Fortify Application Defender vs GitHub comparison

Fortify Application Defender

Read 94 GitHub reviews

3,586 Views
2,116 Comparison Views

100% willing to recommend

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jul 13, 2025

GitHub and Fortify Application Defender cater to application management, with GitHub leading in development features and community support, while Fortify focuses on advanced security capabilities.

Features: GitHub offers robust version control, exceptional collaboration tools, and a vast ecosystem of integrations, enhancing its usability in diverse projects. Fortify Application Defender is equipped with real-time remediation, dynamic scanning, and software composition analysis, providing strong security for applications.

Room for Improvement: GitHub could enhance security measures, improve project management tools, and address challenges with large file management. Fortify Application Defender needs better support for various code languages, should reduce false positives, and simplify its licensing options.

Ease of Deployment and Customer Service: GitHub, primarily cloud-based, offers significant community support but needs more consistent official support. Fortify Application Defender provides on-premises deployment crucial for specific security needs, yet its customer service requires improvements for larger implementations.

Pricing and ROI: GitHub provides a free tier with affordable professional pricing, ideal for smaller teams. Fortify Application Defender is considered expensive, justified by its thorough security features, making it suitable for enterprises requiring extensive protection.

To learn more, read our detailed Fortify Application Defender vs. GitHub Report (Updated: July 2025).

Fortify Application Defender vs. GitHub

July 2025

Download the complete report

Helped 865,384 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortify Application Defender

Ranking in Application Security Tools

25th

Average Rating

7.8

Reviews Sentiment

6.6

Number of Reviews

Ranking in other categories

No ranking in other categories

GitHub

Ranking in Application Security Tools

6th

Average Rating

8.8

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

Version Control (3rd)

Mindshare comparison

As of August 2025, in the Application Security Tools category, the mindshare of Fortify Application Defender is 0.8%, up from 0.7% compared to the previous year. The mindshare of GitHub is 0.9%, down from 1.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Application Security Tools

Featured Reviews

Saroj-Patnaik

Software Development Engineer 3 at Ernst & Young

Reliable solution with excellent machine learning algorithms but expensive and lacking support

I primarily use Fortify Application Defender to assess whether our products can defend against applications Fortify Application Defender's most valuable features are machine learning algorithms, real-time remediation, and automatic vulnerability notifications. Fortify Application Defender gives…

Read full review

Kamalanadha Reddy

Senior DevOps Engineer at Simplify3x Software Private Limited

Improved deployment pipeline visibility with generally good support

My primary use case involves working with GitHub for code management. I have extensive experience using it for various tasks, such as creating repositories, managing pull requests, and utilizing GitHub Actions for automating workflows GitHub contributes to efficient project management by…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The product saves us cost and time."

"The solution helped us to improve the code quality of our organization."

"The tool's most valuable feature is software composition analysis. This feature works well with my .NET applications, providing a better understanding of library vulnerabilities."

"Its ability to find security defects is valuable."

"We are able to provide out customers with a secure application after development. They are no longer left wondering if they are vulnerable to different threats within the market following deployment."

"I find the configuration of rules in Fortify Application Defender useful. Its integration is also easy."

"The most valuable feature is that it analyzes data in real-time."

"The most valuable features of Fortify Application Defender are the code packages that are default."

More Fortify Application Defender pros

"The most valuable aspects of GitHub are version control and parallel development. I also appreciate the forking part, which allows us to release a specific set of features to the environment."

"GitHub is easy, secure, and widely documented."

"I like the CI/CD features."

"GitHub have a built-in software application development environment and this has been most useful."

"GitHub's source code management is top-notch. It's easy to inspect changes and visualize code and differences. Their action system is comprehensive in terms of making changes and automation."

"The most valuable features of GitHub are the ease of integration into Microsoft Azure DevOps. The process that you need to deploy into Microsoft Azure becomes fairly simple and the templates are already available, a lot of the engineers find it easier to use."

"I would rate the stability a ten out of ten."

"We use GitHub as a repository."

More GitHub pros

Cons

"The biggest complaint that I have heard concerns additional platform support because right now, it only supports applications that are written in .NET and Java."

"The product should integrate industry-standard code review tools internally with its system. This would streamline the coding process, as developers wouldn't need multiple tools for code review and security checks. Many independent and open-source tools are available, from Apache to various libraries. Using multiple DevOps pipeline tools can slow the turnaround time."

"The licensing can be a little complex."

"The solution is quite expensive."

"I encountered many false positives for Python applications."

