Fortify on Demand Competitors and Alternatives

Read reviews of Fortify on Demand competitors and alternatives
Real User
Director For Security Products at a manufacturing company with 10,001+ employees
Mar 25 2018

What is most valuable?

The most valuable feature is the web scan from our perspective. Being able to quickly find the vulnerabilities if any developer has inadvertently put them in. The source scan is of value, but it is so hard to use that it is of less value.

How has it helped my organization?

It has certainly helped us find vulnerabilities in our software, so this is priceless in the end. IBM Application Security has contributed to the maturity of our AppScan risk management program. While it depends on the product, on average ten... more»

What needs improvement?

IBM Security AppScan Source is rather hard to use. Some improvements need to be made to the usability for AppScan Source, specifically. Our biggest problem, we have a lot of code and everything just ends up looking like spaghetti after we run... more»
OWASP
Real User
Program Manager at a manufacturing company with 1,001-5,000 employees
May 02 2018

What is most valuable?

* Interception of proxy traffic * Session comparisons * Port scanner * Fuzzing * Brute force * Cookie management

How has it helped my organization?

Using this tool, it helps enhance and speed the process of covering big applications with many functionalities. It scans while you navigate, then you can save the requests performed and work with them later. Also, you can pass these requests... more»

What needs improvement?

I would like to see a version of “repeater” within OWASP ZAP, a tool capable of sending from one to 1000 of the same requests, but with preselected modified fields, changing from a predetermined word list, or manually created.
CA Technologies
Real User
CISO at Laboratory Corporation of America Holdings
May 17 2018

What is most valuable?

Veracode helps me in several implementations over a couple of industry sectors in a number of ways. My coding, especially the code we develop, has a number of faults per line and that costs me money and time to fix those, into the lifecycle.... more»

How has it helped my organization?

Interestingly enough, Veracode has evolved over time. Their chief designer has been a leader in security for many years and his insights into applications, and what we now consider DevOps, has been very helpful for the industry. The insights... more»

What needs improvement?

As we move to more of a mobile space, much of the code was developed on desktops, mobile laptops, and things. Mobile apps run differently and they have a different runtime. Chris Wysopal and I have talked several times over the past few years... more»

Sign Up with Email