We changed our name from IT Central Station: Here's why

Fortify WebInspect vs Micro Focus Fortify on Demand comparison

Cancel
You must select at least 2 products to compare!
Featured Review
Find out what your peers are saying about Fortify WebInspect vs. Micro Focus Fortify on Demand and other solutions. Updated: January 2022.
563,148 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable feature is the static analysis.""The user interface is ok and it is very simple to use.""It is scalable and very easy to use.""The solution is easy to use.""The accuracy of its scans is great.""The solution is able to detect a wide range of vulnerabilities. It's better at it than other products.""Reporting, centralized dashboard, and bird's eye view of all vulnerabilities are the most valuable features."

More Fortify WebInspect Pros →

"Once we have our project created with our application pipeline connected to the test scanning, it only takes two minutes. The report explaining what needs to be modified related to security and vulnerabilities in our code is very helpful. We are able to do static and dynamic code scanning.""It's a stable and scalable solution.""Fortify on Demand is easy to use and the reporting is good.""Being able to reduce risk overall is a very valuable feature for us.""The UL is easy to use compared to that of other tools, and it is highly reliable. The findings provide a lower number of false positives.""Its ability to perform different types of scans, keep everything in one place, and track the triage process in Fortify SSC stands out.""The most valuable feature is the capacity to be able to check vulnerabilities during the development process. The development team can check whether the code they are using is vulnerable to some type of attack or there is some type of vulnerability so that they can mitigate it. It helps us in achieving a more secure approach towards internal applications. It is an intuitive solution. It gives all the information that a developer needs to remediate a vulnerability in the coding process. It also gives you some examples of how to remediate a vulnerability in different programming languages. This solution is pretty much what we were searching for.""It is a very easy tool for developers to use in parallel while they're doing the coding. It does auto scanning as we are progressing with the CI/CD pipeline. It has got very simple and efficient API support."

More Micro Focus Fortify on Demand Pros →

Cons
"It took us between eight and ten hours to scan an entire site, which is somewhat slow and something that I think can be improved.""It requires improvement in terms of scanning. The application scan heavily utilizes the resources of an on-premise server. 32 GB RAM is very high for an enterprise web application.""Lately, we've seen more false negatives.""Creating reports is very slow and it is something that should be improved.""The scanner could be better.""Our biggest complaint about this product is that it freezes up, and literally doesn't work for us.""The installation could be a bit easier. Usually it's simple to use, but the installation is painful and a bit laborious and complex."

More Fortify WebInspect Cons →

"Reporting could be improved.""Micro Focus Fortify on Demand cannot be run from a Linux Agent. When we are coding the endpoint it will not work, we have to use Windows Agent. This is something they could improve.""There's a bit of a learning curve. Our development team is struggling with following the rules and following the new processes.""The thing that could be improved is reducing the cost of usage and including some of the most pricey features, such as dynamic analysis and that sort of functionality, which makes the difference between different types of tools.""We want a user-based control and role-based access for developers. We want to give limited access to developers so that it only pertains to the code that they write and scanning of the codes for any vulnerabilities as they're progressing with writing the code. As of now, the interface to give restricted access to the developers is not the best. It gives them more access than what is basically required, but we don't want over-provisioning and over-access.""Integration to CI/CD pipelines could be improved. The reporting format could be more user friendly so that it is easy to read.""We typically do our bulk uploads of our scans with some automation at the end of the development cycle but the scanning can take a lot of time. If you were doing all of it at regular intervals it would still consume a lot of time. This could procedure could improve.""The vulnerability analysis does not always provide guidelines for what the developer should do in order to correct the problem, which means that the code has to be manually inspected and understood."

More Micro Focus Fortify on Demand Cons →

Pricing and Cost Advice
  • "The pricing is not clear and while it is not high, it is difficult to understand."
  • "Our licensing is such that you can only run one scan at a time, which is inconvenient."
  • "Its price is almost similar to the price of AppScan. Both of them are very costly. Its price could be reduced because it can be very costly for unlimited IT scans, etc. I'm not sure, but it can go up to $40,000 to $50,000 or more than that."
  • More Fortify WebInspect Pricing and Cost Advice →

