We performed a comparison between Check Point CloudGuard WAF and Fortify on Demand based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I find the configuration and real-time monitoring features valuable."
"It seamlessly protects through machine learning, giving us visibility into potential attacks and where they come from."
"The portal is quite intuitive."
"Its ability to adapt to our applications and ensure our security policies are followed is a big plus."
"The features I have found most valuable are the comprehensive threat prevention capabilities, automated policy management, and seamless integration with cloud environments."
"The tool's most valuable feature is AI, which makes operations easier. Moreover, it is easy to deploy."
"It is a very scalable and stable solution."
"On the endpoint side, the most valuable feature is undoubtedly the cloud-based management capability, along with the ransomware protection, despite not encountering any instances so far."
"The features that I have found most valuable include its security scan, the vulnerability finds, and the web interface to search and review the issues."
"Provides good depth of scanning and we get good results."
"It is a very easy tool for developers to use in parallel while they're doing the coding. It does auto scanning as we are progressing with the CI/CD pipeline. It has got very simple and efficient API support."
"The solution scans our code and provides us with a dashboard of all the vulnerabilities and the criticality of the vulnerabilities. It is very useful that they provide right then and there all the information about the vulnerability, including possible fixes, as well as some additional documentation and links to the authoritative sources of why this is an issue and what's the correct way to deal with it."
"The SAST feature is the most valuable."
"The most important feature of the product is to follow today's technology fast, updated rules and algorithms (of the product)."
"I don’t know of any other On-Demand enterprise solution like this one where we can load the details and within a few days, receive the results of intrusion attacks, and work with HP Security Experts when needed for clarification"
"The vulnerability detection and scanning are awesome features."
"For the next release, I would suggest considering features like enhanced threat intelligence integration."
"I do not know if it is already there, but I would like to have complete visibility between the posture management and firewall as a service."
"CloudGuard for Application Security, like the other Check Point applications, has been presenting major latency problems when entering their administrative portal."
"Improving the process for handling licensing renewals would be a welcome enhancement."
"I have encountered issues with Check Point CloudGuard Application Security's technical support. It also has missing configuration features."
"One of the big problems we found in Check Point, in general, is the support."
"There are occasions when it interfaces with other systems, leading to a loss of visibility."
"They should improve in the delivery of more detailed reports with more information."
"During development, when our developer makes changes to their code, they typically use GitHub or GitLab to track those changes. However, proper integration between Fortify on Demand and GitHub and GitLab is not there yet. Improved integration would be very valuable to us."
"We have some stability issues, but they are minimal."
"Temenos's (T-24) info basic is a separate programming interface, and such proprietary platforms and programming interfaces were not easily supported by the out-of-the-box versions of Fortify."
"We want a user-based control and role-based access for developers. We want to give limited access to developers so that it only pertains to the code that they write and scanning of the codes for any vulnerabilities as they're progressing with writing the code. As of now, the interface to give restricted access to the developers is not the best. It gives them more access than what is basically required, but we don't want over-provisioning and over-access."
"This solution would be improved if the code-quality perspective were added to it, on top of the security aspect."
"Micro Focus Fortify on Demand could improve the user interface by making it more user-friendly."
"I would like the solution to add AI support."
"They have a release coming out, which is full of new features. Based on their roadmap, there's nothing that I would suggest for them to put in it that they haven't already suggested. However, I am a customer, so I always think the pricing is something that could be improved. I am working with them on that, and they're very flexible. They work with their customers and kind of tailor the product to the customer's needs. So far, I am very happy with what they're able to provide. Their subscriptions could use a little bit of a reworking, but that would be about it."
Check Point CloudGuard WAF is ranked 12th in Application Security Tools with 28 reviews while Fortify on Demand is ranked 11th in Application Security Tools with 56 reviews. Check Point CloudGuard WAF is rated 8.8, while Fortify on Demand is rated 8.0. The top reviewer of Check Point CloudGuard WAF writes "Automation capabilities also help streamline security processes and smooths down API integration processes and detects API availability". On the other hand, the top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". Check Point CloudGuard WAF is most compared with SonarQube and Checkmarx One, whereas Fortify on Demand is most compared with SonarQube, Checkmarx One, Veracode, Coverity and Fortify WebInspect. See our Check Point CloudGuard WAF vs. Fortify on Demand report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.