We performed a comparison between Fortify Software Security Center and GitLab based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Testing (AST)."This is a stable solution at the end of the day."
"You can easily download the tool's rule packs and update them."
"The reporting is very useful because you can always view an entire list of the issues that you have."
"A user friendly solution."
"Their CI/CD engine is very mature. It's very comprehensive and flexible, and compared to other projects, I believe that GitLab is number one right now from that perspective."
"GitLab is very well-organized and easy to use. Also, it offers most features that customers need."
"We like that we can create branches and then the branches can be reviewed and you can mesh those branches back. You can independently work with your own branch, you don't need to really control the core of other people."
"It's a great toolbox where the CI/CD pipeline is the fundamental component, but there are so many other features that you can pull from, which makes it a very powerful tool. My current client is using AWS, and they can, of course, use AWS CodePipeline, but GitLab is much more mature than that, and it also gives you the freedom to decide to go to another platform or have a multi-cloud strategy and things like that. That freedom for me is also very valuable."
"The scalability is good."
"CI/CD and GitLab scanning are the most valuable features."
"I like that you can use GitLab as a double-sided solution for both DevOps and version management. It's a good product for working in these two areas, and the user interface makes it easy to understand."
"Fortify Software Security Center's setup is really painful."
"This solution is difficult to implement, and it should be made more comfortable for the end-users."
"We are having issues with false positives that need to be resolved."
"We'd like to see better integration with the Atlassian ecosystem."
"The documentation is confusing."
"I would like configuration of a YML file to be done via UI rather than a code file."
"I would like more Agile features in the Premium version. The Premium version should have all Agile features that exist in the Ultimate version. IBM AOM has a complete Agile implementation, but in GitLab, you only have these features if you buy the Ultimate version. It would be good if we can use these in the Premium version."
"GitLab doesn't have AWS integration. It would be better to have integration with other container management environments beyond Kubernetes. It has very good integration with Kubernetes, but it doesn't have good integration with, for example, AWS, ETS, etc."
"It could have more security integrations and the ability to check the vulnerability of the code. I don't think it is a responsibility of Gitlab, but it would be nice to have more options to integrate with."
"The solution does not have many built-in functions or variables so scripting is required."
"Some of the scripts that we encountered in GitLab were not fully functional and threw up errors."
More Fortify Software Security Center Pricing and Cost Advice →
Fortify Software Security Center is ranked 27th in Application Security Testing (AST) with 3 reviews while GitLab is ranked 7th in Application Security Testing (AST) with 70 reviews. Fortify Software Security Center is rated 7.4, while GitLab is rated 8.6. The top reviewer of Fortify Software Security Center writes "A fair-priced solution that helps with application security testing ". On the other hand, the top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". Fortify Software Security Center is most compared with Fortify on Demand, Tricentis Tosca, Fortify WebInspect and Checkmarx One, whereas GitLab is most compared with Microsoft Azure DevOps, Bamboo, AWS CodePipeline, SonarQube and Tekton.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.