Try our new research platform with insights from 80,000+ expert users

Fortra Tripwire IP360 vs OpenText Dynamic Application Security Testing comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Zafran Security
Sponsored
Average Rating
9.6
Reviews Sentiment
7.8
Number of Reviews
6
Ranking in other categories
Vulnerability Management (18th), Continuous Threat Exposure Management (CTEM) (2nd)
Fortra Tripwire IP360
Average Rating
7.0
Reviews Sentiment
4.3
Number of Reviews
6
Ranking in other categories
Vulnerability Management (47th)
OpenText Dynamic Applicatio...
Average Rating
7.2
Reviews Sentiment
6.8
Number of Reviews
21
Ranking in other categories
Dynamic Application Security Testing (DAST) (3rd), DevSecOps (10th)
 

Mindshare comparison

Vulnerability Management
Dynamic Application Security Testing (DAST)
 

Featured Reviews

Israel Cavazos Landini - PeerSpot reviewer
Weekly insights and risk analysis facilitate informed security decisions
I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.
Corey Cole - PeerSpot reviewer
The solution helps users to manage their entire IP range, but it's unreliable and very expensive to maintain
Only the administrator was using the product. He used it to read reports as part of our compliance programs. It wasn't heavily used by a lot of users. The tool comes in at a large scale, and we tried to scale it down. The scaling did not apply to us. It was neither difficult nor easy. I rate the scalability a five out of ten. We had some challenges while scaling it down. It could do 10,000 devices, and we wanted to use it for ten devices. The process was difficult and expensive. We did not need the product anymore.
Navin N - PeerSpot reviewer
Effective scanning of diverse file extensions with fast reporting and issue resolution
We develop software packages for clients, and these clients are mostly in the BFSI sector. The packages need to be scanned, and we engage Fortify WebInspect for this.  Customers typically perform their own application pen tests, but in some cases, we have engagements where customers want us to scan…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We are able to see the real risk of a vulnerability on our environment with our security tools."
"Overall, we have seen about eighty-seven percent reduction of the number of vulnerabilities that require urgency to remediate, specifically the number of criticals."
"We saw benefits from Zafran Security almost immediately after deploying it."
"Zafran has become an indispensable tool in our cybersecurity arsenal."
"Zafran is an excellent tool."
"Tripwire IP360 is a very stable solution."
"It's become the pinnacle point for anything that enters the network or anything that's passing through to production to first be affected by IP360, hardened, and up to standard. For our integrity management, one was deployed in the bank about two years ago and that's still going to expand the usage and the product itself. That will go hand in hand with training and expanding the product as for where it's deployed."
"We could manage our entire IP range with the solution."
"Technical support has been good."
"The solution is easy to use."
"There are lots of small settings and tools, like an HTTP editor, that are very useful."
"The solution is able to detect a wide range of vulnerabilities. It's better at it than other products."
"The user interface is ok and it is very simple to use."
"Guided Scan option allows us to easily scan and share reports."
"It is scalable and very easy to use."
"Reporting, centralized dashboard, and bird's eye view of all vulnerabilities are the most valuable features."
 

Cons

"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."
"I think the ability to have some enhanced reporting capabilities is something they can improve on, as they have good reports but we have asked for some specific reporting enhancements."
"The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvements."
"We need to dedicate time and resources to keep it running."
"I am not very impressed by the technical support."
"The reporting functions can use improvement. There is room for growth because reporting functions differ a lot depending on what you're going to output. It depends on whether it's for technical or senior management and how it's interpreted. There could be growth within the reporting functionality side."
"The initial setup was complex."
"The main area for improvement in Fortify WebInspect is the price, as it is too high compared to the market rate."
"There are some file extensions, like .SER, that Fortify WebInspect doesn't scan."
"We have often encountered scanning errors."
"I want to enhance automation. Currently, Fortify WebInspect can scan and find vulnerabilities, but users with specific skills need to interpret the results and understand how to address them."
"The scanner could be better."
"Lately, we've seen more false negatives."
"Fortify WebInspect's shortcoming stems from the fact that it is a very expensive product in Korea, which makes it difficult for its potential customers to introduce the product in their IT environment."
 

Pricing and Cost Advice

Information not available
"I believe the price compares well within the market."
"The product was expensive for us."
"Its price is almost similar to the price of AppScan. Both of them are very costly. Its price could be reduced because it can be very costly for unlimited IT scans, etc. I'm not sure, but it can go up to $40,000 to $50,000 or more than that."
"This solution is very expensive."
"The pricing is not clear and while it is not high, it is difficult to understand."
"Our licensing is such that you can only run one scan at a time, which is inconvenient."
"The price is okay."
"It’s a fair price for the solution."
"Fortify WebInspect is a very expensive product."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
862,543 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
11%
Financial Services Firm
11%
Manufacturing Company
7%
Healthcare Company
6%
Computer Software Company
13%
Government
10%
Manufacturing Company
8%
Financial Services Firm
8%
Financial Services Firm
15%
Government
15%
Manufacturing Company
12%
Computer Software Company
12%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?
The current pricing of Zafran Security is fair overall. They were good to work with to accommodate our organization w...
What needs improvement with Zafran Security?
The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvement...
What is your primary use case for Zafran Security?
Zafran Security is helping reduce the amount of critical vulnerabilities in our environments that require prompt reme...
What do you like most about Tripwire IP360?
We could manage our entire IP range with the solution.
What is your experience regarding pricing and costs for Tripwire IP360?
The product was expensive for us. It was not cost-effective for how we used it to do the job. We didn't think it was ...
What needs improvement with Tripwire IP360?
It's an enterprise-level tool. If we’re not putting it in everything, it's very expensive to maintain in terms of peo...
What do you like most about Fortify WebInspect?
The solution's technical support was very helpful.
What is your experience regarding pricing and costs for Fortify WebInspect?
The price of Fortify WebInspect is high, with the cost depending on the number of virtual users. It is approximately ...
What needs improvement with Fortify WebInspect?
The main area for improvement in Fortify WebInspect is the price, as it is too high compared to the market rate. The ...
 

Also Known As

No data available
IP360
Micro Focus WebInspect, WebInspect
 

Overview

 

Sample Customers

Information Not Available
1. Aetna 2. Accenture 3. Adidas 4. AIG 5. Airbus 6. Akamai 7. Amazon 8. American Express 9. Aon 10. Apple 11. ATT 12. Autodesk 13. Bank of America 14. Barclays 15. Bayer 16. Bechtel 17. BlackRock 18. Boeing 19. BNP Paribas 20. Cisco 21. CocaCola 22. Comcast 23. Dell 24. Deutsche Bank 25. eBay 26. ExxonMobil 27. FedEx 28. Ford 29. General Electric 30. Google 31. HP 32. IBM
Aaron's
Find out what your peers are saying about Qualys, Wiz, Tenable and others in Vulnerability Management. Updated: July 2025.
862,543 professionals have used our research since 2012.