Fortify Application Defender Overview

Fortify Application Defender is the #17 ranked solution in our list of application security tools. It is most often compared to SonarQube: Fortify Application Defender vs SonarQube

What is Fortify Application Defender?

Micro Focus Security Fortify Application Defender is a runtime application self-protection (RASP) solution that helps you manage and mitigate risk from homegrown or third-party applications. It provides centralized visibility into application use and abuse while protecting from software vulnerability exploits and other violations in real time.

Fortify Application Defender is also known as HPE Fortify Application Defender, Micro Focus Fortify Application Defender.

Fortify Application Defender Buyer's Guide

Download the Fortify Application Defender Buyer's Guide including reviews and more. Updated: February 2021

Fortify Application Defender Customers

ServiceMaster, Saltworks, SAP

Fortify Application Defender Video

Pricing Advice

What users are saying about Fortify Application Defender pricing:
  • "The base licensing costs for the SaaS platform is about $900 USD per application, per year."

Fortify Application Defender Reviews

Filter by:
Filter Reviews
Filter Unavailable
Company Size
Filter Unavailable
Job Level
Filter Unavailable
Filter Unavailable
Filter Unavailable
Order by:
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Showingreviews based on the current filters. Reset all filters
Tom Haakma
Director of Security at Merito
Real User
Top 20
Sep 22, 2020
Straightforward to deploy and integrates well with WebInspect to secure against application-specific threats

What is our primary use case?

I do not use this product personally. Rather, I implement it for other people. The general use case is application-specific threat blocking. Most of our customers use it as an augment to their WAF.

Pros and Cons

  • "The most valuable feature is the ability to automatically feed it rules what it's coupled with the WebInspect dynamic application scanning technology."
  • "The biggest complaint that I have heard concerns additional platform support because right now, it only supports applications that are written in .NET and Java."

What other advice do I have?

My advice for anybody who is considering Fortify Application Defender is to try it before you buy it. It is one of those things that once you see it in action, it is pretty impressive. Considering there is a free trial available, I think that more people should try it. I would rate this solution an eight out of ten.
Durgesh Pathak
DevOps Engineer at a energy/utilities company with 10,001+ employees
Real User
Top 10
Mar 10, 2020
Static code analysis helps identify security issues and maintain compliance

What is our primary use case?

We use this solution for inspecting our security, such as checking to see if our developers are securing their code properly. For example, we have to ensure that they are not inadvertently exposing any IP addresses or passwords. We have to be cautious because most of our applications are related to banking and the financial domain. Fortify Application Defender accomplishes this by performing source code analysis, and it scans using agents. The source code check involves static code analysis to see if things like passwords are exposed.

Pros and Cons

  • "The most valuable feature is that it analyzes data in real-time."
  • "The workbench is a little bit complex when you first start using it."

What other advice do I have?

This is a great tool and the kind of support it provides is very helpful. It is easy to adopt for any technology and integrates well with any kind of small platform. I would rate this solution a nine out of ten.
Find out what your peers are saying about Micro Focus, SonarSource, Synopsys and others in Application Security. Updated: February 2021.
464,369 professionals have used our research since 2012.
Grandin Major
Solution Architect at a logistics company with 10,001+ employees
Real User
Top 10
Aug 22, 2019
Helped us to improve the code quality of our organization

What is our primary use case?

We use the solution for static code analysis. We do static code analysis on our application project code and we use the solution to check the product quality.

Pros and Cons

  • "The solution helped us to improve the code quality of our organization."
  • "The solution is quite expensive."

What other advice do I have?

We've been using the private cloud deployment model. If you need a huge impact, a business impact, then I think I would recommend HP Fortify. However, if a user is looking for a small scale application with less business impact, I would go with a free solution. I would rate the solution ten out of ten. Aside from the cost, the application is pretty good.
Product Categories
Application Security
Buyer's Guide
Download our free Application Security Report and find out what your peers are saying about Micro Focus, SonarSource, Synopsys, and more!