Good reporting and dashboards, but technical support needs to respond more quickly
Pros and Cons
"The reporting is very useful because you can always view an entire list of the issues that you have."
"We are having issues with false positives that need to be resolved."
What is our primary use case?
We use this solution purely for critical analysis.
What is most valuable?
The reporting is very useful because you can always view an entire list of the issues that you have.
The importing of the reports into the dashboard is helpful.
What needs improvement?
The integrability of this solution can be improved. Integration with other tools such as Jira is needed.
We are having issues with false positives that need to be resolved.
Being able to save reports in different formats would be helpful because they could be imported into other tools or repositories.
Technical support should respond more quickly to requests and inquiries.
In the next release, I would like to see a more streamlined output that is easy to manage. They do have a dashboard now, but it can be improved by making it simpler.
For how long have I used the solution?
I have been working with Micro Focus Software Security Center for seven years.
What do I think about the stability of the solution?
This stability is good and I'm quite comfortable with it.
What do I think about the scalability of the solution?
Scaling this product is easy as long as you have enough licenses. Until now, I haven't faced any major issues. We are not using the product to its capacity and it's still serving its purpose.
We have only a very limited number of users because it is only our security team that is using it, and we are not extending it to the developers. It is an IT manager and the team leads who are using it.
How are customer service and technical support?
I have been in contact with technical support on a number of occasions, including a couple of meetings to discuss issues that we were having. We have been interacting with them.
My understanding from colleagues and friends in other companies is that nowadays, the service and support is not that great. I think that it used to be good, but now the responses are very slow.
Which solution did I use previously and why did I switch?
The solution that we used prior to this one was developed internally, and we have not used other commercial tools. I have seen Rapid7 solutions, but have not used them to a great extent.
How was the initial setup?
The initial setup is straightforward with no major problems.
Which other solutions did I evaluate?
We evaluated a couple of other options including Checkmarx and Veracode. We also looked at a solution to help collect and collate all of the logs and reports from different tools.
I do think that in terms of coverage, Micro Focus Fortify has an edge over this tool.
What other advice do I have?
I would rate this solution a seven out of ten.
Which deployment model are you using for this solution?
Disclosure: I am a real user, and this review is based on my own experience and opinions.