WebInspect Reviews

WebInspect is the #11 ranked solution of our top Application Security Testing (AST) tools. It's rated 3.4 out of 5 stars, and is most commonly compared to Micro Focus Fortify on Demand - WebInspect vs Micro Focus Fortify on Demand

Filter by:
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Milin Shah
Real User
Information Security Architect at a real estate/law firm with 1,001-5,000 employees
Jul 14 2019

What is most valuable?

I've found the centralized dashboard the most valuable. For management, it helps a lot to have abilities at the central level.

What needs improvement?

The solution needs improvements from the scanning and the technical perspective. In the next release, we would love to see smooth scale mobile testing - if it has similar to testing with wider applications for different technologies as well… more »

What's my experience with pricing, setup cost, and licensing?

I'm not sure about the licensing, but on the pricing, it's a bit costly. It's a bit overpriced. Though it is an enterprise tool, there are other tools with similar functionalities. The pricing is a little more costly than other regular… more »

Which solution did I use previously and why did I switch?

I haven't used any different solution here, but in another organization, I have used multiple application scanning products. I've used IBM scan. I have used SecuRex. Those were good as well.

What other advice do I have?

I am currently evolving, going through the product. We have yet to go through all the features and functionalities of the product. The way it checks for vulnerabilities helps a lot. It makes the most of the check for vulnerabilities. The… more »
Real User
Assoc. Director at a tech services company with 10,001+ employees
Feb 12 2020

What is most valuable?

In terms of its most valuable features, it is scalable and very easy to use.

What needs improvement?

Right now, it's kind of bulky. There are a lot of newer generation tools coming out that are easier. Also, when it comes to the installation and deployment, they inspect the enterprise. It was ok with the scale, but still I think they can… more »

Which solution did I use previously and why did I switch?

I previously used AppScan. We switched due to an overall change in our organization in Azure. IBM sold this to HCL so there is no IBM grant attached to it.

What other advice do I have?

Yes, I would recommend WebInspect. It is a good product, comparable to AppScan. It is quite scalable, and good cost/value with the support and backing from Micro Focus. It's good and I definitely recommend it. On a scale of one to ten, I… more »

Which other solutions did I evaluate?

We did evaluate AppScan for this task. Both solutions are good. We also evaluated Oracle of course, but it is purely a SaaS solution and that's the reason it was not considered.
Find out what your peers are saying about Micro Focus, HCL, PortSwigger and others in Application Security Testing (AST). Updated: September 2020.
438,246 professionals have used our research since 2012.
Real User
Sr. Manager Business Operations Protection at a consumer goods company with 10,001+ employees
Jul 22 2020

What is most valuable?

The accuracy of its scans is great. Provided it does not freeze, or somebody from another team is not trying to use the same resources, it works well. The integration with the Fortify code scanner is nice because you combine those two elements and get one output.

What needs improvement?

Our biggest complaint about this product is that it freezes up, and literally doesn't work for us. It may be in part the way we have it set up, or how we've licensed it. It is awkward and not very friendly to work with. The version that I am using is not capable of generating reports to HTML or PDF… more »

What's my experience with pricing, setup cost, and licensing?

Our licensing is such that you can only run one scan at a time, which is inconvenient. The licensing was bundled with Fortify so I'm sure that we paid for it in some context, although I don't know what the exact cost would be.

What other advice do I have?

We are using this WebInspect in conjunction with Fortify. We're not using the client-host based deployment, but rather, a web-based one. The agent is not installed on my machine. The suitability of this product depends on your use case. If you're trying to do what we're doing in QA and security then… more »
Real User
Security Researcher at a tech services company with 51-200 employees
May 05 2020

What is most valuable?

The most valuable feature is the performance. The user interface is ok and it is very simple to use.

What needs improvement?

There were times when we had to run the login sequence several times in order to capture it properly. It took us between eight and ten hours to scan an entire site, which is somewhat slow and something that I think can be improved.

Which solution did I use previously and why did I switch?

I have used Qualys in the past but more for vulnerability management in the infrastructure, as opposed to web application security.

What other advice do I have?

I would rate this solution a seven out of ten.

Which other solutions did I evaluate?

I have been told by friends and colleagues that Acunetix is better, so I will be evaluating that solution in the future.
Real User
Senior Software Developer at a financial services firm with 10,001+ employees
Nov 14 2019

What is most valuable?

It's a well-known platform for doing dynamic application scanning.

What needs improvement?

The solution needs better integration with Microsoft's Azure Cloud or an extension of Azure DevOps. In fact, it should better integrate with any cloud provider. Right now, it's quite difficult to integrate with that solution, from the cloud perspective.

What other advice do I have?

We're using the public cloud deployment model. Our provider is Microsoft. We just chose the solutions for dynamic scanning and static scanning, but we haven't performed any scanning yet. I'd recommend it; I'd rate the solution seven out of ten.
Fernando Vizer
Real User
Senior Information Technology Architect at a tech vendor with 11-50 employees
Apr 01 2020

What is most valuable?

The most valuable feature is the static analysis.

What needs improvement?

Creating reports is very slow and it is something that should be improved. In the future, I would like to see better integration between static analysis and dynamic analysis.

What's my experience with pricing, setup cost, and licensing?

The pricing is not clear and while it is not high, it is difficult to understand.

Which solution did I use previously and why did I switch?

Prior to using WebInspect, I was using SonarQube. The problem with SonarQube is that they are not very good at analyzing ASP.NET applications, so I gave up on it.

What other advice do I have?

I would rate this solution an eight out of ten.
WebInspect677
Consultant
Senior Consultant at a tech services company with 1,001-5,000 employees
Jul 01 2019

What do you think of WebInspect?

What needs improvement?

The service can be improved by creating a reduction of false positives.

For how long have I used the solution?

I've been using the solutions for the last three months.

What do I think about the scalability of the solution?

My organization is a big organization so I don't know exactly if my organization will increase usage.

How are customer service and technical support?

My experience with technical support has been good.

Which solution did I use previously and why did I switch?

We did use a different solution previously.

How was the initial setup?

The initial setup was complex.

What other advice do I have?

Currently, I'm satisfied with the solution. I would rate this product a 7 out of 10.

What is WebInspect?

Most enterprises rely heavily on the Web to conduct their normal operations, whether providing services, a mechanism for retail sales, or a host of other functions. Yet, most still struggle with efficiently managing their application security risks. For one thing, they need solutions of scale that can be used to manage thousands of active sites and assessments while also tracking discovered vulnerabilities, retesting procedures, and more. They need to perform repeated security tests to address compliance with regulations, legislation, and internal security policies and also see how their risk posture has changed over time. The enterprises have to protect their data, brand, and bottom line from the harsh impacts of what successful vulnerability exploitation could bring. Micro Focus WebInspect Enterprise enables organizations to solve these security problems quickly, efficiently, and intelligently.
Also known as
Micro Focus WebInspect, Fortify WebInspect
WebInspect customers

Aaron's

Read Archived Reviews
BUYER'S GUIDE
Download our free Application Security Testing (AST) Report and find out what your peers are saying about Micro Focus, HCL, PortSwigger, and more!