Fortify Application Defender Reviews

Fortify Application Defender's most valuable features include real-time data analysis, security defect identification, simple user interface, static code analysis, automatic vulnerability notifications, machine learning algorithms, and rule customization. It integrates easily with code repositories and CI/CD pipelines and offers fast scanning. The tool provides specific application defense, helpful information for issue resolution, and software composition analysis, enhancing security assessments and saving cost and time. Its rule configuration and default code packages are also appreciated.

• "We are able to provide our customers with a secure application after development; they are no longer left wondering if they are vulnerable to different threats within the market following deployment."
• "The information from Fortify Application Defender on how to fix and solve issues is very good compared to other solutions."
• "Fortify Application Defender has a few drawbacks, it has its own pros and cons, but it's a good tool to use in any industry."

Fortify Application Defender lacks support for older compilers and IDEs, limiting its compatibility with legacy systems. It struggles with performance, complex licensing, and offers inadequate technical support. The tool's false positive rate is high, especially for Python. It lacks support for additional programming languages and platforms like Python and GRAAS. It should integrate better with code review tools and improve scanning speed. Integration with Azure DevOps Marketplace would enhance usability.

• "The licensing is very complex, it's project based and can range from $10,000 to $200,000+ depending on the project type and size."
• "The solution could improve the time it takes to scan. When comparing it to SonarQube it does it in minutes while in Fortify Application Defender it can take hours."
• "Fortify Application Defender could improve by supporting more code languages, such as GRAAS and Groovy."