Fortify WebInspect Questions

Rendra Kurniawan, SFC.,CMPM
User
Jan 18 2021

Dear All, 


Can you suggest 2 or 3 products that could compete with:


1. Fortify WebInspect 


2. Fortify Static Code Analyzer


I need suggestions for similar products so I could compare for my consultant project. Thanks in advance for the advice.


Regards

Russell RothsteinAccording to the IT Central Station community, the most popular alternatives to… more »
Oscar Van Der MeerFortify Static Code Analyzer is actually NOT an SCA (Software Composition… more »
Thomas RyanRendra,  You need to ask yourself a few questions:  1. Do I know is the… more »
Miriam Tover
Content Specialist
IT Central Station

Hi,

We all know it's really hard to get good pricing and cost information.

Please share what you can so you can help your peers.

Julia Frohwein
Content and Social Media Manager
IT Central Station

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Julia Frohwein
Content and Social Media Manager
IT Central Station

Hi Everyone,

What do you like most about WebInspect?

Thanks for sharing your thoughts with the community!

Julia Frohwein
Content and Social Media Manager
IT Central Station

Please share with the community what you think needs improvement with WebInspect.

What are its weaknesses? What would you like to see changed in a future version?

Miriam Tover
Content Specialist
IT Central Station

If you were talking to someone whose organization is considering WebInspect, what would you say?

How would you rate it and why? Any other tips or advice?

Application Security Testing (AST) Questions
Rony_Sklar
IT Central Station
Aug 24 2020

What are the different types of tools that should be used together in DevSecOps?


What are the specific tools that you like to use when working on your DevSecOps pipeline? 


What is essential, and what is a nice-to-have? 

Jeremy VaughanDepends on budget and the larger approach to security, compliance, and risk… more »
Rony_Sklar
IT Central Station

Many companies wonder about whether SAST or DAST is better for application security testing. What are the relative benefits of each methodology? Is it possible to make use of both?

Dan DoggendorfSAST and  DAST are not mutually exclusive and should be used in conjunction with… more »
Oscar Van Der MeerFor application security you ideally need SAST, SCA and DAST. You need all three… more »
Russell WebsterBoth. They are not in competition with each other. SAST is used for analyzing… more »
Rony_Sklar
IT Central Station

Which single application security tool provides the best overall protection?

Kangkan GoswamiThe best source to know the OWASP risks is the OWASP website. For top 10 risks… more »
Ariel Lindenfeld
Sr. Director of Community
IT Central Station