We just raised a $30M Series A: Read our story
2018-08-14T07:42:00Z

What is your primary use case for Micro Focus Fortify on Demand?

3

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

ITCS user
Guest
1919 Answers

author avatar
Top 5LeaderboardReal User

Whenever we have a new application we scan it using Micro Focus Fortify on Demand. We then receive a service connection from Azure DevOps to Micro Focus Fortify on Demand and the information from the application tested. We are using Micro Focus Fortify on Demand in two ways in most of our processes. We are either using it from our DevOps pipeline using Azure DevOps or the teams which are not yet onboarded in Azure DevOps, are running it manually by putting in the code then sending it to the security team where they will scan it. We use two solutions for our application testing. We use SonarQube for next-level unit testing and code quality and Micro Focus Fortify on Demand mostly for vulnerabilities and security concerns.

2021-09-08T21:04:13Z
author avatar
Top 5LeaderboardReal User

We are using it for application security testing. We have microservices and applications within the organization, and the testing is being done on a continuous basis right through the development cycle or the development chain. We are using its latest version. It is deployed on the cloud and on-premises.

2021-08-06T18:53:57Z
author avatar
Top 10Real User

We have an application sending service that we are providing to our customers and we are using Micro Focus Fortify on Demand to ensure our applications are secure.

2021-07-10T18:50:15Z
author avatar
Top 10Real User

We use it for normal, daily source code reviews and code analysis.

2021-05-08T09:55:10Z
author avatar
Top 10Real User

We're implementing DevSecOps in Fortify only a part of the big picture. We are implementing the entire secure development lifecycle.

2021-01-28T11:51:51Z
author avatar
Top 20Real User

We create technology solutions for clients and on one project we were requested to use Fortify on Demand after the client had read a good report about it. They sent us the report and recommended its use. In this case, we were using Java to program the client's solution and so we used Fortify on Demand alongside our Java development operations, for the purpose of improving the application's security. The work we were doing for the client involved creating a billing system that they would use to manage payments and taxes for other companies in Chile. We've only used Fortify on Demand for this one client so far. Because Fortify on Demand was so new to us, we decided to go with the trial version first and figure out the costing at a later stage.

2020-12-16T07:23:00Z
author avatar
Top 20Real User

All in-house developed code or a third-party developed code on our behalf is scanned via Fortify on Demand. Any results for unsecure code, vulnerabilities, or issues are passed back to the development teams for remediation.

2020-12-06T06:23:06Z
author avatar
Top 5LeaderboardReal User

We use Micro Focus Fortify on Demand to access web applications and more.

2020-11-30T16:58:55Z
author avatar
Top 20Real User

We use it for statistical analysis for Java applications that are used in the collection process of a bank. It is also used for an internal web page. The tellers use this web page in the branches to make money transactions, such as withdrawals, deposits, etc.

2020-10-30T08:22:22Z
author avatar
Top 10Real User

We are architecting applications for e-commerce websites similar to Amazon. Everything is running on the cloud, and Micro Focus Fortify on Demand is totally integrated with our solution at this point in time.

2020-10-07T07:04:39Z
author avatar
Top 20Real User

We use Micro Focus Fortify on Demand to check the vulnerabilities of developments that we perform.

2020-08-23T08:17:00Z
author avatar
Top 20Real User

I have been using this solution to gain some perspective from different architectures for the security team. I do not use it every day. I do have an overview and it is integrated with our development platform. I do work for our governance team, so whenever a project is coming I will review products. I need to connect with the project managers for testing them, and these tests include the vulnerability assessment along with other security efforts. One of the things that I suggest is using Micro Focus Fortify on Demand. The primary use case is core scanning for different vulnerabilities, based on standards. It beings with an architect who designs a model on a security-risk advisor platform. Then you have an idea of what the obstacles are. Once the code is scanned according to standards, you figure out where the gaps are. The team then suggests what needs to be done to the code to fix the vulnerabilities. The process repeats after the code is fixed until all of the vulnerabilities have been eliminated. When you take all of these things together, it is Security by design.

2020-01-12T12:03:00Z
author avatar
Top 20Real User

We are using Fortify on Demand as a static code analyzer. As it scans each application, it checks each line of code. When we are developing mobile applications there might be some kind of security vulnerability. One example is a check to see if information that is being transferred is not encrypted because this would be vulnerable to hackers who are trying to break into the system. We also look at whether were are using the network transport layer security. Our overall goal at this time is to protect our mobile app because it is one of the ways that hackers can break into the system.

2020-01-12T12:02:00Z
author avatar
Top 10Reseller

We recommend this product to our customers. We act as vendors and resellers. This is actually one of the solutions we often recommend to our customers most often. Usually, this is the best choice for banking and financial institutions. It is deployed by their development team in-house. They use it to manage and test product lifecycles.

2020-01-07T06:27:00Z
author avatar
Real User

Our primary use case for this solution is static code analysis.

2019-06-11T11:10:00Z
author avatar
Top 5Real User

We use Fortify on Demand to test our e-commerce website. We do static codes testing before it goes live.

2019-05-15T05:16:00Z
author avatar
Consultant

My primary use case is to help the teams in development. It helps us scan.

2018-10-28T09:33:00Z
author avatar
Vendor

We previously used it for static and dynamic scans, but now we use it only for dynamic scans. We have close to 85 products in-house, so we run a lot of scans.

2018-08-16T08:28:00Z
author avatar
Real User

We use it for externally exposed applications that we want to scan before releasing them to production. As you can imagine, it's important to make sure they're secure and that we will not be exposed. For internal apps, we use other static code scanning, primarily SonarQube. But Fortify on Demand is for externally exposed applications.

2018-08-14T07:42:00Z
Learn what your peers think about Micro Focus Fortify on Demand. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
542,608 professionals have used our research since 2012.