2018-08-14T07:42:00Z

What is your primary use case for Micro Focus Fortify on Demand?

Julia Miller - PeerSpot reviewer
  • 0
  • 63
PeerSpot user
36

36 Answers

AM
Real User
Top 5
2023-10-31T10:42:24Z
Oct 31, 2023

We use it to scan the bank's applications systematically. This process aims to identify and address security vulnerabilities within the applications, ensuring the robustness of our security measures.

Search for a product comparison
Angelo Quaglia - PeerSpot reviewer
Real User
Top 10
2023-08-11T11:25:34Z
Aug 11, 2023

We use the solution to scan our software. We scan it at every build. We run the scans and read the reports.

Thomas Boltze - PeerSpot reviewer
Real User
Top 5
2023-05-11T11:17:05Z
May 11, 2023

We use Fortify on Demand to look at dependency vulnerabilities and vulnerabilities in the source code. We are customers of Micro Focus.

Jaime Baracaldo - PeerSpot reviewer
Real User
Top 10
2023-04-13T19:54:53Z
Apr 13, 2023

We use this solution for our web applications.

NT
Real User
Top 20
2023-02-22T08:48:41Z
Feb 22, 2023

The solution is used for web application listing, like, SaaS.

ShubhamJoshi - PeerSpot reviewer
Real User
Top 20
2022-09-30T09:39:58Z
Sep 30, 2022

Our use case of Fortify is for the more than 200 applications that we need to certify as a security team. We certify them for all possible vulnerabilities using Micro Focus to check codes for vulnerabilities and then deploying to a reproduction environment. Once all the vulnerabilities are fixed, we can proceed to production. So we're using it as a kind of DevSecOps model. We are customers of Micro Focus.

Find out what your peers are saying about OpenText, Sonar, Checkmarx and others in Application Security Tools. Updated: March 2024.
765,386 professionals have used our research since 2012.
Kangkan Goswami - PeerSpot reviewer
Real User
Top 5
2022-09-21T10:41:38Z
Sep 21, 2022

I mainly use Fortify on Demand for static scanning.

Alejandro Merida - PeerSpot reviewer
MSP
Top 10
2022-09-20T09:00:35Z
Sep 20, 2022

I am using Micro Focus Fortify on Demand for SAT analogies and data analysis.

AM
Real User
Top 20
2022-07-18T07:43:14Z
Jul 18, 2022

Fortify on Demand is primarily used in DevSecOps in a banking environment.

Vishal Karanjkar - PeerSpot reviewer
Real User
Top 5
2022-07-06T09:06:25Z
Jul 6, 2022

Micro Focus Fortify on Demand can be deployed on-premise or in the cloud. We are mainly using Micro Focus Fortify on Demand for security.

S S RAMA KRISHNA MURTHY  SURI - PeerSpot reviewer
MSP
Top 5
2022-06-16T11:35:00Z
Jun 16, 2022

Fortify is used for static scans — cold-scanning.

Yash Brahmani - PeerSpot reviewer
Real User
Top 20
2022-05-16T12:58:27Z
May 16, 2022

We are the central team that manages Fortify end-to-end and provides it as a solution to internal users. We are using SonarQube for code review, but we use Fortify and Nexus IQ for DevOps.

Prasenjit Roy - PeerSpot reviewer
Real User
Top 5Leaderboard
2022-04-28T16:10:00Z
Apr 28, 2022

We use it as the source for code review for static code analysis.

Harkamal-Singh - PeerSpot reviewer
Real User
Top 5
2022-03-31T20:52:59Z
Mar 31, 2022

Micro Focus Fortify on Demand is used for detecting vulnerabilities in code, looking at libraries, and finding where there are vulnerabilities within unpatched code.

LM
Real User
2021-03-24T06:34:27Z
Mar 24, 2021

Our clients use it for scanning their applications and evaluating their application security. It is mostly for getting the application security results in, and then they push the vulnerabilities to their development team on an issue tracker such as Jira. I usually have the latest version unless I need to support something on an older version for a client. We're not really deploying any of these solutions except for kind of testing and replicating the situations that our clients get into.

RB
Real User
2022-01-28T17:29:40Z
Jan 28, 2022

I use it for SAST, security analysis static code.

BS
Real User
2022-01-04T21:41:00Z
Jan 4, 2022

We are using Micro Focus Fortify on Demand because in the beginning we were using the on-premise version and it was very limited. We thought we could do everything wanted with the on-premise solution. However, it was not easy to use. We are testing the Micro Focus Fortify on Demand solution to improve security. We are using the on-premise version of this solution for the static code for developers. For the dynamic code, we're using Micro Focus Fortify on Demand.

Jayashree Acharyya - PeerSpot reviewer
Real User
Top 10
2021-09-08T21:04:13Z
Sep 8, 2021

Whenever we have a new application we scan it using Micro Focus Fortify on Demand. We then receive a service connection from Azure DevOps to Micro Focus Fortify on Demand and the information from the application tested. We are using Micro Focus Fortify on Demand in two ways in most of our processes. We are either using it from our DevOps pipeline using Azure DevOps or the teams which are not yet onboarded in Azure DevOps, are running it manually by putting in the code then sending it to the security team where they will scan it. We use two solutions for our application testing. We use SonarQube for next-level unit testing and code quality and Micro Focus Fortify on Demand mostly for vulnerabilities and security concerns.

