Fortify on Demand pros and cons

Vendor: OpenText

4.0 out of 5

56 reviews
90% willing to recommend

4,168 followers

Fortify on Demand Pros review quotes

JE

reviewer1050960

CISO at a retailer with 1,001-5,000 employees

May 15, 2019

The solution scans our code and provides us with a dashboard of all the vulnerabilities and the criticality of the vulnerabilities. It is very useful that they provide right then and there all the information about the vulnerability, including possible fixes, as well as some additional documentation and links to the authoritative sources of why this is an issue and what's the correct way to deal with it.

Read full review

CP

AbbasiPoonawala

Architecture Manager at Alinma Bank

Jul 6, 2023

Each bank may have its own core banking applications with proprietary support for different programming languages. This makes Fortify particularly relevant and advantageous in those cases.

Read full review

DV

Dionisio Valdés

Senior System Analyst at Azurian

Dec 16, 2020

One of the top features is the source code review for vulnerabilities. When we look at source code, it's hard to see where areas may be weak in terms of security, and Fortify on Demand's source code review helps with that.

Read full review

Fortify on Demand

Free Report: Fortify on Demand Reviews and More

Learn what your peers think about Fortify on Demand. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.

768,415 professionals have used our research since 2012.

RC

reviewer1078392

Security Systems Analyst at a retailer with 5,001-10,000 employees

Dec 6, 2020

Being able to reduce risk overall is a very valuable feature for us.

Read full review

BK

reviewer1263261

Sr. Enterprise Architect at a financial services firm with 5,001-10,000 employees

Jan 12, 2020

The most valuable feature is that it connects with your development platforms, such as Microsoft Information Server and Jira.

Read full review

JM

Jonathas De Morais

Enterprise Systems Analyst at a manufacturing company with 10,001+ employees

Aug 14, 2018

One of the valuable features is the ability to submit your code and have it run in the background. Then, if something comes up that is more specific, you have the security analyst who can jump in and help, if needed.

Read full review

Jayashree Acharyya

Director at PepsiCo

Sep 8, 2021

Once we have our project created with our application pipeline connected to the test scanning, it only takes two minutes. The report explaining what needs to be modified related to security and vulnerabilities in our code is very helpful. We are able to do static and dynamic code scanning.

Read full review

Director Consulting at CGI

Oct 28, 2018

I do not remember any issues with stability.

Read full review

FC

Fernando Carlos

Project Manager at Everis

Jan 28, 2021

The solution saves us a lot of money. We're trying to reduce exposure and costs related to remediation.

Read full review

PR

Vice President - Solution Architecture at a financial services firm with 10,001+ employees

Jan 12, 2020

Fortify on Demand is easy to use and the reporting is good.

Read full review

Show 10 more reviews (out of 48)

Fortify on Demand Cons review quotes

JE

reviewer1050960

CISO at a retailer with 1,001-5,000 employees

May 15, 2019

Primarily for a complex, advanced website, they don't really understand some of the functionalities. So for instance, they could tell us that there is a vulnerability because somebody could possibly do something, but they don't really understand the code to realize that we actually negate that vulnerability through some other mechanism in the program. In addition, the technical support is just not there. We have open tickets. They don't respond. Even if they respond, we're not seeing eye to eye. As the company got sold and bought, the support got worse.

Read full review

CP

AbbasiPoonawala

Architecture Manager at Alinma Bank

Jul 6, 2023

Temenos's (T-24) info basic is a separate programming interface, and such proprietary platforms and programming interfaces were not easily supported by the out-of-the-box versions of Fortify.

Read full review

DV

Dionisio Valdés

Senior System Analyst at Azurian

Dec 16, 2020

During development, when our developer makes changes to their code, they typically use GitHub or GitLab to track those changes. However, proper integration between Fortify on Demand and GitHub and GitLab is not there yet. Improved integration would be very valuable to us.

Read full review

Fortify on Demand

Free Report: Fortify on Demand Reviews and More

Learn what your peers think about Fortify on Demand. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.

768,415 professionals have used our research since 2012.

