We performed a comparison between Fortify on Demand and Invicti based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It has saved us a lot of time as we focus primarily on programming rather than tool operational work."
"The user interface is good."
"The most valuable features of Micro Focus Fortify on Demand have been SAT analysis and application security."
"Fortify supports most languages. Other tools are limited to Java and other typical languages. IBM's solutions aren't flexible enough to support any language. Fortify also integrates with lots of tools because it has API support."
"The SAST feature is the most valuable."
"Speed and efficiency are great features."
"Fortify on Demand can be scaled very easily."
"It improves future security scans."
"The most attractive feature was the reporting review tool. The reporting review was very impressive and produced very fruitful reports."
"I am impressed by the whole technology that they are using in this solution. It is really fast. When using netscan, the confirmation that it gives on the vulnerabilities is pretty cool. It is really easy to configure a scan in Netsparker Web Application Security Scanner. It is also really easy to deploy."
"Scan, proxify the application, and then detailed report along with evidence and remediations to problems."
"I am impressed with Invictus’ proof-based scanning. The solution has reduced the incidence of false positive vulnerabilities. It has helped us reduce our time and focus on vulnerabilities."
"It correctly parses DOM and JS and has really good support for URL Rewrite rules, which is important for today's websites."
"Invicti's best feature is the ability to identify vulnerabilities and manually verify them."
"The best features of Invicti are its ability to confirm access vulnerabilities, SSL injection vulnerabilities, and its connectors to other security tools."
"Crawling feature: Netsparker has very detail crawling steps and mechanisms. This feature expands the attack surface."
"It natively supports only a few languages. They can include support for more native languages. The response time from the support team can also be improved. They can maybe include video tutorials explaining the remediation process. The remediation process is sometimes not that clear. It would be helpful to have videos. Sometimes, the solution that the tool gives in the GUI is not straightforward to understand for the developer. At present, for any such issues, you have to create a ticket for the support team and request help from the support team."
"Fortify on Demand could be improved with support in Russia."
"We typically do our bulk uploads of our scans with some automation at the end of the development cycle but the scanning can take a lot of time. If you were doing all of it at regular intervals it would still consume a lot of time. This could procedure could improve."
"An improvement would be the ability to get vulnerabilities flowing automatically into another system."
"Micro Focus Fortify on Demand could improve the user interface by making it more user-friendly."
"There were some regulated compliances, which were not there."
"Micro Focus Fortify on Demand could improve the reports. They could benefit from being more user-friendly and intuitive."
"With Rapid7 I utilized its reporting capabilities to deliver Client Reports within just a few minutes of checking the data. I believe that HP’s FoD Clients could sell more services to clients if HP put more effort into delivering visually pleasing reporting capabilities."
"The custom attack preparation screen might be improved."
"Reporting should be improved. The reporting options should be made better for end-users. Currently, it is possible, but it's not the best. Being able to choose what I want to see in my reports rather than being given prefixed information would make my life easier. I had to depend on the API for getting the content that I wanted. If they could fix the reporting feature to make it more comprehensive and user-friendly, it would help a lot of end-users. Everything else was good about this product."
"Invicti takes too long with big applications, and there are issues with the login portal."
"Maybe the ability to make a good reporting format is needed."
"The scannings are not sufficiently updated."
"Asset scanning could be better. Once, it couldn't scan assets, and the issue was strange. The price doesn't fit the budget of small and medium-sized businesses."
"I think that it freezes without any specific reason at times. This needs to be looked into."
"The scanning time, complexity, and authentication features of Invicti could be improved."
Fortify on Demand is ranked 11th in Application Security Tools with 56 reviews while Invicti is ranked 20th in Application Security Tools with 25 reviews. Fortify on Demand is rated 8.0, while Invicti is rated 8.2. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Invicti writes "A customizable security testing solution with good tech support, but the price could be better". Fortify on Demand is most compared with SonarQube, Checkmarx One, Veracode and Coverity, whereas Invicti is most compared with OWASP Zap, Acunetix, PortSwigger Burp Suite Professional, Tenable.io Web Application Scanning and Rapid7 AppSpider. See our Fortify on Demand vs. Invicti report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.