Find out what your peers are saying about Veracode, OpenText, Checkmarx and others in Static Code Analysis.
Through the use of Tenable Security Center, my clients achieve more efficient patching and gain visibility and understanding of security operations, leading to improved resilience and infrastructure insight.
The technical support has been good because we always received answers to our questions.
The customer service and support for Fortify Static Code Analyzer are better than those for LoadRunner.
Longer response times and less thorough assistance.
Fortify Static Code Analyzer integrates well and is scalable.
I can scale it extensively with the use of agents, allowing scanning in restrictive environments and loosely connected devices.
Scalability is a bit limited with Tenable Security Center.
The stability of Fortify Static Code Analyzer is generally good.
I would rate the product stability as an eight.
The stability of the solution is outstanding.
We are not ready to transfer our code without control to AI instruments.
While it includes all the OWASP top factors, AI has come into the picture, so those updates should also be considered.
It should be easier to install, perhaps through a container-based approach where everything is combined into one image or pack of containers.
It's important for Tenable to catch up on testing capabilities that are present in solutions like Qualys.
The reports and plugins for reports and scans could benefit from enhancements.
Translating reports into European languages is especially relevant in Central Eastern Europe, where clients often require reports in local languages.
My experience with the pricing, setup costs, and licensing has been good.
The pricing of Fortify Static Code Analyzer is good, with a flexible model that allows customers to choose a setup that suits their needs.
Tenable Security Center is quite expensive, particularly for the CEE region, causing us to lose cases due to its pricing.
The product is somewhat pricey, reflecting its valuable features and status as a high-quality solution in the vulnerability management market.
The cost of Tenable Security Center is reasonable for our company.
Fortify Static Code Analyzer has the capability of giving fewer false positives compared to other tools.
The most valuable feature of Fortify Static Code Analyzer is its extensive language support, covering many languages from legacy ones to the newest.
The most impactful feature of Fortify Static Code Analyzer in identifying vulnerabilities is the ratio of total number of vulnerabilities to false positives.
Tenable Security Center provides an overall score of vulnerabilities, comparing an organization with others in the same industry.
The most valuable features of Tenable Security Center for my clients are Vulnerability Priority Rating (VPR) and Asset Criticality Scoring.
The most effective feature of Tenable Security Center for detecting vulnerabilities is its capability for critical mapping.
OpenText Static Application Security Testing empowers teams with efficient vulnerability detection and streamlined secure coding practices, offering comprehensive language support and seamless integration with development tools.
OpenText Static Application Security Testing enhances software security during development by accurately identifying vulnerabilities with minimal false positives. It integrates seamlessly with IDEs and CI/CD pipelines, making it highly efficient for early detection of security issues. Users benefit from its easy setup, clear documentation, and centralized portal for managing security findings. Despite facing challenges like high costs and complex configurations for certain languages, its role in facilitating compliance and streamlining secure coding processes is indispensable. Improvements are needed in areas such as outdated design, language support, and integration capabilities to meet evolving user expectations.
What features does OpenText Static Application Security Testing offer?Organizations across diverse sectors implement OpenText Static Application Security Testing primarily to secure applications during development phases. Its integration with tools like GitLab, Jenkins, and Azure DevOps ensures a robust security pipeline. By combining with Sonatype Nexus, secure code, and library management is achieved effectively.
Get a risk-based view of your IT, security and compliance posture so you can quickly identify, investigate and prioritize your most critical assets and vulnerabilities.
Managed on-premises and powered by Nessus technology, the Tenable Security Center (formerly Tenable.sc) suite of products provides the industry’s most comprehensive vulnerability coverage with real-time continuous assessment of your network. It’s your complete end-to-end vulnerability management solution.
We monitor all Static Code Analysis reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
