Fortify on Demand vs Seeker comparison

Fortify on Demand
Read 57 Fortify on Demand reviews
  • 9,788 Views
  • 7,210 Comparison Views
90% willing to recommend
Seeker
Read 1 Seeker review
  • 801 Views
  • 598 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Fortify on Demand and Seeker based on real PeerSpot user reviews.

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST).

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Static Application Security Testing (SAST) Report (Updated: June 2024).
Buyer's Guide
Static Application Security Testing (SAST)
June 2024
Download the complete report
Helped 787,779 peers since 2012
 

Categories and Ranking

Fortify on Demand
Ranking in Static Application Security Testing (SAST)
9th
Average Rating
8.0
Number of Reviews
57
Ranking in other categories
Application Security Tools (8th)
Seeker
Ranking in Static Application Security Testing (SAST)
25th
Average Rating
7.0
Number of Reviews
1
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of June 2024, in the Static Application Security Testing (SAST) category, the mindshare of Fortify on Demand is 4.8%, up from 3.7% compared to the previous year. The mindshare of Seeker is 0.6%, up from 0.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Static Application Security Testing (SAST)
Unique Categories:
Application Security Tools
5.7%
No other categories found
 

Featured Reviews

AM
Oct 31, 2023
A highly trusted and comprehensive application security testing solution, known for its seamless integration, advanced technical capabilities, and reliability
We use it to scan the bank's applications systematically. This process aims to identify and address security vulnerabilities within the applications, ensuring the robustness of our security measures It stands out by generating fewer false positives which has a distinct advantage, as it translates…
Read full review
San K - PeerSpot reviewer
Nov 7, 2022
More effective than dynamic scanners, but is missing useful learning capabilities
One area that Seeker can improve is to make it more customizable. All security scanning tools have a defined set of rules that are based on certain criteria which they will use to detect issues. However, the criteria that you set initially is not something that all applications are going to need. The purposes for which applications are designed may differ in practice in the industry, and because of this, there will always be tools that sometimes report false positives. Thus, there should be some means with which I can customize the way that Seeker learns about our applications, possibly by using some kind of AI / ML capability within the tool that will automatically reduce the number of false positives that we get as we use the tool over time. Obviously, when we first start using the scanning tool there will be false positives, but as it keeps going and as I keep using the tool, there should be a period of time where either the application can learn how to ignore false positives, or I can customize it do so. Adding this type of functionality would definitely prevent future issues when it comes to reporting false positives, and this is a key area that we have already asked the vendor to improve on, in general. On a different note, there is one feature that isn't completely available right now where you can integrate Seeker with an open-source vulnerability scanner or composition analysis tool such as Black Duck. I would very much like this capability to be available to us out-of-the-box, so that we can easily integrate with tools like Black Duck in such a way that any open source components that are used in the front-end are easily identified. I think this would be a huge plus for Seeker. Another feature within Seeker which could benefit from improvement is active verification, which lets you actively verify a vulnerability. This feature currently doesn't work in certain applications, particularly in scenarios where you have requested tokens. When we bought the tool, we didn't realize this and we were not told about it by the vendor, so initially it was a big challenge for us to overcome it and properly begin our deployment.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Fortify helps us to stay updated with the newest languages and versions coming out."
"The most valuable features are the server, scanning, and it has helped identify issues with the security analysis."
"Speed and efficiency are great features."
"Each bank may have its own core banking applications with proprietary support for different programming languages. This makes Fortify particularly relevant and advantageous in those cases."
"Fortify supports most languages. Other tools are limited to Java and other typical languages. IBM's solutions aren't flexible enough to support any language. Fortify also integrates with lots of tools because it has API support."
"Fortify on Demand is easy to use and the reporting is good."
"The feature that I find the most useful is being able to just see the vulnerabilities online while checking the code and then checking suggestions for fixing them."
"One of the valuable features is the ability to submit your code and have it run in the background. Then, if something comes up that is more specific, you have the security analyst who can jump in and help, if needed."
More Fortify on Demand pros
"A significant advantage of Seeker is that it is an interactive scanner, and we have found it to be much more effective in reducing the amount of false positives than dynamic scanners such as AppScan, Micro Focus Fortify, etc. Furthermore, with Seeker, we are finding more and more valid (i.e. "true") positives over time compared with the dynamic scanners."
 

