Fortify Software Security Center Reviews

Name: Fortify Software Security Center
Brand: OpenText
Rating: 4.0 (8 reviews)

Vendor: OpenText

4.0 out of 5

8 reviews
100% willing to recommend

Leave a review

What is Fortify Software Security Center?

Software Security Center enables management, development, and security teams to work together to triage, track, validate, automate, and manage software security activities.

Get the Static Application Security Testing (SAST) Buyer's Guide and find out what your peers are saying about Fortify Software Security Center, SonarQube, Snyk and more!

Fortify Software Security Center is the #21 ranked solution in AST tools. PeerSpot users give Fortify Software Security Center an average rating of 8.0 out of 10. Fortify Software Security Center is most commonly compared to SonarQube: Fortify Software Security Center vs SonarQube. Fortify Software Security Center is popular among the large enterprise segment, accounting for 54% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a manufacturing company, accounting for 18% of all views.

Buyer's Guide

Static Application Security Testing (SAST)

November 2025

Get the category report

Helped 879,259 peers since 2012

Featured Fortify Software Security Center reviews

Diego Caicedo Lescano

Chief Innovation Officer at SAGGA

The main use case for Fortify Software Security Center is exceptional because we have governance and control through that console. You can centralize both static analysis and dynamic analysis, and correlate both analyses in one tool to get better results by combining those independent results from each solution. That is outstanding, and there is no tool I have seen on the market that offers these capabilities. I appreciate the interoperability with other solutions from Fortify Software Security Center. Because we are using Kiuwan, you can run Kiuwan analyses and integrate them with Fortify Software Security Center to get those results in a single console. That is a good console for centralizing things in one point. That is one of the best features of the on-premises Fortify.

Read full review

Jonathan Steyn

Principal Technical Consultant at EOH

Software Security Center is highly customizable and helps me test all vulnerability data against the latest conventions like OWASP Top Ten, CVE Top twenty-five, and several other legal compliances. WebInspect supports a number of APIs and web endpoints. I find its feature of macro recording allows for testing vulnerabilities during multi-factor authentication sessions very valuable. I appreciate the ability to further analyze data with tools like Audit Workbench.

Read full review

善鴻鄭

Sales Manager at Pbland

It's very important because they want to scan their source code every day, so we provide CICD integration to our customers so they can auto build and auto test every day, get reports, and fix issues. I combine an issue tracking system, and if they scan some violations, I send an issue to the code owner. When they get the issue report, they can fix it. I tell my customers they must scan their code every day and fix it every day, and then their quality will improve. That is our concept for improving overall software quality and compliance standards. Continuous deployment regarding updates has been helpful for our implementation.

Read full review

Fortify Software Security Center mindshare

As of December 2025, the mindshare of Fortify Software Security Center in the Static Application Security Testing (SAST) category stands at 0.7%, up from 0.3% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Static Application Security Testing (SAST) Market Share Distribution
Product	Market Share (%)
Fortify Software Security Center	0.7%
SonarQube	19.8%
Checkmarx One	10.3%
Other	69.2%

Static Application Security Testing (SAST)

Key learnings from peers

Last updated Nov 16, 2025

Valuable Features

Fortify Software Security Center offers valuable features like useful reporting, customizable testing against conventions, integration into CI/CD processes, combining static and dynamic analysis, and interoperability with other solutions. Users find the Fortify audit workbench and collaboration module effective for identifying vulnerabilities. WebInspect's macro recording and the ability to update tool rule packs are appreciated. It centralizes analyses, enhancing governance and control, allowing continuous deployment and tracking for improved software quality and compliance standards.

"It's very important because they want to scan their source code every day, so we provide CICD integration to our customers so they can auto build and auto test every day, get reports, and fix issues."
"The main use case for Fortify Software Security Center is exceptional because we have governance and control through that console."
"I like the explanation of issues provided by Fortify Software Security Center."

Room for Improvement

Fortify Software Security Center faces difficulties in implementation and lacks user-friendly processes. Users find the documentation unclear and technical support response times slow. Improvements are needed for integration with tools like Jira. False positives are a concern, and enhanced report saving options would aid in data management. The dashboard could be more intuitive. Some users desire advanced features like trend analysis and greater customization, while others look for reduced false positive rates in newer versions.

"The support for Fortify on-premises is the same as for the other products. I would say the support is not good and I would rate it a three out of ten."
"I am not satisfied with the percentage of false positives, which is around eighteen percent."
"Improvements needed for Software Security Center include better aggregation views of datasets."

Pricing

Fortify Software Security Center's pricing is perceived as high by several users, though some find it fair compared to similar solutions. It's noted as slightly more expensive but justified by the service level. Licensing initially posed verification challenges, later resolved through negotiation. Companies mention scalability and adaptability to specific needs, yet express concerns about the cost in certain regions. On-premises deployment is considered costly by some users.

"As a Fortify partner company providing technical support, I find the product expensive in our country, where local, inexpensive products are available."
"The solution is priced fair."
"This is a costly solution that could be cheaper."

Popular Use Cases

Users primarily utilize Fortify Software Security Center for application security testing, securing application internals, and critical analysis. They aggregate DAS and SAS scan data, store and display Azure data, analyze scan results, and customize dashboards. They use it to scan applications and address bugs, utilizing its intuitive dashboard and connection with sensors and controllers for comprehensive data aggregation. Fortify primarily serves to identify code violations, enhance security, and provide detailed reports for companies prioritizing application security.