RC

reviewer1078392

Security Systems Analyst at a retailer with 5,001-10,000 employees

Dec 6, 2020

They have a release coming out, which is full of new features. Based on their roadmap, there's nothing that I would suggest for them to put in it that they haven't already suggested. However, I am a customer, so I always think the pricing is something that could be improved. I am working with them on that, and they're very flexible. They work with their customers and kind of tailor the product to the customer's needs. So far, I am very happy with what they're able to provide. Their subscriptions could use a little bit of a reworking, but that would be about it.

Read full review

BK

reviewer1263261

Sr. Enterprise Architect at a financial services firm with 5,001-10,000 employees

Jan 12, 2020

This solution would be improved if the code-quality perspective were added to it, on top of the security aspect.

Read full review

JM

Jonathas De Morais

Enterprise Systems Analyst at a manufacturing company with 10,001+ employees

Aug 14, 2018

It's still a little bit too complex for regular developers. It takes a little bit more time than usual. I know static code scan is not the main focus of the tool, but the overall time span to scan the code, and even to set up the code scanning, is a bit overwhelming for regular developers.

Read full review

Jayashree Acharyya

Director at PepsiCo

Sep 8, 2021

Micro Focus Fortify on Demand cannot be run from a Linux Agent. When we are coding the endpoint it will not work, we have to use Windows Agent. This is something they could improve.

Read full review

Director Consulting at CGI

Oct 28, 2018

There were some regulated compliances, which were not there.

Read full review

FC

Fernando Carlos

Project Manager at Everis

Jan 28, 2021

There's a bit of a learning curve. Our development team is struggling with following the rules and following the new processes.

Read full review

PR

Vice President - Solution Architecture at a financial services firm with 10,001+ employees

Jan 12, 2020

The vulnerability analysis does not always provide guidelines for what the developer should do in order to correct the problem, which means that the code has to be manually inspected and understood.

Read full review

Show 10 more reviews (out of 47)

Product Categories

Product Categories

Application Security Tools

Application Security Testing (AST)

Popular Comparisons

Popular Comparisons

SonarQube vs Fortify on Demand

Veracode vs Fortify on Demand

Checkmarx One vs Fortify on Demand

Snyk vs Fortify on Demand

GitLab vs Fortify on Demand

Coverity vs Fortify on Demand

OWASP Zap vs Fortify on Demand

Mend.io vs Fortify on Demand

Sonatype Lifecycle vs Fortify on Demand

PortSwigger Burp Suite Professional vs Fortify on Demand

SonarCloud vs Fortify on Demand

Acunetix vs Fortify on Demand

HCL AppScan vs Fortify on Demand

Qualys Web Application Scanning vs Fortify on Demand

Fortify WebInspect vs Fortify on Demand

See all alternatives

Product Categories

Product Categories

Application Security Tools

Application Security Testing (AST)

Popular Comparisons

Popular Comparisons

SonarQube vs Fortify on Demand

Veracode vs Fortify on Demand

Checkmarx One vs Fortify on Demand

Snyk vs Fortify on Demand

GitLab vs Fortify on Demand

Coverity vs Fortify on Demand

OWASP Zap vs Fortify on Demand

Mend.io vs Fortify on Demand

Sonatype Lifecycle vs Fortify on Demand

PortSwigger Burp Suite Professional vs Fortify on Demand

SonarCloud vs Fortify on Demand

Acunetix vs Fortify on Demand

HCL AppScan vs Fortify on Demand

Qualys Web Application Scanning vs Fortify on Demand

Fortify WebInspect vs Fortify on Demand

See all alternatives

Related questions

75

What Is The Biggest Difference Between Fortify on Demand And SonarQube?

25

What are the costs for Micro Focus Fortify on Demand?

1,380

If you had to both encrypt and compress data during transmission, which would you do first and why?

200

When evaluating Application Security, what aspect do you think is the most important to look for?

277

What are the threats associated with using ‘bogus’ cybersecurity tools?

639

What are the Top 5 cybersecurity trends in 2022?

45

Which application security solutions include both vulnerability scans and quality checks?

113

We're evaluating Tripwire, what else should we consider?

3,250

Is SonarQube the best tool for static analysis?

79

Why Do I Need Application Security Software?