SS
Real User
2021-08-06T18:53:57Z
Aug 6, 2021

We are using it for application security testing. We have microservices and applications within the organization, and the testing is being done on a continuous basis right through the development cycle or the development chain. We are using its latest version. It is deployed on the cloud and on-premises.

RK
Real User
2021-07-10T18:50:15Z
Jul 10, 2021

We have an application sending service that we are providing to our customers and we are using Micro Focus Fortify on Demand to ensure our applications are secure.

DG
Real User
2021-05-08T09:55:10Z
May 8, 2021

We use it for normal, daily source code reviews and code analysis.

FC
Real User
2021-01-28T11:51:51Z
Jan 28, 2021

We're implementing DevSecOps in Fortify only a part of the big picture. We are implementing the entire secure development lifecycle.

DV
Real User
2020-12-16T07:23:00Z
Dec 16, 2020

We create technology solutions for clients and on one project we were requested to use Fortify on Demand after the client had read a good report about it. They sent us the report and recommended its use. In this case, we were using Java to program the client's solution and so we used Fortify on Demand alongside our Java development operations, for the purpose of improving the application's security. The work we were doing for the client involved creating a billing system that they would use to manage payments and taxes for other companies in Chile. We've only used Fortify on Demand for this one client so far. Because Fortify on Demand was so new to us, we decided to go with the trial version first and figure out the costing at a later stage.

RC
Real User
2020-12-06T06:23:06Z
Dec 6, 2020

All in-house developed code or a third-party developed code on our behalf is scanned via Fortify on Demand. Any results for unsecure code, vulnerabilities, or issues are passed back to the development teams for remediation.

OO
Real User
2020-11-30T16:58:55Z
Nov 30, 2020

We use Micro Focus Fortify on Demand to access web applications and more.

it_user1345719 - PeerSpot reviewer
Real User
2020-10-30T08:22:22Z
Oct 30, 2020

We use it for statistical analysis for Java applications that are used in the collection process of a bank. It is also used for an internal web page. The tellers use this web page in the branches to make money transactions, such as withdrawals, deposits, etc.

MJ
Real User
2020-10-07T07:04:39Z
Oct 7, 2020

We are architecting applications for e-commerce websites similar to Amazon. Everything is running on the cloud, and Micro Focus Fortify on Demand is totally integrated with our solution at this point in time.

JP
Real User
2020-08-23T08:17:00Z
Aug 23, 2020

We use Micro Focus Fortify on Demand to check the vulnerabilities of developments that we perform.

BK
Real User
2020-01-12T12:03:00Z
Jan 12, 2020

I have been using this solution to gain some perspective from different architectures for the security team. I do not use it every day. I do have an overview and it is integrated with our development platform. I do work for our governance team, so whenever a project is coming I will review products. I need to connect with the project managers for testing them, and these tests include the vulnerability assessment along with other security efforts. One of the things that I suggest is using Micro Focus Fortify on Demand. The primary use case is core scanning for different vulnerabilities, based on standards. It beings with an architect who designs a model on a security-risk advisor platform. Then you have an idea of what the obstacles are. Once the code is scanned according to standards, you figure out where the gaps are. The team then suggests what needs to be done to the code to fix the vulnerabilities. The process repeats after the code is fixed until all of the vulnerabilities have been eliminated. When you take all of these things together, it is Security by design.

PR
Real User
2020-01-12T12:02:00Z
Jan 12, 2020

We are using Fortify on Demand as a static code analyzer. As it scans each application, it checks each line of code. When we are developing mobile applications there might be some kind of security vulnerability. One example is a check to see if information that is being transferred is not encrypted because this would be vulnerable to hackers who are trying to break into the system. We also look at whether were are using the network transport layer security. Our overall goal at this time is to protect our mobile app because it is one of the ways that hackers can break into the system.

CU
Reseller
2020-01-07T06:27:00Z
Jan 7, 2020

We recommend this product to our customers. We act as vendors and resellers. This is actually one of the solutions we often recommend to our customers most often. Usually, this is the best choice for banking and financial institutions. It is deployed by their development team in-house. They use it to manage and test product lifecycles.

IL
Real User
2019-06-11T11:10:00Z
Jun 11, 2019

Our primary use case for this solution is static code analysis.

JE
Real User
2019-05-15T05:16:00Z
May 15, 2019

We use Fortify on Demand to test our e-commerce website. We do static codes testing before it goes live.

it_user625875 - PeerSpot reviewer
Real User
2018-10-28T09:33:00Z
Oct 28, 2018

My primary use case is to help the teams in development. It helps us scan.

NB
Vendor
2018-08-16T08:28:00Z
Aug 16, 2018

We previously used it for static and dynamic scans, but now we use it only for dynamic scans. We have close to 85 products in-house, so we run a lot of scans.

JM
Real User
2018-08-14T07:42:00Z
Aug 14, 2018

We use it for externally exposed applications that we want to scan before releasing them to production. As you can imagine, it's important to make sure they're secure and that we will not be exposed. For internal apps, we use other static code scanning, primarily SonarQube. But Fortify on Demand is for externally exposed applications.

Application Security Tools
Application security is a significant challenge for software engineers, as well as for security and DevOps professionals. It comprises the measures taken to improve the security of online services and websites against malicious attacks by finding, repairing, and preventing security weaknesses and vulnerabilities.
Download Application Security Tools ReportRead more

Related Q&As