We performed a comparison between Fortify on Demand and Rapid7 AppSpider based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution is user-friendly."
"It's a stable and scalable solution."
"Fortify on Demand's best feature is that there's no need to install and configure it locally since it's on the cloud."
"The most valuable feature is that it connects with your development platforms, such as Microsoft Information Server and Jira."
"It is an extremely robust, scalable, and stable solution."
"Fortify on Demand can be scaled very easily."
"It helps deploy and track changes easily as per time-to-time market upgrades."
"We have the option to test applications with or without credentials."
"It scans all the components developed within a web application."
"I would say that it is stable, as I am not aware of any major issues."
"AppSpider's most valuable feature is reporting - everything is stored in the local database so it can be sent to other machines."
"I like the ability the product has to detect vulnerabilities quickly, when it has been released in our environment, then displaying them to us."
"Rapid7 AppSpider is good at managing different applications. It uses applets and generates reports to cover the PCA/GDPR compliance requirements."
"What I like most about AppSpider is that it's easy to use and its automated scan gives me all the details I need to know when it comes to vulnerabilities and their solutions."
"When it is set up properly, it can do scanning on web apps with multiple engines automatically."
"The initial deployment is very straightforward and simple. The product is stable if configured properly."
"There are lots of limitations with code technology. It cannot scan .net properly either."
"Integration to CI/CD pipelines could be improved. The reporting format could be more user friendly so that it is easy to read."
"In terms of what could be improved, we need more strategic analysis reports, not just for one specific application, but for the whole enterprise. In the next release, we need more reports and more analytic views for all the applications. There is no enterprise view in Fortify. I would like enterprise views and reports."
"The thing that could be improved is reducing the cost of usage and including some of the most pricey features, such as dynamic analysis and that sort of functionality, which makes the difference between different types of tools."
"It natively supports only a few languages. They can include support for more native languages. The response time from the support team can also be improved. They can maybe include video tutorials explaining the remediation process. The remediation process is sometimes not that clear. It would be helpful to have videos. Sometimes, the solution that the tool gives in the GUI is not straightforward to understand for the developer. At present, for any such issues, you have to create a ticket for the support team and request help from the support team."
"This solution would be improved if the code-quality perspective were added to it, on top of the security aspect."
"In terms of communication, they can integrate a few more third-party tools. It would be great if we can have more options for microservice communication. They can also improve the securability a bit more because security is one of the biggest aspects these days when you are using the cloud. Some more security features would be really helpful."
"Not fully integrated with CIT processes."
"Integration could be better."
"The enterprise interface is too simple. It should be more customizable."
"The tech support is responsive but issues remain unresolved."
"Implementing Rapid7 AppSpider requires scanning and self-identification mechanisms. You can add different types of authentication to each scan."
"AppSpider could improve in the area of integration. They need to add more integration opportunities."
"It needs better integration with mobile applications."
"There are some glitches with stability, and it is an area for improvement."
"The dashboard and interface are crucial and they need some improvement."
Fortify on Demand is ranked 9th in Application Security Testing (AST) with 55 reviews while Rapid7 AppSpider is ranked 25th in Application Security Testing (AST) with 13 reviews. Fortify on Demand is rated 8.0, while Rapid7 AppSpider is rated 7.8. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Rapid7 AppSpider writes "Useful vulnerability reporting data, flexible, and simple implementation". Fortify on Demand is most compared with SonarQube, Checkmarx, Veracode, Coverity and Fortify WebInspect, whereas Rapid7 AppSpider is most compared with Rapid7 InsightAppSec, OWASP Zap, Acunetix, Tenable.io Web Application Scanning and Invicti. See our Fortify on Demand vs. Rapid7 AppSpider report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.