No more typing reviews! Try our Samantha, our new voice AI agent.
FortiDevSec Logo

FortiDevSec Reviews

Vendor: Fortinet
4.5 out of 5
Leave a review

What is FortiDevSec?

FortiDevSec enhances application security by integrating seamlessly into development pipelines, facilitating early threat detection and mitigation. It supports continuous delivery models and ensures robust application defenses while maintaining efficient development workflows.

Get the Static Application Security Testing (SAST) Buyer's Guide and find out what your peers are saying about FortiDevSec, SonarQube, Snyk and more!
FortiDevSec is the #23 ranked solution in AST tools and #48 ranked solution in top Vulnerability Management solutions. PeerSpot users give FortiDevSec an average rating of 9.0 out of 10. FortiDevSec is most commonly compared to SonarQube: FortiDevSec vs SonarQube. FortiDevSec is popular among the midsize enterprise segment, accounting for 35% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a construction company, accounting for 26% of all views.
Buyer's Guide
Static Application Security Testing (SAST)
May 2026
Get the category report
Helped 900,644 peers since 2012

FortiDevSec mindshare

Product category:
Static Application Security Testing (...
As of June 2026, the mindshare of FortiDevSec in the Static Application Security Testing (SAST) category stands at 0.7%, up from 0.3% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Static Application Security Testing (SAST) Mindshare Distribution
ProductMindshare (%)
FortiDevSec0.7%
SonarQube14.5%
Checkmarx One9.2%
Other75.6%
Static Application Security Testing (SAST)
 
 
Key learnings from peers

Valuable Features

  • "In a customer environment, developers integrate their code with CI/CD pipelines. Most developers use cloud platforms like AWS or Azure and project management tools. FortiDevSec integrates with these CI/CD pipelines using agents such as YAML files. Once integrated, FortiDevSec scans the source code using our product or within the IDE."

Room for Improvement

  • "The only drawback I see with FortiDevSec is the lack of extensions."
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our Static Application Security Testing (SAST) Buyer's Guide for additional reliable information.

Top industries

By visitors reading reviews
Construction Company
26%
Outsourcing Company
9%
Comms Service Provider
9%
Government
7%
University
7%
Recreational Facilities/Services Company
7%
Manufacturing Company
6%
Media Company
4%
Wholesaler/Distributor
3%
Retailer
3%
Legal Firm
1%
Marketing Services Firm
1%
Educational Organization
1%
Non Profit
1%
Insurance Company
1%
Pharma/Biotech Company
1%
Real Estate/Law Firm
1%
Hospitality Company
1%
Financial Services Firm
1%
Computer Software Company
1%
Transportation Company
1%
Healthcare Company
1%
Logistics Company
1%

Compare FortiDevSec with alternative products

Go!

Learn more about FortiDevSec

By embedding security into DevOps processes, FortiDevSec allows teams to address vulnerabilities during development. It automates security assessments, offering insights that help in reducing risk and improving compliance. Its integration capabilities streamline application security without disrupting developer productivity.

What are the key features of FortiDevSec?
  • Continuous Integration: Automates security checks within development workflows.
  • Comprehensive Analysis: Provides multi-vector scanning for thorough threat detection.
  • Risk-Based Prioritization: Identifies and prioritizes critical vulnerabilities.
  • Integration Compatibility: Easy integration with existing CI/CD tools.
What benefits can users expect from FortiDevSec?
  • Enhanced Security: Improves application protection by identifying security threats early.
  • Increased Efficiency: Reduces manual security assessment time with automation.
  • Compliance Support: Aids in aligning with industry security standards.
  • Cost Effectiveness: Minimizes costs associated with post-production vulnerability fixes.

Industries implementing FortiDevSec like finance and healthcare benefit from its ability to meet strict regulatory standards while ensuring secure and rapid application deployment. It supports integration into existing workflows, making it a valuable tool for maintaining compliance and protecting sensitive data.

Related questions

  • 324
What Application Security Solution Do You Use That Is DevOps Friendly?
  • 61
Which is the most comprehensive open source Web Security Testing tool?
  • 87
What is the best Application Security Testing platform?
  • 82
When evaluating Application Security Testing, what aspect do you think is the most important to look for?
  • 121
SAST vs. DAST: Which is better for application security testing?
  • 99
What tools do you rely on for building a DevSecOps pipeline?
  • 190
What does the Log4j/Log4Shell vulnerability mean for your company?
  • 126
Checkmarx or Veracode. Which should we choose?
  • 247
What are your recommended automated penetration testing tools?
  • 100
What are the OWASP top 10 in 2020?