"The false positive rate should be lower."

"The solution could improve the time it takes to scan. When comparing it to SonarQube it does it in minutes while in Fortify Application Defender it can take hours."

"Fortify Application Defender gives a lot of false positives."

More Fortify Application Defender cons

"I cannot recall coming across any shortcomings of the product."

"The solution's cost is high and should be reduced."

"I would want to see some form of code security scanning implemented."

"The solution could have better support for the Markdown language."

"The sign in process is a bit difficult."

"There is a bit of a learning curve."

"As of now, if I would like to learn about GitHub or its features, I would have to look on YouTube. It would be nice if they were able to send out a newsletter with explanations of new features that they are offering and what features are available."

"GitHub should provide more integration in their next release, including integrating with Jenkins, CI/CD and Jira."

More GitHub cons

Pricing and Cost Advice

"The price of this solution could be less expensive."

"The base licensing costs for the SaaS platform is about $900 USD per application, per year."

"The licensing is very complex, it's project based and can range from $10,000 to $200,000+ depending on the project type and size."

"The product’s price is much higher than other tools."

"Fortify Application Defender is very expensive."

"I rate the solution's pricing a five out of ten. It comes as an annual cloud subscription. The tool's pricing is around 50 lakhs."

"If there are only 10 people using a particular repository, then GitHub is free. But if we increase the number of users, we need to pay the normal charge for GitHub."

"I haven't had to pay anything for GitHub, I use the free version."

"I use the free version of the tool."

"I am using the free version of the solution. However, there are some costs my organization pays."

"The product is reasonably priced."

"It is open-source. There is no license for GitHub."

"If I consider the market standards, the product's price is pocket-friendly."

"I think, in terms of price, GitHub is okay compared to other tools."

More GitHub pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.

See recommendations

865,384 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Manufacturing Company

17%

Financial Services Firm

16%

Computer Software Company

11%

Government

Computer Software Company

11%

Financial Services Firm

11%

Manufacturing Company

Comms Service Provider

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Fortify Application Defender?

I find the configuration of rules in Fortify Application Defender useful. Its integration is also easy.

What needs improvement with Fortify Application Defender?

The product should integrate industry-standard code review tools internally with its system. This would streamline the coding process, as developers wouldn't need multiple tools for code review and...

What is your primary use case for Fortify Application Defender?

We use the solution for fast code review. It is integrated into our DevOps pipeline.

What do you like most about GitHub?

The control is the most valuable feature as developers can work on a single code.

What is your experience regarding pricing and costs for GitHub?

I am not aware about the pricing, so I will not be able to give feedback.

What needs improvement with GitHub?

Sometimes we do not get the exact solution, and the suggested solution does not work, so GitHub could improve in that area. We have used GitHub mainly for the code generation part. That is the only...

Checkmarx One vs Fortify Application Defender

Comparisons

Compared 20% of the time

SonarQube Server (formerly SonarQube) vs Fortify Application Defender

Compared 13% of the time

Coverity vs Fortify Application Defender

Compared 13% of the time

Qualys Web Application Scanning vs Fortify Application Defender

Compared 11% of the time

Veracode vs Fortify Application Defender

Compared 9% of the time

More Fortify Application Defender Competitors

Bitbucket vs GitHub

Compared 15% of the time

Snyk vs GitHub

Compared 11% of the time

OpenText Core Application Security vs GitHub

Compared 8% of the time

Atlassian SourceTree vs GitHub

Compared 7% of the time

AWS CodeCommit vs GitHub

Compared 6% of the time

More GitHub Competitors

Product Reports

Application Security Tools

July 2025

Download Fortify Application Defender product report

Download GitHub product report

August 2025

Also Known As

HPE Fortify Application Defender, Micro Focus Fortify Application Defender

No data available

Overview

Micro Focus Security Fortify Application Defender is a runtime application self-protection (RASP) solution that helps you manage and mitigate risk from homegrown or third-party applications. It provides centralized visibility into application use and abuse while protecting from software vulnerability exploits and other violations in real time.

OpenText

GitHub is a web-based Git repository hosting service. It offers all of the distributed revision control and source code management (SCM) functionality of Git as well as adding its own features. Unlike Git, which is strictly a command-line tool, GitHub provides a Web-based graphical interface and desktop as well as mobile integration. It also provides access control and several collaboration features such as bug tracking, feature requests, task management, and wikis for every project.

Sample Customers

ServiceMaster, Saltworks, SAP

Dominion Enterprises, NASA, Braintree, SAP, CyberAgent