Service and Support

Fortify Software Security Center customer service and support receive mixed feedback. Many find responses slow and setup documentation unclear, making it challenging to follow. Some report improvement post-acquisition by OpenText, with increased support channels like forums and live chats. However, several still express dissatisfaction, highlighting the need for more responsive assistance. While some appreciate the professional services and direct support line, others rate the service quality low, mentioning unresolved tickets and reliance on direct contacts.

Deployment

Initial setup experiences with Fortify Software Security Center vary. Some users find it complex, particularly with integration and inadequate support, while others find the process straightforward, requiring one experienced person. Setup durations range from a few weeks to six months. Documentation is praised, although some report needing additional technical expertise due to prerequisites like Java JDK. Installation can take only a couple of hours, suggesting that setup complexity differs based on user expertise.

Scalability

Fortify Software Security Center is scalable, though it relies on adequate licenses. Users find it serves its purpose without hitting capacity. While some users find scaling simple by adding sensors and controllers, others encounter difficulties due to multiple components, rating scalability lower. It is primarily utilized by security teams, with limited extensions to developers. The typical user base varies, ranging from small teams to larger groups, and scaling experiences differ among organizations.

Stability

Fortify Software Security Center is deemed stable, with users expressing satisfaction in its performance. Many note its stability with scores ranging from seven to eight out of ten. It is utilized by prominent US banks and military institutions, highlighting its scalability and reliability. Users report no significant stability issues, though the implementation process is challenging. The stability has left users quite comfortable with its consistent operation.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Static Application Security Testing (SAST) Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company Size	Count
Small Business	3
Midsize Enterprise	1
Large Enterprise	3

By reviewers

By visitors reading reviews
Company Size	Count
Small Business	35
Midsize Enterprise	18
Large Enterprise	61

By visitors reading reviews

Top industries

By visitors reading reviews

Manufacturing Company

18%

Financial Services Firm

10%

Government

Computer Software Company

Media Company

Retailer

Comms Service Provider

Construction Company

Educational Organization

Performing Arts

Real Estate/Law Firm

University

Aerospace/Defense Firm

Venture Capital & Private Equity Firm

Transportation Company

Wellness & Fitness Company

Energy/Utilities Company

Insurance Company

Wholesaler/Distributor

Marketing Services Firm

Logistics Company

Recreational Facilities/Services Company

Non Profit

Outsourcing Company

Pharma/Biotech Company

Healthcare Company

Consumer Goods Company

Training & Coaching Company

Hospitality Company

Compare Fortify Software Security Center with alternative products

Learn more about Fortify Software Security Center

Fortify Software Security Center was previously known as Micro Focus Software Security Center, Application Security Center, HPE Application Security Center, WebInspect.

Fortify Software Security Center customers

Neosecure, Acxiom, Skandinavisk Data Center A/S, Parkeon

Product Categories

Static Application Security Testing (SAST)

Popular Comparisons

SonarQube vs Fortify Software Security Center

Snyk vs Fortify Software Security Center

GitLab vs Fortify Software Security Center

Checkmarx One vs Fortify Software Security Center

Coverity Static vs Fortify Software Security Center

OpenText Core Application Security vs Fortify Software Security Center

Acunetix vs Fortify Software Security Center

HCL AppScan vs Fortify Software Security Center

Semgrep vs Fortify Software Security Center

GitHub Code Scanning vs Fortify Software Security Center

Cycode vs Fortify Software Security Center

Appvance AIQ Platform vs Fortify Software Security Center

Checkmarx IaC Security / KICS vs Fortify Software Security Center

See all alternatives

Fortify Software Security Center Reviews Summary
Author info	Rating	Review Summary
Chief Innovation Officer at SAGGA	5.0	I've found Fortify's centralized analysis capabilities and integration with tools like GitLab invaluable, though it's pricey and support lacks. Despite some SAST limitations, it's a mature on-premises solution delivering solid ROI, especially for our clients in Ecuador.
Principal Technical Consultant at EOH	5.0	I use Fortify Software Security Center on-premises for its intuitive dashboard that aggregates DAS and SAS data. It enhances security by adhering to conventions like OWASP. However, I seek better dataset views and analysis features similar to SIM tools.
Sales Manager at Pbland	4.0	No summary available
Conformity Controller at STET	4.0	I work with Fortify Software Security Center, which effectively explains security issues and integrates into the CI/CD process for daily testing. However, I've experienced many false positives, likely due to using an outdated version.
General Manager at Inexion Co.	4.5	We use Fortify Software Security Center to scan and analyze data from Azure. It effectively identifies vulnerabilities, especially with the audit workbench and collaboration module. However, its overlap feature demands costly customization. We chose Fortify for its language support and strong engine.
Application Architect at a tech services company with 10,001+ employees	4.0	I use Fortify Software Security Center for application security testing. Its valuable feature is the ability to easily download and update rule packs. However, the setup process is quite challenging and could be improved for better user experience.
VP at a tech vendor with 5,001-10,000 employees	3.5	No summary available
Head Of Information Security at a tech services company with 51-200 employees	3.5	No summary available

Fortify Software Security Center Reviews

What is Fortify Software Security Center?

Featured Fortify Software Security Center reviews

Fortify Software Security Center mindshare

Valuable Features

Room for Improvement

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Review data by company size

Top industries

Compare Fortify Software Security Center with alternative products

Learn more about Fortify Software Security Center

Fortify Software Security Center customers

Related questions

Product Categories

Popular Comparisons