We performed a comparison between Fortify on Demand and Ixia BreakingPoint based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Audit workbench: for on-the-fly defect auditing."
"The most valuable features of Micro Focus Fortify on Demand have been SAT analysis and application security."
"The solution scans our code and provides us with a dashboard of all the vulnerabilities and the criticality of the vulnerabilities. It is very useful that they provide right then and there all the information about the vulnerability, including possible fixes, as well as some additional documentation and links to the authoritative sources of why this is an issue and what's the correct way to deal with it."
"The SAST feature is the most valuable."
"The quality of application security testing reduces risk and gives very few false positives."
"We have the option to test applications with or without credentials."
"The solution is very fast."
"The most valuable feature is the capacity to be able to check vulnerabilities during the development process. The development team can check whether the code they are using is vulnerable to some type of attack or there is some type of vulnerability so that they can mitigate it. It helps us in achieving a more secure approach towards internal applications. It is an intuitive solution. It gives all the information that a developer needs to remediate a vulnerability in the coding process. It also gives you some examples of how to remediate a vulnerability in different programming languages. This solution is pretty much what we were searching for."
"We use Ixia BreakingPoint for Layer 7 traffic generation. That's what we like."
"The solution has many protocols and options, making it very flexible."
"There is a virtual version of the product which is scaled to 100s of virtual testing blades."
"The DDoS testing module is useful and quick to use."
"It is a scalable solution."
"The most valuable feature of Ixia BreakingPoint is the ransomware and malware database for simulated attacks."
"I like that we can test cloud applications."
"We typically do our bulk uploads of our scans with some automation at the end of the development cycle but the scanning can take a lot of time. If you were doing all of it at regular intervals it would still consume a lot of time. This could procedure could improve."
"The solution has some issues with latency. Sometimes it takes a while to respond. This issue should be addressed."
"It's still a little bit too complex for regular developers. It takes a little bit more time than usual. I know static code scan is not the main focus of the tool, but the overall time span to scan the code, and even to set up the code scanning, is a bit overwhelming for regular developers."
"I would like to see improvement in CI integration and integration with GitLab or Jenkins. It needs to be more simple."
"New technologies and DevOps could be improved. Fortify on Demand can be slow (slower than other vendors) to support new technologies or new software versions."
"The vulnerability analysis does not always provide guidelines for what the developer should do in order to correct the problem, which means that the code has to be manually inspected and understood."
"The biggest deficiency is the integration with bug tracker systems. It might be better if the configuration screen presented for accessing the bug tracking systems could provide some flexibility."
"We want a user-based control and role-based access for developers. We want to give limited access to developers so that it only pertains to the code that they write and scanning of the codes for any vulnerabilities as they're progressing with writing the code. As of now, the interface to give restricted access to the developers is not the best. It gives them more access than what is basically required, but we don't want over-provisioning and over-access."
"The price could be better."
"The quality of the traffic generation could be improved with Ixia BreakingPoint, i.e. to get closer to being accurate in what a real user will do."
"The solution originally was hard to configure; I'm not sure if they've updated this to make it simpler, but if not, it's something that could be streamlined."
"They should improve UI mode packages for the users."
"The production traffic simulations are not realistic enough for some types of DDoS attacks."
"The integration could improve in Ixia BreakingPoint."
"I would appreciate some preconfigured network neighborhoods, which are predefined settings for testing networks."
Fortify on Demand is ranked 9th in Application Security Testing (AST) with 56 reviews while Ixia BreakingPoint is ranked 23rd in Application Security Testing (AST) with 8 reviews. Fortify on Demand is rated 8.0, while Ixia BreakingPoint is rated 8.4. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Ixia BreakingPoint writes "Works better for testing traffic, mix profile, and enrollment scenarios than other solutions". Fortify on Demand is most compared with SonarQube, Checkmarx One, Veracode, Coverity and Fortify WebInspect, whereas Ixia BreakingPoint is most compared with Spirent CyberFlood and Synopsys Defensics. See our Fortify on Demand vs. Ixia BreakingPoint report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
