Fortify WebInspect Overview

Fortify WebInspect is the #13 ranked solution of our AST tools. It's rated 3.5 out of 5 stars, and is most commonly compared to Micro Focus Fortify on Demand: Fortify WebInspect vs Micro Focus Fortify on Demand

What is Fortify WebInspect?
Most enterprises rely heavily on the Web to conduct their normal operations, whether providing services, a mechanism for retail sales, or a host of other functions. Yet, most still struggle with efficiently managing their application security risks. For one thing, they need solutions of scale that can be used to manage thousands of active sites and assessments while also tracking discovered vulnerabilities, retesting procedures, and more. They need to perform repeated security tests to address compliance with regulations, legislation, and internal security policies and also see how their risk posture has changed over time. The enterprises have to protect their data, brand, and bottom line from the harsh impacts of what successful vulnerability exploitation could bring. Micro Focus WebInspect Enterprise enables organizations to solve these security problems quickly, efficiently, and intelligently.

Fortify WebInspect is also known as Micro Focus WebInspect, WebInspect.

Fortify WebInspect Buyer's Guide

Download the Fortify WebInspect Buyer's Guide including reviews and more. Updated: November 2020

Fortify WebInspect Customers

Aaron's

Fortify WebInspect Video

Fortify WebInspect Reviews

Filter by:
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Milin Shah
Information Security Architect at a real estate/law firm with 1,001-5,000 employees
Real User
Top 20
Jul 14, 2019
Great centralized dashboard but is a bit overpriced

What is our primary use case?

We primarily use the application for web application scanning.

Pros and Cons

  • I've found the centralized dashboard the most valuable. For the management, it helps a lot to have abilities at the central level.
  • I'm not sure licensing, but on the pricing, it's a bit costly. It's a bit overpriced. Though it is an enterprise tool, there are other tools also with similar functionalities.

What other advice do I have?

I am currently evolving, going through the product. We have yet to go through all the features and functionalities of the product. The way it checks for vulnerabilities helps a lot. It makes the most of the check for vulnerabilities. The centralized dashboard for the management is good but I'm still looking into it. That and other features we are yet to be discovered. I'm still trying to get to know all the features. Looking at an enterprise level product is good. With it, you get a centralized board, you have a management view, enroll management and access management. Everything is there. But…
IvanBiagi
Security Engineer at Secure Network
Real User
Oct 29, 2020
Easy to use with a simple deployment and good documentation

What is our primary use case?

We primarily use the solution for web applications and tests.

Pros and Cons

  • The solution is easy to use.
  • The scanner could be better.

What other advice do I have?

We're just customers. We don't have a business relationship with the company. I would recommend WebInspect to enterprise-level organizations. to use. For a smaller company, I'd recommend something more automated. WebInspect has far more manual work, however, it does have good documentation. Overall, I'd rate the solution eight out of ten.
Find out what your peers are saying about Micro Focus, HCL, PortSwigger and others in Application Security Testing (AST). Updated: November 2020.
447,228 professionals have used our research since 2012.
reviewer1268340
Assoc. Director at a tech services company with 10,001+ employees
Real User
Feb 12, 2020
Easy to use and has good cost/value

What is our primary use case?

We use WebInspect for dynamic application security testing, and integrating that into all our needs.

Pros and Cons

  • It is scalable and very easy to use.
  • The installation could be a bit easier. Usually it's simple to use, but the installation is painful and a bit laborious and complex.

What other advice do I have?

Yes, I would recommend WebInspect. It is a good product, comparable to AppScan. It is quite scalable, and good cost/value with the support and backing from Micro Focus. It's good and I definitely recommend it. On a scale of one to ten, I would give it an eight.
reviewer1186359
Sr. Manager Business Operations Protection at a consumer goods company with 10,001+ employees
Real User
Top 20
Jul 22, 2020
Great accuracy when scanning, but it has an interface that is awkward and not friendly to work with

What is our primary use case?

This is a security testing tool that is used by our security team and the QA team.

Pros and Cons

  • The accuracy of its scans is great.
  • Our biggest complaint about this product is that it freezes up, and literally doesn't work for us.

Cost and Licensing Advice

  • Our licensing is such that you can only run one scan at a time, which is inconvenient.

What other advice do I have?

We are using this WebInspect in conjunction with Fortify. We're not using the client-host based deployment, but rather, a web-based one. The agent is not installed on my machine. The suitability of this product depends on your use case. If you're trying to do what we're doing in QA and security then it's probably great. If, however, you want to do things on external sites then I would suggest an external cloud-based one. I would rate this solution a four out of ten.
reviewer966825
Senior Security Consaulant
Reseller
Oct 13, 2020
Great vulnerability detection and pretty stable, but an expensive option

What is our primary use case?

We primarily use the solution to test web applications regularly.

Pros and Cons

  • The solution is able to detect a wide range of vulnerabilities. It's better at it than other products.
  • Lately, we've seen more false negatives.

What other advice do I have?

While we generally like WebINspect, if a client has a smaller budget, we might suggest Acunetix simply because it is cheaper. However, if a customer's priority was better scanning for their application, we would suggest WebInspect. We like to give our clients options and choices. We prefer to provide them with options that meet their needs and address their pain points. Overall, I would rate the solution seven out of ten. If the price was a bit better, I would rate them higher.
Ashutosh Barot
Security Researcher at a financial services firm with 5,001-10,000 employees
Real User
Top 5Leaderboard
May 5, 2020
Easy to use with a simple interface, but we sometimes had trouble capturing login sequences

What is our primary use case?

We use WebInspect for performance network application testing to be sure that we aren't creating any security issues.

Pros and Cons

  • The user interface is ok and it is very simple to use.
  • It took us between eight and ten hours to scan an entire site, which is somewhat slow and something that I think can be improved.

What other advice do I have?

I would rate this solution a seven out of ten.
reviewer1186086
Senior Software Developer at a financial services firm with 10,001+ employees
Real User
Nov 14, 2019
Stable and well-known for dynamic application scanning but needs better integration with the cloud

What is our primary use case?

We primarily use the solution for dynamic application scanning.

Pros and Cons

  • It's a well-known platform for doing dynamic application scanning.
  • The solution needs better integration with Microsoft's Azure Cloud or an extension of Azure DevOps. In fact, it should better integrate with any cloud provider. Right now, it's quite difficult to integrate with that solution, from the cloud perspective.

What other advice do I have?

We're using the public cloud deployment model. Our provider is Microsoft. We just chose the solutions for dynamic scanning and static scanning, but we haven't performed any scanning yet. I'd recommend it; I'd rate the solution seven out of ten.
Fernando Vizer
Senior Information Technology Architect at a tech vendor with 11-50 employees
Real User
Top 5
Apr 1, 2020
Good static code analysis helps to discover vulnerabilities

What is our primary use case?

I am using WebInspect for finding vulnerabilities.

Pros and Cons

  • The most valuable feature is the static analysis.
  • Creating reports is very slow and it is something that should be improved.

Cost and Licensing Advice

  • The pricing is not clear and while it is not high, it is difficult to understand.

What other advice do I have?

I would rate this solution an eight out of ten.
See 1 more Fortify WebInspect Reviews