  • "It is quite expensive. Pricing and the licensing model could be improved."
  • "It is cost-effective."
  • "Their subscriptions could use a little bit of a reworking, but I am very happy with what they're able to provide."
  • "We are still using the trial version at this point but I can already see from the trial version alone that it is a good product. For others, I would say that Fortify on Demand might look expensive at the beginning, but it is very powerful and so you shouldn't be put off by the price."
  • "The price is fair compared to that of other solutions."
  • "The solution is a little expensive."
  • "We make an annual purchase of the licenses we need."
  • "The solution is expensive and the price could be reduced."
  • More Micro Focus Fortify on Demand Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Application Security Testing (AST) solutions are best for your needs.
    563,148 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: 
    I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as well. Veracode is only a cloud solution. Hope this helps.
    Top Answer: 
    Reporting, centralized dashboard, and bird's eye view of all vulnerabilities are the most valuable features.
    Top Answer: 
    Its price is almost similar to the price of AppScan. Both of them are very costly. Its price could be reduced because it can be very costly for unlimited IT scans, etc. I'm not sure, but it can go up… more »
    Top Answer: 
    Once we have our project created with our application pipeline connected to the test scanning, it only takes two minutes. The report explaining what needs to be modified related to security and… more »
    Top Answer: 
    Micro Focus Fortify on Demand cannot be run from a Linux Agent. When we are coding the endpoint it will not work, we have to use Windows Agent. This is something they could improve. Currently, when we… more »
    Ranking
    Views
    8,054
    Comparisons
    5,383
    Reviews
    6
    Average Words per Review
    421
    Rating
    7.0
    Views
    25,947
    Comparisons
    18,614
    Reviews
    14
    Average Words per Review
    612
    Rating
    8.0
    Comparisons
    Also Known As
    Micro Focus WebInspect, WebInspect
    Fortify on Demand
    Learn More
    Overview
    Most enterprises rely heavily on the Web to conduct their normal operations, whether providing services, a mechanism for retail sales, or a host of other functions. Yet, most still struggle with efficiently managing their application security risks. For one thing, they need solutions of scale that can be used to manage thousands of active sites and assessments while also tracking discovered vulnerabilities, retesting procedures, and more. They need to perform repeated security tests to address compliance with regulations, legislation, and internal security policies and also see how their risk posture has changed over time. The enterprises have to protect their data, brand, and bottom line from the harsh impacts of what successful vulnerability exploitation could bring. Micro Focus WebInspect Enterprise enables organizations to solve these security problems quickly, efficiently, and intelligently.

    Micro Focus Fortify on Demand’s application security-as-a-service is the easy and flexible way to identify vulnerabilities in your applications without additional investment in software or personnel. Allow our global team to work for you, providing support and technical expertise 24/7.

    Offer
    Learn more about Fortify WebInspect
    Learn more about Micro Focus Fortify on Demand
    Sample Customers
    Aaron's
    SAP, Aaron's, British Gas, FICO, Cox Automative, Callcredit Information Group, Vital and more.
    Top Industries
    VISITORS READING REVIEWS
    Computer Software Company33%
    Comms Service Provider14%
    Government12%
    Financial Services Firm9%
    REVIEWERS
    Financial Services Firm30%
    Retailer15%
    Computer Software Company10%
    Manufacturing Company10%
    VISITORS READING REVIEWS
    Computer Software Company30%
    Comms Service Provider15%
    Financial Services Firm13%
    Government7%
    Company Size
    REVIEWERS
    Small Business18%
    Midsize Enterprise9%
    Large Enterprise73%
    REVIEWERS
    Small Business26%
    Midsize Enterprise14%
    Large Enterprise60%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise14%
    Large Enterprise67%
    Find out what your peers are saying about Fortify WebInspect vs. Micro Focus Fortify on Demand and other solutions. Updated: January 2022.
    563,148 professionals have used our research since 2012.

    Fortify WebInspect is ranked 10th in Application Security Testing (AST) with 7 reviews while Micro Focus Fortify on Demand is ranked 4th in Application Security Testing (AST) with 14 reviews. Fortify WebInspect is rated 7.0, while Micro Focus Fortify on Demand is rated 8.0. The top reviewer of Fortify WebInspect writes "Good reporting and vulnerability management, but needs better performance and resource utilization". On the other hand, the top reviewer of Micro Focus Fortify on Demand writes "Makes it easy to discover hidden vulnerabilities in our open source libraries". Fortify WebInspect is most compared with PortSwigger Burp Suite Professional, OWASP Zap, Veracode, HCL AppScan and Qualys Web Application Scanning, whereas Micro Focus Fortify on Demand is most compared with SonarQube, Checkmarx, Veracode, Coverity and HCL AppScan. See our Fortify WebInspect vs. Micro Focus Fortify on Demand report.

    See our list of best Application Security Testing (AST) vendors.

    We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.