What is your primary use case for Micro Focus Fortify on Demand?

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

88 Answers

author avatar
Top 10Real User

I have been using this solution to gain some perspective from different architectures for the security team. I do not use it every day. I do have an overview and it is integrated with our development platform. I do work for our governance team, so whenever a project is coming I will review products. I need to connect with the project managers for testing them, and these tests include the vulnerability assessment along with other security efforts. One of the things that I suggest is using Micro Focus Fortify on Demand. The primary use case is core scanning for different vulnerabilities, based on standards. It beings with an architect who designs a model on a security-risk advisor platform. Then you have an idea of what the obstacles are. Once the code is scanned according to standards, you figure out where the gaps are. The team then suggests what needs to be done to the code to fix the vulnerabilities. The process repeats after the code is fixed until all of the vulnerabilities have been eliminated. When you take all of these things together, it is Security by design.

author avatar
Top 10Real User

We are using Fortify on Demand as a static code analyzer. As it scans each application, it checks each line of code. When we are developing mobile applications there might be some kind of security vulnerability. One example is a check to see if information that is being transferred is not encrypted because this would be vulnerable to hackers who are trying to break into the system. We also look at whether were are using the network transport layer security. Our overall goal at this time is to protect our mobile app because it is one of the ways that hackers can break into the system.

author avatar
Top 5Reseller

We recommend this product to our customers. We act as vendors and resellers. This is actually one of the solutions we often recommend to our customers most often. Usually, this is the best choice for banking and financial institutions. It is deployed by their development team in-house. They use it to manage and test product lifecycles.

author avatar
Top 20Real User

Our primary use case for this solution is static code analysis.

author avatar
Top 5LeaderboardReal User

We use Fortify on Demand to test our e-commerce website. We do static codes testing before it goes live.

author avatar

My primary use case is to help the teams in development. It helps us scan.

author avatar

We previously used it for static and dynamic scans, but now we use it only for dynamic scans. We have close to 85 products in-house, so we run a lot of scans.

author avatar
Real User

We use it for externally exposed applications that we want to scan before releasing them to production. As you can imagine, it's important to make sure they're secure and that we will not be exposed. For internal apps, we use other static code scanning, primarily SonarQube. But Fortify on Demand is for externally exposed applications.

Learn what your peers think about Micro Focus Fortify on Demand. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
441,850 professionals have used our research since 2012.