. It could be made easier. Additionally, having API control from my application could be helpful."
"The solution should be more cloud-native and have more cloud-native capabilities and features."
"GitLab could consider introducing a code-scanning tool. Purchasing such tools from external markets can incur charges, which might not be favorable. Integrating these features into GitLab would streamline the pipeline and make it more convenient for users."
"I would like to have some features to support peer review."
"It should be used by a larger number of people. They should raise awareness."
"Expand features to match other tools such as a static code analysis tool so third-party integrations are not required."
"The documentation could be improved to help newcomers better understand things like creating new branches."
Fortify on Demand is ranked 11th in Application Security Tools with 56 reviews while GitLab is ranked 7th in Application Security Tools with 70 reviews. Fortify on Demand is rated 8.0, while GitLab is rated 8.6. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". Fortify on Demand is most compared with SonarQube, Checkmarx One, Veracode, Coverity and Fortify WebInspect, whereas GitLab is most compared with Microsoft Azure DevOps, Bamboo, AWS CodePipeline, SonarQube and Tekton. See our Fortify on Demand vs. GitLab report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
