Micro Focus Fortify on Demand Pros and Cons

Micro Focus Fortify on Demand Pros

Cinfooffice09987
CISO at a retailer with 1,001-5,000 employees
The solution scans our code and provides us with a dashboard of all the vulnerabilities and the criticality of the vulnerabilities. It is very useful that they provide right then and there all the information about the vulnerability, including possible fixes, as well as some additional documentation and links to the authoritative sources of why this is an issue and what's the correct way to deal with it.
View full review »
reviewer1263261
Sr. Enterprise Architect at a financial services firm with 5,001-10,000 employees
The most valuable feature is that it connects with your development platforms, such as Microsoft Information Server and Jira.
View full review »
Jonathas De Morais
Enterprise Systems Analyst at a manufacturing company with 10,001+ employees
One of the valuable features is the ability to submit your code and have it run in the background. Then, if something comes up that is more specific, you have the security analyst who can jump in and help, if needed.
View full review »
Find out what your peers are saying about Micro Focus, SonarQube, Checkmarx and others in Application Security. Updated: March 2020.
406,860 professionals have used our research since 2012.
KavithaSridhar
Director Consulting at a tech services company with 10,001+ employees
I do not remember any issues with stability.
The licensing was good.
The installation was easy.
View full review »
Prakash-Rao
Vice President - Solution Architecture at a financial services firm with 10,001+ employees
Fortify on Demand is easy to use and the reporting is good.
View full review »
ChimaUzomba
Chief Executive & Certified Security Administrator at Boch
This product is top-notch solution and the technology is the best on the market.
View full review »
Appsecanst67
Senior Application Security Analyst at a financial services firm with 10,001+ employees
t's a cloud-based solution, so there was no installation involved.
View full review »
Nixon B
Senior Cyber Security Analyst at a financial services firm with 1,001-5,000 employees
It improves future security scans.
Fortify helps us to stay updated with the newest languages and versions coming out.
View full review »
Ives Laaf
Head of Compliance & Quality / CISO at a tech services company with 51-200 employees
The static code analyzers are the most valuable features of this solution.
View full review »
Elina Petrovna
Professor at BitBrainery University
It has saved us a lot of time as we focus primarily on programming rather than tool operational work.
View full review »

Micro Focus Fortify on Demand Cons

Cinfooffice09987
CISO at a retailer with 1,001-5,000 employees
Primarily for a complex, advanced website, they don't really understand some of the functionalities. So for instance, they could tell us that there is a vulnerability because somebody could possibly do something, but they don't really understand the code to realize that we actually negate that vulnerability through some other mechanism in the program. In addition, the technical support is just not there. We have open tickets. They don't respond. Even if they respond, we're not seeing eye to eye. As the company got sold and bought, the support got worse.
View full review »
reviewer1263261
Sr. Enterprise Architect at a financial services firm with 5,001-10,000 employees
This solution would be improved if the code-quality perspective were added to it, on top of the security aspect.
View full review »
Jonathas De Morais
Enterprise Systems Analyst at a manufacturing company with 10,001+ employees
It's still a little bit too complex for regular developers. It takes a little bit more time than usual. I know static code scan is not the main focus of the tool, but the overall time span to scan the code, and even to set up the code scanning, is a bit overwhelming for regular developers.
If you have a continuous integration in place, for example, and you want it to run along with your build and you want it to be fast, you're not going to get it. It adds to your development time.
View full review »
Find out what your peers are saying about Micro Focus, SonarQube, Checkmarx and others in Application Security. Updated: March 2020.
406,860 professionals have used our research since 2012.
KavithaSridhar
Director Consulting at a tech services company with 10,001+ employees
There were some regulated compliances, which were not there.
View full review »
Prakash-Rao
Vice President - Solution Architecture at a financial services firm with 10,001+ employees
The vulnerability analysis does not always provide guidelines for what the developer should do in order to correct the problem, which means that the code has to be manually inspected and understood.
View full review »
ChimaUzomba
Chief Executive & Certified Security Administrator at Boch
The technical support is actually a problem that needs to be addressed. Since the acquisition and merger with Hewlett Packard, it has been really hard to know who the technical or salesperson to talk to.
View full review »
Appsecanst67
Senior Application Security Analyst at a financial services firm with 10,001+ employees
The solution has some issues with latency. Sometimes it takes a while to respond. This issue should be addressed.
View full review »
Nixon B
Senior Cyber Security Analyst at a financial services firm with 1,001-5,000 employees
Sometimes when we run a full scan, we have a bunch of issues in the code. We should not have any issues.
We would like a reduction in the time frame of scans. It takes us three to five days to run a scan now. We would like that reduced to under three days.
View full review »
Ives Laaf
Head of Compliance & Quality / CISO at a tech services company with 51-200 employees
The reporting capabilities need improvement, as there are some features that we would like to have but are not available at the moment.
View full review »
Elina Petrovna
Professor at BitBrainery University
It lacks of some important features that the competitors have, such as Software Composition Analysis, full dead code detection, and Agile Alliance's Best Practices and Technical Debt.
View full review »
Find out what your peers are saying about Micro Focus, SonarQube, Checkmarx and others in Application Security. Updated: March 2020.
406,860 professionals have used our research since 2012.