Fortify on Demand Initial Setup
The solution was implemented prior to my joining the company so I have no information regarding the initial setup.
View full review »CP
AbbasiPoonawala
Architecture Manager at Alinma Bank
I am the architecture manager, and my team evaluated and onboarded Fortify based on reviews and evaluations from GQ, Peerspot, Gartner, and even Forrester.
During the setup process, we had concerns regarding the cost. From the CSD perspective, Fortify was not very cost-friendly. The CSD has a separate budget and reports directly to the CEO and CIO. We had to consider our budget limitations because we have been leveraging Fortify since the bank's inception in 2008. Although we have utilized it extensively, the cost appeared higher compared to SonarQube. Hence, we decided to go with SonarQube. However, I must say that Fortify offered a lot of value.
It was quite manageable to maintain. We have a dedicated team that supports Fortify in production. So, it was quite manageable.
View full review »The initial setup is complicated. It takes around four to five hours to complete, including installation and scanning. I rate the process a seven out of ten.
View full review »Buyer's Guide
Fortify on Demand
April 2024
Learn what your peers think about Fortify on Demand. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
768,740 professionals have used our research since 2012.
The initial setup was simple.
View full review »The product itself is easy to set up, but establishing the necessary culture and structure is a bit complex. We need to develop a culture and create sub-teams within the teams. Each team needs a security coordinator who can relate what new things are coming in, such as CVEs or new scans that need to be done.
For maintenance, we have a team of two product owners who are heavily involved with the product itself. We have around three or four people with a good understanding of deploying and maintaining the solution.
View full review »The initial setup was not straightforward because I had the ALM.net, not the .com version, and Fortify on Demand was configured to be integrated with ALM.com, not with ALM.net. This caused me some issues with the integration. When I scanned and identified the defects, these were not automatically raised in ALM, which was a major problem for me. I understood that they needed to do some development in order to make it work with ALM.net. The deployment took no more than one business day.
The initial setup of this solution on-premises is easy; however, we have had difficulties installing it online in our clients' environments.
View full review »FC
Fernando Carlos
Project Manager at Everis
We found that the initial setup a bit complex. It's not exactly straightforward. For a newbie, there's a learning curve, and that can slow things down a bit.
Our deployment took about three to four months.
View full review »JL
Jason Lebrecht US
Sr. Manager 5G & MEC (Edge) Strategy at Verizon
Super easy deployment and usage of the scanning capabilities. The setup was straightforward, and the ability to enter data and start the correct scan was intuitive.
View full review »The initial setup is moderately complex and takes a couple of hours. We have 20 users who are developers and ops staff.
SS
reviewer1529571
Acquisitions Leader at a healthcare company with 10,001+ employees
It is very straightforward to set up. You can set it up in minutes.
View full review »PR
Prakash-Rao
Vice President - Solution Architecture at a financial services firm with 10,001+ employees
My understanding is the this is not a difficult solution to manage and maintain.
View full review »JM
Jonathas De Morais
Enterprise Systems Analyst at a manufacturing company with 10,001+ employees
The initial setup was straightforward. We had onsite training from HPE to help set up the local environment and first scans, and that was helpful.
View full review »The initial setup is straightforward.
The installation can take a couple of hours depending on what the deployment is, such as, on cloud or on-premise. Additionally, the size of the code that will be put on the system can impact the time, but it does not take long.
View full review »RK
Raghu Krishna Y
GM - Technology at a outsourcing company with 10,001+ employees
The initial setup was a medium effort, not too complex. However, the bulk scan uploads took time. Overall it took an average amount of time and it was easy to integrate and work with.
View full review »DV
Dionisio Valdés
Senior System Analyst at Azurian
The setup is easy and it only takes about 30 minutes to perform a basic code review in Java when dealing with WAR files.
It can get more complicated when you want to fine-tune the reporting interface to give only the details that you want to see. This is because the initial configuration depends on other variables like the scope of the review, the client's preferences, the technician's preferences, and other factors.
When it comes to launching Fortify on Demand and connecting it to our codebase, it's quite easy. Getting quick reviews done on WAR files is a relatively simple procedure.
Initial setup is quite easy.
View full review »It was straightforward. It took us two or three months because we had to integrate with our DevOps and pipeline solutions. It took a bit of extra time.
In terms of maintenance, we need to update the version. Micro Focus releases new versions every two months or so.
View full review »The implementation process was complex. The documentation was not clear to me.
View full review »The initial setup of Micro Focus Fortify on Demand was simple. The deployment took approximately three or four days.
View full review »NT
reviewer2107677
Cyber Security Specialist at a computer software company with 51-200 employees
I give the initial setup a nine out of ten. The deployment took a few hours and required one person to implement.
View full review »LM
reviewer1468542
Principal Solutions Architect at a security firm with 11-50 employees
As compared to the other tools that I've worked with, it is probably in the middle range. It is definitely not the simplest one where you just run the installation, and it will be all done, but you also don't tend to run into too many problems that aren't easy to figure out during the install process. If you go from lowest to highest complexity, it would be right in the middle.
View full review »BK
reviewer1263261
Sr. Enterprise Architect at a financial services firm with 5,001-10,000 employees
The initial setup was quite simple.
I performed the deployment a couple of times on different platforms and it did not take much effort to set up. I also did the integration with other platforms like Microsoft Information Server and it was quite easy. You just need to know the platform that you are integrating into.
