We performed a comparison between Fortify on Demand and Fortify Software Security Center based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Testing (AST)."The static code analyzers are the most valuable features of this solution."
"Audit workbench: for on-the-fly defect auditing."
"I do not remember any issues with stability."
"The most valuable features are the detailed reporting and the ability to set up deep scanning of the software, both of which are in the same place."
"Fortify on Demand is easy to use and the reporting is good."
"The vulnerability detection and scanning are awesome features."
"The most valuable feature is the capacity to be able to check vulnerabilities during the development process. The development team can check whether the code they are using is vulnerable to some type of attack or there is some type of vulnerability so that they can mitigate it. It helps us in achieving a more secure approach towards internal applications. It is an intuitive solution. It gives all the information that a developer needs to remediate a vulnerability in the coding process. It also gives you some examples of how to remediate a vulnerability in different programming languages. This solution is pretty much what we were searching for."
"It has saved us a lot of time as we focus primarily on programming rather than tool operational work."
"The reporting is very useful because you can always view an entire list of the issues that you have."
"You can easily download the tool's rule packs and update them."
"This is a stable solution at the end of the day."
"We typically do our bulk uploads of our scans with some automation at the end of the development cycle but the scanning can take a lot of time. If you were doing all of it at regular intervals it would still consume a lot of time. This could procedure could improve."
"During development, when our developer makes changes to their code, they typically use GitHub or GitLab to track those changes. However, proper integration between Fortify on Demand and GitHub and GitLab is not there yet. Improved integration would be very valuable to us."
"The products must provide better integration with build tools."
"The biggest deficiency is the integration with bug tracker systems. It might be better if the configuration screen presented for accessing the bug tracking systems could provide some flexibility."
"The reporting capabilities need improvement, as there are some features that we would like to have but are not available at the moment."
"It does scanning for all virtual machines and other things, but it doesn't do the scanning for containers. It currently lacks the ability to do the scanning on containers. We're asking their product management team to expand this capability to containers."
"The technical support is actually a problem that needs to be addressed. Since the acquisition and merger with Hewlett Packard, it has been really hard to know who the technical or salesperson to talk to."
"This solution would be improved if the code-quality perspective were added to it, on top of the security aspect."
"This solution is difficult to implement, and it should be made more comfortable for the end-users."
"We are having issues with false positives that need to be resolved."
"Fortify Software Security Center's setup is really painful."
More Fortify Software Security Center Pricing and Cost Advice →
Fortify on Demand is ranked 9th in Application Security Testing (AST) with 56 reviews while Fortify Software Security Center is ranked 27th in Application Security Testing (AST) with 3 reviews. Fortify on Demand is rated 8.0, while Fortify Software Security Center is rated 7.4. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Fortify Software Security Center writes "A fair-priced solution that helps with application security testing ". Fortify on Demand is most compared with SonarQube, Checkmarx One, Veracode, Coverity and Sonatype Lifecycle, whereas Fortify Software Security Center is most compared with Tricentis Tosca, Fortify WebInspect and Checkmarx One.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.