Cons

"We would like a reduction in the time frame of scans. It takes us three to five days to run a scan now. We would like that reduced to under three days."
"Fortify on Demand could be improved with support in Russia."
"The technical support is actually a problem that needs to be addressed. Since the acquisition and merger with Hewlett Packard, it has been really hard to know who the technical or salesperson to talk to."
"The thing that could be improved is reducing the cost of usage and including some of the most pricey features, such as dynamic analysis and that sort of functionality, which makes the difference between different types of tools."
"Micro Focus Fortify on Demand could improve the reports. They could benefit from being more user-friendly and intuitive."
"Temenos's (T-24) info basic is a separate programming interface, and such proprietary platforms and programming interfaces were not easily supported by the out-of-the-box versions of Fortify."
"With Rapid7 I utilized its reporting capabilities to deliver Client Reports within just a few minutes of checking the data. I believe that HP’s FoD Clients could sell more services to clients if HP put more effort into delivering visually pleasing reporting capabilities."
"Fortify on Demand needs to improve its pricing."
More Fortify on Demand cons
"One area that Seeker can improve is to make it more customizable. All security scanning tools have a defined set of rules that are based on certain criteria which they will use to detect issues. However, the criteria that you set initially is not something that all applications are going to need."
 

Pricing and Cost Advice

"I'd rate it an eight out of ten in terms of pricing."
"Fortify on Demand is moderately priced, but its pricing could be more flexible."
"Their subscriptions could use a little bit of a reworking, but I am very happy with what they're able to provide."
"The price is fair compared to that of other solutions."
"We make an annual purchase of the licenses we need."
"Fortify on Demand is more expensive than Burpsuite. I rate its pricing a nine out of ten."
"Despite being on the higher end in terms of cost, the biggest value lies in its abilities, including robust features, seamless integration, and high-quality findings."
"The product's cost depends on the type of license."
More Fortify on Demand pricing and cost advice
"The licensing for Seeker is user-based and for 50 users I believe it costs about $70,000 per year."
report
See which vendors are best for you
Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
See recommendations
787,779 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
19%
Computer Software Company
14%
Manufacturing Company
11%
Government
8%
Financial Services Firm
26%
Computer Software Company
17%
Manufacturing Company
11%
Insurance Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Micro Focus Fortify on Demand?
It helps deploy and track changes easily as per time-to-time market upgrades.
See all answers
What is your experience regarding pricing and costs for Micro Focus Fortify on Demand?
Fortify on Demand is more expensive than Burpsuite. I rate its pricing a nine out of ten.
See all answers
What needs improvement with Micro Focus Fortify on Demand?
Fortify on Demand needs to improve its pricing.
See all answers
What do you like most about Seeker?
A significant advantage of Seeker is that it is an interactive scanner, and we have found it to be much more effective in reducing the amount of false positives than dynamic scanners such as AppSca...
See all answers
What is your experience regarding pricing and costs for Seeker?
The licensing for Seeker is user-based and for 50 users I believe it costs about $70,000 per year.
See all answers
What needs improvement with Seeker?
One area that Seeker can improve is to make it more customizable. All security scanning tools have a defined set of rules that are based on certain criteria which they will use to detect issues. Ho...
See all answers
 

Comparisons

SonarQube vs Fortify on Demand Logo
SonarQube vs Fortify on Demand
Compared 19% of the time
Veracode vs Fortify on Demand Logo
Veracode vs Fortify on Demand
Compared 15% of the time
Checkmarx One vs Fortify on Demand Logo
Checkmarx One vs Fortify on Demand
Compared 15% of the time
Coverity vs Fortify on Demand Logo
Coverity vs Fortify on Demand
Compared 9% of the time
Fortify WebInspect vs Fortify on Demand Logo
Fortify WebInspect vs Fortify on Demand
Compared 5% of the time
More Fortify on Demand Competitors
Synopsys API Security Testing vs Seeker Logo
Synopsys API Security Testing vs Seeker
Compared 21% of the time
Coverity vs Seeker Logo
Coverity vs Seeker
Compared 20% of the time
Contrast Security Assess vs Seeker Logo
Contrast Security Assess vs Seeker
Compared 17% of the time
SonarQube vs Seeker Logo
SonarQube vs Seeker
Compared 11% of the time
Polaris Software Integrity Platform vs Seeker Logo
Polaris Software Integrity Platform vs Seeker
Compared 10% of the time
More Seeker Competitors
 

Product Reports

Buyer's Guide
Fortify on Demand
June 2024
Fortify on Demand reportDownload Fortify on Demand product report
Buyer's Guide
Static Application Security Testing (SAST)
June 2024
Seeker reportDownload Seeker product report
 

Also Known As

Micro Focus Fortify on Demand
No data available
 

Learn More

OpenText
Synopsys
 

Overview

Fortify on Demand is a web application security testing tool that enables continuous monitoring. The solution is designed to help you with security testing, vulnerability management and tailored expertise, and is able to provide the support needed to easily create, supplement, and expand a software security assurance program without the need for additional infrastructure or resources.

