We performed a comparison between Fortify WebInspect and GitLab based on real PeerSpot user reviews.
Find out in this report how the two DevSecOps solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Reporting, centralized dashboard, and bird's eye view of all vulnerabilities are the most valuable features."
"The most valuable feature is the static analysis."
"The solution is easy to use."
"It's a well-known platform for doing dynamic application scanning."
"The accuracy of its scans is great."
"The solution is able to detect a wide range of vulnerabilities. It's better at it than other products."
"I've found the centralized dashboard the most valuable. For the management, it helps a lot to have abilities at the central level."
"Fortify WebInspect is a scalable solution, it is good for a lot of applications."
"Git hosting has an integration with ACD which is why we liked this solution in the first place."
"GitLab's best features are maintenance, branch integration, and development infrastructure."
"The best thing is that as the developers work on separate tasks, all of the code goes there and the other team members don't have to wait on each other to finish."
"We use the Git repository and tagging feature. We are a product-based company and use this solution to move to a forward or backward tag."
"The stability is good."
"Their CI/CD engine is very mature. It's very comprehensive and flexible, and compared to other projects, I believe that GitLab is number one right now from that perspective."
"Of all available products, it was the easiest to use and easy to install."
"It is very useful for reviews. We are using branch merging operations and full reset operations. It is also very useful for merging our code and tracking another branch. The graph diagrams of Git are very useful. Its interface is straightforward and not too complex for us."
"One thing I would like to see them introduce is a cloud-based platform."
"It requires improvement in terms of scanning. The application scan heavily utilizes the resources of an on-premise server. 32 GB RAM is very high for an enterprise web application."
"A localized version, for example, in Korean would be a big improvement to this solution."
"Fortify WebInspect's shortcoming stems from the fact that it is a very expensive product in Korea, which makes it difficult for its potential customers to introduce the product in their IT environment."
"We have often encountered scanning errors."
"Fortify WebInspect could improve user-friendliness. Additionally, it is very bulky to use."
"Creating reports is very slow and it is something that should be improved."
"Lately, we've seen more false negatives."
"We would like to have easier tutorials. Their tutorials are too technical for a user to understand. They should be more detailed but less technical."
"This solution could be improved by adding modifications such as slack notifications."
"The integration and storage capabilities could be better."
"The integration could be slightly better."
"The user interface could be more user-friendly. We do most of our operations through the website interface but it could be better."
"We have only seen a couple of issues on Gitlab, which we use for building some of the applications."
"There is room for improvement in GitLab Agents."
"As a partner, sometimes it's difficult to get support. They have a really complicated procedure for their support."
Fortify WebInspect is ranked 7th in DevSecOps with 17 reviews while GitLab is ranked 2nd in DevSecOps with 70 reviews. Fortify WebInspect is rated 7.0, while GitLab is rated 8.6. The top reviewer of Fortify WebInspect writes "A powerful tool catering to multiple use cases that provides reasonably good technical support". On the other hand, the top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". Fortify WebInspect is most compared with PortSwigger Burp Suite Professional, Fortify on Demand, Acunetix, OWASP Zap and Aqua Cloud Security Platform, whereas GitLab is most compared with Microsoft Azure DevOps, Bamboo, AWS CodePipeline, SonarQube and Tekton. See our Fortify WebInspect vs. GitLab report.
See our list of best DevSecOps vendors.
We monitor all DevSecOps reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.