Micro Focus Fortify on Demand Pros and Cons

Micro Focus Fortify on Demand Pros

reviewer1050960
CISO at a retailer with 1,001-5,000 employees
The solution scans our code and provides us with a dashboard of all the vulnerabilities and the criticality of the vulnerabilities. It is very useful that they provide right then and there all the information about the vulnerability, including possible fixes, as well as some additional documentation and links to the authoritative sources of why this is an issue and what's the correct way to deal with it.
View full review »
Dionisio Valdés
Senior System Analyst at Azurian
One of the top features is the source code review for vulnerabilities. When we look at source code, it's hard to see where areas may be weak in terms of security, and Fortify on Demand's source code review helps with that.
View full review »
reviewer1078392
Security Systems Analyst at a retailer with 5,001-10,000 employees
Being able to reduce risk overall is a very valuable feature for us.
View full review »
Learn what your peers think about Micro Focus Fortify on Demand. Get advice and tips from experienced pros sharing their opinions. Updated: January 2021.
456,249 professionals have used our research since 2012.
reviewer1263261
Sr. Enterprise Architect at a financial services firm with 5,001-10,000 employees
The most valuable feature is that it connects with your development platforms, such as Microsoft Information Server and Jira.
View full review »
Prakash-Rao
Vice President - Solution Architecture at a financial services firm with 10,001+ employees
Fortify on Demand is easy to use and the reporting is good.
View full review »
ChimaUzomba
Chief Executive & Certified Security Administrator at Boch
This product is top-notch solution and the technology is the best on the market.
View full review »
Mamta Jha
Co-Founder at TechScalable
Almost all the features are good. This solution has simplified designing and architecting for our solutions. We were early adopters of microservices. Their documentation is good. You don't need to put in much effort in setting it up and learning stuff from scratch and start using it. The learning curve is not too much.
View full review »
reviewer1345719
Project Analyst at a financial services firm with 1,001-5,000 employees
The most valuable feature is the capacity to be able to check vulnerabilities during the development process. The development team can check whether the code they are using is vulnerable to some type of attack or there is some type of vulnerability so that they can mitigate it. It helps us in achieving a more secure approach towards internal applications. It is an intuitive solution. It gives all the information that a developer needs to remediate a vulnerability in the coding process. It also gives you some examples of how to remediate a vulnerability in different programming languages. This solution is pretty much what we were searching for.
View full review »
reviewer1210665
Production Manager for Nearshore SWaT at a computer software company with 10,001+ employees
The feature that I find the most useful is being able to just see the vulnerabilities online while checking the code and then checking suggestions for fixing them.
View full review »
Appsecanst67
Senior Application Security Analyst at a financial services firm with 10,001+ employees
t's a cloud-based solution, so there was no installation involved.
View full review »

Micro Focus Fortify on Demand Cons

reviewer1050960
CISO at a retailer with 1,001-5,000 employees
Primarily for a complex, advanced website, they don't really understand some of the functionalities. So for instance, they could tell us that there is a vulnerability because somebody could possibly do something, but they don't really understand the code to realize that we actually negate that vulnerability through some other mechanism in the program. In addition, the technical support is just not there. We have open tickets. They don't respond. Even if they respond, we're not seeing eye to eye. As the company got sold and bought, the support got worse.
View full review »
Dionisio Valdés
Senior System Analyst at Azurian
During development, when our developer makes changes to their code, they typically use GitHub or GitLab to track those changes. However, proper integration between Fortify on Demand and GitHub and GitLab is not there yet. Improved integration would be very valuable to us.
View full review »
reviewer1078392
Security Systems Analyst at a retailer with 5,001-10,000 employees
They have a release coming out, which is full of new features. Based on their roadmap, there's nothing that I would suggest for them to put in it that they haven't already suggested. However, I am a customer, so I always think the pricing is something that could be improved. I am working with them on that, and they're very flexible. They work with their customers and kind of tailor the product to the customer's needs. So far, I am very happy with what they're able to provide. Their subscriptions could use a little bit of a reworking, but that would be about it.
View full review »
Learn what your peers think about Micro Focus Fortify on Demand. Get advice and tips from experienced pros sharing their opinions. Updated: January 2021.
456,249 professionals have used our research since 2012.
reviewer1263261
Sr. Enterprise Architect at a financial services firm with 5,001-10,000 employees
This solution would be improved if the code-quality perspective were added to it, on top of the security aspect.
View full review »
Prakash-Rao
Vice President - Solution Architecture at a financial services firm with 10,001+ employees
The vulnerability analysis does not always provide guidelines for what the developer should do in order to correct the problem, which means that the code has to be manually inspected and understood.
View full review »
ChimaUzomba
Chief Executive & Certified Security Administrator at Boch
The technical support is actually a problem that needs to be addressed. Since the acquisition and merger with Hewlett Packard, it has been really hard to know who the technical or salesperson to talk to.
View full review »
Mamta Jha
Co-Founder at TechScalable
In terms of communication, they can integrate a few more third-party tools. It would be great if we can have more options for microservice communication. They can also improve the securability a bit more because security is one of the biggest aspects these days when you are using the cloud. Some more security features would be really helpful.
View full review »
reviewer1345719
Project Analyst at a financial services firm with 1,001-5,000 employees
It natively supports only a few languages. They can include support for more native languages. The response time from the support team can also be improved. They can maybe include video tutorials explaining the remediation process. The remediation process is sometimes not that clear. It would be helpful to have videos. Sometimes, the solution that the tool gives in the GUI is not straightforward to understand for the developer. At present, for any such issues, you have to create a ticket for the support team and request help from the support team.
View full review »
reviewer1210665
Production Manager for Nearshore SWaT at a computer software company with 10,001+ employees
The thing that could be improved is reducing the cost of usage and including some of the most pricey features, such as dynamic analysis and that sort of functionality, which makes the difference between different types of tools.
View full review »
Appsecanst67
Senior Application Security Analyst at a financial services firm with 10,001+ employees
The solution has some issues with latency. Sometimes it takes a while to respond. This issue should be addressed.
View full review »
Learn what your peers think about Micro Focus Fortify on Demand. Get advice and tips from experienced pros sharing their opinions. Updated: January 2021.
456,249 professionals have used our research since 2012.