Compare Micro Focus Fortify on Demand vs. Rapid7 InsightAppSec

Micro Focus Fortify on Demand is ranked 3rd in Application Security Testing (AST) with 8 reviews while Rapid7 InsightAppSec is ranked 15th in Application Security Testing (AST) with 1 review. Micro Focus Fortify on Demand is rated 7.8, while Rapid7 InsightAppSec is rated 9.0. The top reviewer of Micro Focus Fortify on Demand writes "Detects vulnerabilities and provides useful suggestions, but doesn't understand complex websites". On the other hand, the top reviewer of Rapid7 InsightAppSec writes "It integrates well with the rest of my systems". Micro Focus Fortify on Demand is most compared with SonarQube, Veracode and Checkmarx, whereas Rapid7 InsightAppSec is most compared with Rapid7 AppSpider, Veracode and OWASP Zap.
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about Veracode, Checkmarx, Micro Focus and others in Application Security Testing (AST). Updated: November 2019.
379,241 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

t's a cloud-based solution, so there was no installation involved.The static code analyzers are the most valuable features of this solution.The solution scans our code and provides us with a dashboard of all the vulnerabilities and the criticality of the vulnerabilities. It is very useful that they provide right then and there all the information about the vulnerability, including possible fixes, as well as some additional documentation and links to the authoritative sources of why this is an issue and what's the correct way to deal with it.I do not remember any issues with stability.The licensing was good.The installation was easy.It improves future security scans.Fortify helps us to stay updated with the newest languages and versions coming out.

Read more »

We have seen measurable decrease in the mean time to respond to threats by 20 percent.

Read more »

The solution has some issues with latency. Sometimes it takes a while to respond. This issue should be addressed.The reporting capabilities need improvement, as there are some features that we would like to have but are not available at the moment.Primarily for a complex, advanced website, they don't really understand some of the functionalities. So for instance, they could tell us that there is a vulnerability because somebody could possibly do something, but they don't really understand the code to realize that we actually negate that vulnerability through some other mechanism in the program. In addition, the technical support is just not there. We have open tickets. They don't respond. Even if they respond, we're not seeing eye to eye. As the company got sold and bought, the support got worse.There were some regulated compliances, which were not there.Sometimes when we run a full scan, we have a bunch of issues in the code. We should not have any issues.We would like a reduction in the time frame of scans. It takes us three to five days to run a scan now. We would like that reduced to under three days.It's still a little bit too complex for regular developers. It takes a little bit more time than usual. I know static code scan is not the main focus of the tool, but the overall time span to scan the code, and even to set up the code scanning, is a bit overwhelming for regular developers.If you have a continuous integration in place, for example, and you want it to run along with your build and you want it to be fast, you're not going to get it. It adds to your development time.

Read more »

I would like more details of what the product can do.

Read more »

Pricing and Cost Advice
It's a yearly contract, but I don't remember the dollar amount.The licensing was good because the licenses have the heavy centralized server.The subscription model, on a per-scan basis, is a bit expensive. That's another reason we are not using it for all the apps.

Read more »

Information Not Available
Use our free recommendation engine to learn which Application Security Testing (AST) solutions are best for your needs.
379,241 professionals have used our research since 2012.
Average Words per Review
Avg. Rating
Average Words per Review
Avg. Rating
Top Comparisons
Compared 17% of the time.
Compared 12% of the time.
Also Known As
Fortify on DemandInsightAppSec
Micro Focus

Micro Focus Fortify on Demand’s application security-as-a-service is the easy and flexible way to identify vulnerabilities in your applications without additional investment in software or personnel. Allow our global team to work for you, providing support and technical expertise 24/7.

Your web applications may be complex, but your application security testing tool doesn’t need to be. InsightAppSec brings Rapid7’s proven Dynamic Application Security Testing (DAST) technology to the Insight platform, combining powerful application crawling and attack capabilities, flexibility in scan scope and scheduling, and accuracy in results with a modern UI, intuitive workflows, and sensible data organization. This enables you to identify XSS, SQL injection, CSRF, and other vulnerabilities with unparalleled ease. The best part? All of these capabilities are delivered via the cloud so that you’re up and running in minutes to identify the critical security risks that exist in your applications.

Learn more about Micro Focus Fortify on Demand
Learn more about Rapid7 InsightAppSec
Sample Customers
SAP, Aaron's, British Gas, FICO, Cox Automative, Callcredit Information Group, Vital and more.
Information Not Available
Top Industries
Financial Services Firm33%
Manufacturing Company11%
Energy/Utilities Company11%
Software R&D Company41%
Comms Service Provider12%
Financial Services Firm8%
Manufacturing Company6%
Software R&D Company40%
Comms Service Provider28%
Hospitality Company6%
Non Profit4%
Company Size
Small Business24%
Midsize Enterprise12%
Large Enterprise64%
Small Business18%
Midsize Enterprise2%
Large Enterprise80%
No Data Available
Find out what your peers are saying about Veracode, Checkmarx, Micro Focus and others in Application Security Testing (AST). Updated: November 2019.
379,241 professionals have used our research since 2012.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Sign Up with Email