Fortify on Demand Reviews

Filter by:Reset all filters
industry
Filter Unavailable
Company Size
Filter Unavailable
Job Level
Filter Unavailable
rating
Filter Unavailable
Real User
Enterprise Systems Analyst at a manufacturing company with 1,001-5,000 employees
Aug 14 2018

What is most valuable?

One of the valuable features is the ability to submit your code and have it run in the background. Then, if something comes up that is more specific, you have the security analyst who can jump in and help, if needed. I think that's really... more»

How has it helped my organization?

Because of the kind of products we deal with, and the kind of customers we have, we have really specific security requirements and practices we need to follow, specifically applying to our SDLC. Our SDLC dictates that we have security... more»

What needs improvement?

It's still a little bit too complex for regular developers. It takes a little bit more time than usual. I know static code scan is not the main focus of the tool, but the overall time span to scan the code, and even to set up the code... more»
Real User
Executive Director at a tech consulting company with 51-200 employees
Aug 25 2017

What is most valuable?

* The ability to utilize the Client Portal, which provided my clients with a view of the project status, vulnerabilities and needed remediation steps in real-time * I don’t know of any other On-Demand enterprise solution like this one where... more»

How has it helped my organization?

The HP FoD effort allowed my client to utilize this service anytime their internal IT team was overwhelmed with workloads. FoD gives them an option to utilize the additional HP Services when they are overwhelmed with other IT Security needs... more»

What needs improvement?

* I believe that sales packages should be posted for single applications, and packages of multiple applications. For example, we have one-time a package for single applications, and 12 month unlimited use for static and a package for static... more»
Find out what your peers are saying about Micro Focus, SonarQube, Checkmarx and others in Application Security.
287,566 professionals have used our research since 2012.
Consultant
Technical Lead at a tech services company with 10,001+ employees
May 10 2017

What is most valuable?

* Scan wizard: for configuring large scans * Audit workbench: for on-the-fly defect auditing * CLI: to integrate the tool into CI/CD

How has it helped my organization?

Security defects are captured early in the lifecycle and fixed quicker. Usage of Fortify has made developers more aware about security vulnerabilities and their consequences, as well as various secure programming practices.

What needs improvement?

.NET code scanning is still dependent on building the code base before running any scan. Also, it's dependent on an IDE such as Visual Studio. More conventional reporting formats need to be provided. Also, a provision should be available to... more»
Real User
Application Security Specialist at a tech services company with 5,001-10,000 employees
Jan 16 2018

What is most valuable?

The most important feature of the product is to follow today's technology fast, updated rules and algorithms (of the product). It also allows for more efficient and custom integration by allowing customized enhancements through the API... more»

How has it helped my organization?

In large software development teams, the most important issue related to software and application security is to identify vulnerabilities and weaknesses quickly and accurately, then to gather those findings on a common platform so they can be... more»

What needs improvement?

Though it is generally close to perfection, the biggest deficiency is the integration with bug tracker systems. It might be better if the configuration screen presented for accessing the bug tracking systems could provide some flexibility.... more»
Consultant
Specialist Master/Manager at a consultancy with 10,001+ employees
Aug 31 2016

What is most valuable?

The static code analyzer provides views from a security perspective and it is easy to use compared to others.

How has it helped my organization?

We use it to evaluate security from the code and provide results from a security perspective as opposed to a developer’s perspective.

What needs improvement?

Reports can be better visually with graphics such as charts included. Charts (pie, bar, some graph) could show the percentage of the vulnerability categories identified, as opposed to listing them all in a table. At a higher level, it would... more»
See 4 more reviews

Articles

User Assessments By Topic About Fortify on Demand

Find out what your peers are saying about Micro Focus, SonarQube, Checkmarx and others in Application Security.
287,566 professionals have used our research since 2012.

Fortify on Demand Questions

Fortify on Demand Projects By Members

Fortify on Demand Consultants

What is Fortify on Demand?

Micro Focus Fortify on Demand’s application security-as-a-service is the easy and flexible way to identify vulnerabilities in your applications without additional investment in software or personnel. Allow our global team to work for you, providing support and technical expertise 24/7.

Also known as
Micro Focus Fortify on Demand, HPE Fortify on Demand
Fortify on Demand customers

SAP, Aaron's, British Gas, FICO, Cox Automative, Callcredit Information Group, Vital and more.

BUYER'S GUIDE
Not sure which Application Security solution is right for you?

Download our free Application Security Report and find out what your peers are saying about Micro Focus, SonarQube, Checkmarx, and more!

Sign Up with Email