We performed a comparison between Fortify on Demand and Sonatype Repository Firewall based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's a stable and scalable solution."
"Speed and efficiency are great features."
"Audit workbench: for on-the-fly defect auditing."
"The installation was easy."
"The most important feature of the product is to follow today's technology fast, updated rules and algorithms (of the product)."
"The SAST feature is the most valuable."
"We have the option to test applications with or without credentials."
"The most valuable feature is that it connects with your development platforms, such as Microsoft Information Server and Jira."
"Another thing that I like about Sonatype is that if you download something today, and five days from today it becomes vulnerable, it will notify you."
"The product's network and intrusion protection features are valuable. It also has rules and compliance features for security."
"Temenos's (T-24) info basic is a separate programming interface, and such proprietary platforms and programming interfaces were not easily supported by the out-of-the-box versions of Fortify."
"An improvement would be the ability to get vulnerabilities flowing automatically into another system."
"Fortify on Demand could be improved with support in Russia."
".NET code scanning is still dependent on building the code base before running any scan. Also, it's dependent on an IDE such as Visual Studio."
"The solution has some issues with latency. Sometimes it takes a while to respond. This issue should be addressed."
"In terms of what could be improved, we need more strategic analysis reports, not just for one specific application, but for the whole enterprise. In the next release, we need more reports and more analytic views for all the applications. There is no enterprise view in Fortify. I would like enterprise views and reports."
"The reporting capabilities need improvement, as there are some features that we would like to have but are not available at the moment."
"If you have a continuous integration in place, for example, and you want it to run along with your build and you want it to be fast, you're not going to get it. It adds to your development time."
"The tool needs to improve its file systems. The product should also include zero test feature."
"What I don't like is the lack of an option to pick up the phone and call someone for support. That is something they need to improve on. They need to have a professional services package, or they need to include that option with their services."
Fortify on Demand is ranked 11th in Application Security Tools with 56 reviews while Sonatype Repository Firewall is ranked 31st in Application Security Tools with 3 reviews. Fortify on Demand is rated 8.0, while Sonatype Repository Firewall is rated 8.4. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Sonatype Repository Firewall writes "You will get clean code every time, and that's a great achievement". Fortify on Demand is most compared with SonarQube, Checkmarx One, Veracode, Coverity and Fortify WebInspect, whereas Sonatype Repository Firewall is most compared with JFrog Xray, Cisco Secure Firewall, GitHub, Black Duck and Snyk. See our Fortify on Demand vs. Sonatype Repository Firewall report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
