We performed a comparison between Fortify Application Defender and Fortify on Demand based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The information from Fortify Application Defender on how to fix and solve issues is very good compared to other solutions."
"I find the configuration of rules in Fortify Application Defender useful. Its integration is also easy."
"Its ability to find security defects is valuable."
"We are able to provide out customers with a secure application after development. They are no longer left wondering if they are vulnerable to different threats within the market following deployment."
"The product saves us cost and time."
"The solution helped us to improve the code quality of our organization."
"The most valuable feature is the ability to automatically feed it rules what it's coupled with the WebInspect dynamic application scanning technology."
"The most valuable feature is that it analyzes data in real-time."
"The features that I have found most valuable include its security scan, the vulnerability finds, and the web interface to search and review the issues."
"While using Micro Focus Fortify on Demand we have been very happy with the results and findings."
"The solution is user-friendly."
"The installation was easy."
"It helps deploy and track changes easily as per time-to-time market upgrades."
"Speed and efficiency are great features."
"Fortify on Demand's best feature is that there's no need to install and configure it locally since it's on the cloud."
"The most important feature of the product is to follow today's technology fast, updated rules and algorithms (of the product)."
"The workbench is a little bit complex when you first start using it."
"The biggest complaint that I have heard concerns additional platform support because right now, it only supports applications that are written in .NET and Java."
"Support for older compilers/IDEs is lacking."
"The product should integrate industry-standard code review tools internally with its system. This would streamline the coding process, as developers wouldn't need multiple tools for code review and security checks. Many independent and open-source tools are available, from Apache to various libraries. Using multiple DevOps pipeline tools can slow the turnaround time."
"The false positive rate should be lower."
"The solution could improve the time it takes to scan. When comparing it to SonarQube it does it in minutes while in Fortify Application Defender it can take hours."
"The licensing can be a little complex."
"Fortify Application Defender could improve by supporting more code languages, such as GRAAS and Groovy."
"It would be highly beneficial if Fortify on Demand incorporated runtime analysis, similar to how Contrast Security utilizes agents for proactive application security."
"We have some stability issues, but they are minimal."
"Integration to CI/CD pipelines could be improved. The reporting format could be more user friendly so that it is easy to read."
"New technologies and DevOps could be improved. Fortify on Demand can be slow (slower than other vendors) to support new technologies or new software versions."
"We typically do our bulk uploads of our scans with some automation at the end of the development cycle but the scanning can take a lot of time. If you were doing all of it at regular intervals it would still consume a lot of time. This could procedure could improve."
"Micro Focus Fortify on Demand could improve the user interface by making it more user-friendly."
"It natively supports only a few languages. They can include support for more native languages. The response time from the support team can also be improved. They can maybe include video tutorials explaining the remediation process. The remediation process is sometimes not that clear. It would be helpful to have videos. Sometimes, the solution that the tool gives in the GUI is not straightforward to understand for the developer. At present, for any such issues, you have to create a ticket for the support team and request help from the support team."
"In terms of what could be improved, we need more strategic analysis reports, not just for one specific application, but for the whole enterprise. In the next release, we need more reports and more analytic views for all the applications. There is no enterprise view in Fortify. I would like enterprise views and reports."
Fortify Application Defender is ranked 34th in Application Security Tools with 11 reviews while Fortify on Demand is ranked 11th in Application Security Tools with 56 reviews. Fortify Application Defender is rated 7.8, while Fortify on Demand is rated 8.0. The top reviewer of Fortify Application Defender writes "Reliable solution with excellent machine learning algorithms but expensive and lacking support". On the other hand, the top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". Fortify Application Defender is most compared with Checkmarx One, Coverity, CAST Application Intelligence Platform, SonarQube and Veracode, whereas Fortify on Demand is most compared with SonarQube, Checkmarx One, Veracode, Coverity and Fortify WebInspect. See our Fortify Application Defender vs. Fortify on Demand report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
