We performed a comparison between Fortify Application Defender and Fortify on Demand based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Its ability to find security defects is valuable."
"The most valuable feature is that it analyzes data in real-time."
"I find the configuration of rules in Fortify Application Defender useful. Its integration is also easy."
"The information from Fortify Application Defender on how to fix and solve issues is very good compared to other solutions."
"The solution helped us to improve the code quality of our organization."
"The most valuable feature is the ability to automatically feed it rules what it's coupled with the WebInspect dynamic application scanning technology."
"The tool's most valuable feature is software composition analysis. This feature works well with my .NET applications, providing a better understanding of library vulnerabilities."
"The product saves us cost and time."
"It is a very easy tool for developers to use in parallel while they're doing the coding. It does auto scanning as we are progressing with the CI/CD pipeline. It has got very simple and efficient API support."
"The user interface is good."
"It is an extremely robust, scalable, and stable solution."
"The features that I have found most valuable include its security scan, the vulnerability finds, and the web interface to search and review the issues."
"The UL is easy to use compared to that of other tools, and it is highly reliable. The findings provide a lower number of false positives."
"The most valuable feature is that it connects with your development platforms, such as Microsoft Information Server and Jira."
"Speed and efficiency are great features."
"Being able to reduce risk overall is a very valuable feature for us."
"I encountered many false positives for Python applications."
"Fortify Application Defender gives a lot of false positives."
"Support for older compilers/IDEs is lacking."
"The workbench is a little bit complex when you first start using it."
"The product should integrate industry-standard code review tools internally with its system. This would streamline the coding process, as developers wouldn't need multiple tools for code review and security checks. Many independent and open-source tools are available, from Apache to various libraries. Using multiple DevOps pipeline tools can slow the turnaround time."
"The licensing can be a little complex."
"The solution is quite expensive."
"The false positive rate should be lower."
"We have some stability issues, but they are minimal."
"We want a user-based control and role-based access for developers. We want to give limited access to developers so that it only pertains to the code that they write and scanning of the codes for any vulnerabilities as they're progressing with writing the code. As of now, the interface to give restricted access to the developers is not the best. It gives them more access than what is basically required, but we don't want over-provisioning and over-access."
".NET code scanning is still dependent on building the code base before running any scan. Also, it's dependent on an IDE such as Visual Studio."
"Micro Focus Fortify on Demand could improve the reports. They could benefit from being more user-friendly and intuitive."
"There are many false positives identified by the solution."
"Fortify on Demand could be improved with support in Russia."
"This solution would be improved if the code-quality perspective were added to it, on top of the security aspect."
"Takes up a lot of resources which can slow things down."
Fortify Application Defender is ranked 30th in Application Security Tools with 11 reviews while Fortify on Demand is ranked 8th in Application Security Tools with 57 reviews. Fortify Application Defender is rated 7.8, while Fortify on Demand is rated 8.0. The top reviewer of Fortify Application Defender writes "Useful for fast code review in devOps pipelines ". On the other hand, the top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". Fortify Application Defender is most compared with Checkmarx One, CAST Application Intelligence Platform, Coverity, SonarQube and Veracode, whereas Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Fortify WebInspect. See our Fortify Application Defender vs. Fortify on Demand report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.