Product Categories

Product Categories
Static Application Security Testing (SAST)
Vulnerability Management
Fortinet Cloud Security

Popular Comparisons

Popular Comparisons
SonarQube vs FortiDevSec Logo
SonarQube vs FortiDevSec
Snyk vs FortiDevSec Logo
Snyk vs FortiDevSec
Checkmarx One vs FortiDevSec Logo
Checkmarx One vs FortiDevSec
Tenable Security Center vs FortiDevSec Logo
Tenable Security Center vs FortiDevSec
FortiCNAPP vs FortiDevSec Logo
FortiCNAPP vs FortiDevSec
OpenText Core Application Security vs FortiDevSec Logo
OpenText Core Application Security vs FortiDevSec
The NodeZero Platform by Horizon3.ai vs FortiDevSec Logo
The NodeZero Platform by Horizon3.ai vs FortiDevSec
Qualys Web Application Scanning vs FortiDevSec Logo
Qualys Web Application Scanning vs FortiDevSec
Aikido Security vs FortiDevSec Logo
Aikido Security vs FortiDevSec
SentinelOne Singularity Identity vs FortiDevSec Logo
SentinelOne Singularity Identity vs FortiDevSec
Vicarius vRx vs FortiDevSec Logo
Vicarius vRx vs FortiDevSec
Contrast Security Assess vs FortiDevSec Logo
Contrast Security Assess vs FortiDevSec
Fortify Software Security Center vs FortiDevSec Logo
Fortify Software Security Center vs FortiDevSec
Defense.com vs FortiDevSec Logo
Defense.com vs FortiDevSec
See all alternatives
 
FortiDevSec Reviews Summary
Author infoRatingReview Summary
Founder at Cipheroot4.5I find FortiDevSec valuable for integrating with CI/CD pipelines using simple YAML files, enabling easy vulnerability scanning and report generation. However, its main drawback is the lack of extensions, despite its straightforward integration with cloud platforms like AWS or Azure.
MohammedJaffir - PeerSpot reviewer
MohammedJaffir
Founder at Cipheroot
Apr 10, 2024
Scans codes in CI/CD pipelines and identifies vulnerabilities

What is most valuable?



In a customer environment, developers integrate their code with CI/CD pipelines. Most developers use cloud platforms like AWS or Azure and project management tools. FortiDevSec integrates with these CI/CD pipelines using agents such as YAML files. Once integrated, FortiDevSec scans the source code using our product or within the IDE.

The most valuable feature is the ability to identify known vulnerabilities in applications by generating reports easily. This development gamification is very useful for developers. Compared to TechSmart and Fortify, FortiDevSec has similar features, but it is much easier to use because of its simple setup. SysTrack, for example, is not very simple.

For the CI/CD pipeline, we only need to integrate a YAML file into the security process. Compared to other products, the tool requires fewer steps. We must integrate one file with the CI/CD pipeline, automatically pulling the code report to the repository. Using our API and username, it is easy to scan the environment.

The tool's integration is also easy.


What needs improvement?



The only drawback I see with FortiDevSec is the lack of extensions.


For how long have I used the solution?



I have been using the product for five months. 


What do I think about the stability of the solution?



We haven't faced any performance issues.


What do I think about the scalability of the solution?



Based on management, there are 20-30 developers in the company. Developers use most of the CI/CD functionality. I think more than four to five people are using this product.


How are customer service and support?



We have resolved the issues ourselves. 


How was the initial setup?



The solution is completely easy to set up in our environment. We must purchase the product, get the approval license, and integrate it. FortiDevSec is cloud-based, not on-prem, making it straightforward to integrate and use. It doesn't require maintenance and can be deployed in a few hours. 


What other advice do I have?



We have implemented FortiDevSec for one customer for a year. It has been implemented successfully, and we haven't received any complaints from them. Since it's been used by only one customer, if we manage the product for multiple customers, we might be able to identify any potential problems. But until now, I can't say there are any issues.

I would recommend it since it's user-friendly. I rate the overall product a nine out of ten.