When it came time to deploy, I just had to run through the documentation on the vendor's web site. I spent one day reading it and one the second day, I did my integration. It took about eight hours that day, and I had challenges but they came from the platform that I was integrating into, like Microsoft Information Server. There were things to be done, such as converting XML files. The next day I was able to fix the problems, so in total it took me between nine and twelve hours to integrate it.
The second time that I deployed this solution it took me not more than two or three hours to repeat all of these same steps.
View full review »The initial setup is very simple because no installation is necessary - you just need to access the application and configure it.
View full review »RC
reviewer1078392
Security Systems Analyst at a retailer with 5,001-10,000 employees
The basic scanning is not very complex. When you get into more detailed scanning such as APIs, the level of complexity is moderate. However, when you are scanning that type of application, you usually have teams available that know what to do and what the configuration needs to be. We did our first scan within two days.
View full review »We had some issue with logins and account setups, but received excellent support.
View full review »OS
Omar Sánchez (Mr.Tech)
Information Security Advisor, CISO & CIO, Docutek Services at Docutek Services
Yes. Very easy.
View full review »The initial setup is straightforward and the second or third-tier support is available whenever we face an issue or something. Most of the components are plug-and-play, so it doesn't take much time.
View full review »Initial setup was easy and intuitive: just specify the license path and install the product.
View full review »DG
Dheeraj G
Information Security Engineer at a comms service provider with 501-1,000 employees
The initial setup is straightforward and not that complex. We had some support from IT.
View full review »The initial setup was very easy and straightforward. We were able to roll out this service to all our business units.
View full review »JP
reviewer1210665
Production Manager for Nearshore SWaT at a computer software company with 1,001-5,000 employees
I wasn't responsible for setting it up.
View full review »The deployment was super easy as the interface is straightforward. It was almost too easy.
View full review »AM
Александр Мерзляков
Project Manager at LINS
Deployment takes between four to six months.
View full review »The initial setup was pretty much straightforward. It was quite easy to implement.
It is quite intuitive, and the training model that they have helps the development team in using it easily. The deployment process took only about two weeks.
In terms of the implementation strategy, it started with a kickoff meeting with the provider who offered the solution. We involved the development team, security information team, and infrastructure team from the beginning. They all knew what can be done with the solution and what role they are going to play in the implementation process, which helped a lot to achieve a pretty short implementation time.
View full review »JE
reviewer1050960
CISO at a retailer with 1,001-5,000 employees
Our website is complex, so the setup is also complex. By definition, we expected it to be complex, and Checkmarx should also be complex because of the culture, habits, and complexity of our custom-developed website. Our website is not an off-the-shelf product, so there's a lot of complexity that comes with it by nature. But that's okay.
The initial deployment goal was to scan every bit and byte of code on the production e-commerce site. That was the plan. We started rolling this out and then we started sending tests. We went back and forth on whether we should make it in-line automatic that we scan sales, in a way that it would not allow the code to move further, or if we should do it off to the side, such that the application development life cycle continues to run separately, while somebody is scanning it making sure we dissolve all the issues. So we tried both routes. There are benefits to each, and it's definitely safer to do it in-line. Again, the culture, habits, and technology's use mean that it is not always best to do it in-line because it could become too complicated and break too many things. So we actually switched that. There is a person that does that. It's not built into the migration system by default. Somebody is scanning it and then moves to the next one.
Setup was not complex, although given our size it was a challenge.
View full review »ML
Appsecanst67
Senior Application Security Analyst at a financial services firm with 10,001+ employees
It's a cloud-based solution, so there was no installation involved.
View full review »NB
Nixon B
Senior Cyber Security Analyst at a financial services firm with 1,001-5,000 employees
I was not involved in the initial implementation.
View full review »Initial setup was complex; we ran into lot of memory issues. The Visual Studio plugin was not responsive, either.
View full review »The initial setup was pretty easy and straightforward.
View full review »CU
ChimaUzomba
Chief Executive & Certified Security Administrator at Boch Systems Company Limited
I think the initial setup for the on-demand product is straightforward. The product installed on-premises is somewhat complex. For this reason, it is better that the on-premises version is installed with the help of integrators or consultants.
View full review »It was very straightforward in comparison to other solutions that we had used in the past.
View full review »MJ
Mamta Jha
Co-Founder at TechScalable
It was good. I don't think we struggled that much.
View full review »BS
reviewer961944
R&D at a tech services company with 51-200 employees
The implementation of Micro Focus Fortify on Demand was simple, since it is on the cloud everything is automatic. They give you an account and that is all, you use the product.
The premise solution is more rentable. However, it is asking for a lot of effort in the implementation, administration, and integration in the pipeline. It takes time until the company comes to the right level to be able to manage this product. Even with the right partners in Latin America that work with us, it took some time.
View full review »RB
reviewer1250178
Security Information Manager at a tech services company with 10,001+ employees
The initial setup is not so easy, but not so difficult. I would say it is medium difficulty.
View full review »Most of our clients use straightforward implementation; we recommend straightforward implementation because of the simplicity of the architecture and usage. For example, installing using the best practices for each product.
View full review »IL
Ives Laaf
Head of Compliance & Quality / CISO at a tech services company with 51-200 employees
The initial setup of this solution is straightforward.
It took approximately two hours to deploy, and because it is a cloud-based solution it does not require anybody for maintenance.
View full review »It's not straightforward, but it's not complex either. It could also be improved.
View full review »OO
reviewer1361028
Information Security Manager at a tech services company with 501-1,000 employees
The setup and installation were straightforward.
View full review »Buyer's Guide
Fortify on Demand
April 2024
Learn what your peers think about Fortify on Demand. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
768,740 professionals have used our research since 2012.