We performed a comparison between Fortify on Demand and Tenable.io Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We have the option to test applications with or without credentials."
"The user interface is good."
"The most valuable feature of Micro Focus Fortify on Demand is the information it can provide. There is quite a lot of information. It can pinpoint right down to where the problem is, allowing you to know where to fix it. Overall the features are easy to use, you don't have to be a coder. You can be a manager, or in IT operations, et cetera, anyone can use it. It is quite a well-rounded functional solution."
"Fortify on Demand's best feature is that there's no need to install and configure it locally since it's on the cloud."
"Its ability to perform different types of scans, keep everything in one place, and track the triage process in Fortify SSC stands out."
"It is a very easy tool for developers to use in parallel while they're doing the coding. It does auto scanning as we are progressing with the CI/CD pipeline. It has got very simple and efficient API support."
"Speed and efficiency are great features."
"Once we have our project created with our application pipeline connected to the test scanning, it only takes two minutes. The report explaining what needs to be modified related to security and vulnerabilities in our code is very helpful. We are able to do static and dynamic code scanning."
"The most effective feature of the product is the ability to scan the entire environment."
"We can get detailed information about vulnerabilities."
"Tenable provides the end analysis results covering all the published vulnerabilities and information on the market."
"The solution's instant reports feature is the most effective for detecting threats."
"Our customers adopt this solution because of the replication testing and the vulnerability assessment it can do. It is a multi-faceted product."
"The most valuable feature is the reporting, which provides a good level of detail with respect to vulnerabilities."
"It is fully automated."
"All the features are valuable to us as they offer cutting-edge scanning methods and address the latest issues with a contemporary approach. Tenable.io Web Application Scanning is highly stable. I rate it a nine out ten. Since the solution works on the Cloud, it's highly scalable. I rate the scalability a nine out of ten. The setup of the solution is straightforward. The Return on Investment is substantial. I recommend the solution to all."
"It would be highly beneficial if Fortify on Demand incorporated runtime analysis, similar to how Contrast Security utilizes agents for proactive application security."
"It lacks of some important features that the competitors have, such as Software Composition Analysis, full dead code detection, and Agile Alliance's Best Practices and Technical Debt."
"We would like a reduction in the time frame of scans. It takes us three to five days to run a scan now. We would like that reduced to under three days."
"It's still a little bit too complex for regular developers. It takes a little bit more time than usual. I know static code scan is not the main focus of the tool, but the overall time span to scan the code, and even to set up the code scanning, is a bit overwhelming for regular developers."
"There is room for improvement in the integration process."
"Micro Focus Fortify on Demand could improve the user interface by making it more user-friendly."
"Integration to CI/CD pipelines could be improved. The reporting format could be more user friendly so that it is easy to read."
"They have a release coming out, which is full of new features. Based on their roadmap, there's nothing that I would suggest for them to put in it that they haven't already suggested. However, I am a customer, so I always think the pricing is something that could be improved. I am working with them on that, and they're very flexible. They work with their customers and kind of tailor the product to the customer's needs. So far, I am very happy with what they're able to provide. Their subscriptions could use a little bit of a reworking, but that would be about it."
"It isn't easy to manage vulnerabilities in Tenable."
"The cloud and the on-premises versions have their own controllers, and there is no way to centrally manage controllers."
"They have a general dashboard for web application scanning, but the dashboards and reporting can be improved. They probably have some features in their roadmap."
"The report customization needs to be better."
"I would like for them to add proxy filtering, where you can transfer and alter the package. It is fully automated. Other web application testers programs are actually proxy software, and the proxy software gives you the flexibility of modifying the outgoing package, which will actually help you in exploiting any vulnerability in detail."
"Tenable.io Web Application Scanning could improve by offering faster fuzzing."
"The reporting has a very limited customization capability."
"The platform's technical support services could be better."
More Tenable.io Web Application Scanning Pricing and Cost Advice →
Fortify on Demand is ranked 11th in Application Security Tools with 56 reviews while Tenable.io Web Application Scanning is ranked 24th in Application Security Tools with 14 reviews. Fortify on Demand is rated 8.0, while Tenable.io Web Application Scanning is rated 7.6. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Tenable.io Web Application Scanning writes "Highly Recommended Solution with Latest Scanning Methods". Fortify on Demand is most compared with SonarQube, Checkmarx One, Veracode, Coverity and GitHub Advanced Security, whereas Tenable.io Web Application Scanning is most compared with Acunetix, SonarQube, Qualys Web Application Scanning, PortSwigger Burp Suite Professional and Invicti. See our Fortify on Demand vs. Tenable.io Web Application Scanning report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.