Fortify on Demand Features

Fortify on Demand has many valuable key features. Some of the most useful ones include:

  • Deployment flexibility
  • Scalability
  • Built for DevSecOps
  • Ease of use
  • Supports 27+ languages
  • Real-time vulnerability identification with
  • Security Assistant
  • Actionable results in less than 1 hour for most applications with DevOps automation
  • Expanded coverage, accuracy and remediation details with IAST runtime agent
  • Continuous application monitoring of production applications
  • Virtual patches
  • Supports iOS and Android mobile applications
  • Security vulnerability identification
  • Behavioral and reputation analysis

Fortify on Demand Benefits

There are several benefits to implementing Fortify on Demand. Some of the biggest advantages the solution offers include:

  • Fast remediation: With Fortify on Demand you can achieve fast remediation throughout the software lifecycle with robust assessments by a team of security experts.
  • Easy integration: The solution’s integration ecosystem is easy to use, creating a more secure software supply chain.
  • Security testing: Fortify on Demand covers in-depth mobile app security testing, open-source analysis, and vendor application security management, in addition to static and dynamic testing.

Reviews from Real Users

Below are some reviews and helpful feedback written by PeerSpot users currently using the Fortify on Demand solution.

Dionisio V., Senior System Analyst at Azurian, says, "One of the top features is the source code review for vulnerabilities. When we look at source code, it's hard to see where areas may be weak in terms of security, and Fortify on Demand's source code review helps with that." He goes on to add, “Another reason I like Fortify on Demand is because our code often includes open source libraries, and it's important to know when the library is outdated or if it has any known vulnerabilities in it. This information is important to us when we're developing our solutions and Fortify on Demand informs us when it detects any vulnerable open source libraries.”

A Security Systems Analyst at a retailer mentions, “Being able to reduce risk overall is a very valuable feature for us.”

Jayashree A., Executive Manager at PepsiCo, comments, “Once we have our project created with our application pipeline connected to the test scanning, it only takes two minutes. The report explaining what needs to be modified related to security and vulnerabilities in our code is very helpful. We are able to do static and dynamic code scanning. When we are exploring some of the endpoints this solution identifies many loopholes that hackers could utilize for an attack. This has been very helpful and surprising how many vulnerabilities there can be.”

A Principal Solutions Architect at a security firm explains, “Its ability to perform different types of scans, keep everything in one place, and track the triage process in Fortify SSC stands out.”

PeerSpot user Mamta J., Co-Founder at TechScalable, states, "Almost all the features are good. This solution has simplified designing and architecting for our solutions. We were early adopters of microservices. Their documentation is good. You don't need to put in much effort in setting it up and learning stuff from scratch and start using it. The learning curve is not too much."

Seeker®, interactive application security testing (IAST) solution, gives you unparalleled visibility into your modern web, cloud based and microservices based app security posture. It automatically verifies, prioritizes and reports on critical vulnerabilities in real time. It identifies vulnerability trends against compliance standards (e.g., OWASP Top 10, PCI DSS, GDPR, CAPEC, and CWE/SANS Top 25). Seeker enables security teams to identify and track sensitive data to ensure that it is handled securely and not stored in log files or databases with weak or no encryption. Seeker’s seamless integration into CI/CD workflows enables fast interactive application security testing at DevOps speed.
 

Sample Customers

SAP, Aaron's, British Gas, FICO, Cox Automative, Callcredit Information Group, Vital and more.
El Al Airlines and Société Française du Radiotelephone
Buyer's Guide
Static Application Security Testing (SAST)
June 2024
Download Free Report
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST). Updated: June 2024.
DOWNLOAD NOW
787,779 professionals have used our research since 2012.
See our list of best Static Application Security Testing (SAST) vendors.

We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.