We performed a comparison between Fortify on Demand and Fortify Software Security Center based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The installation was easy."
"It helps deploy and track changes easily as per time-to-time market upgrades."
"The most valuable feature is the capacity to be able to check vulnerabilities during the development process. The development team can check whether the code they are using is vulnerable to some type of attack or there is some type of vulnerability so that they can mitigate it. It helps us in achieving a more secure approach towards internal applications. It is an intuitive solution. It gives all the information that a developer needs to remediate a vulnerability in the coding process. It also gives you some examples of how to remediate a vulnerability in different programming languages. This solution is pretty much what we were searching for."
"One of the valuable features is the ability to submit your code and have it run in the background. Then, if something comes up that is more specific, you have the security analyst who can jump in and help, if needed."
"What stands out to me is the user-friendliness of each feature."
"The solution is user-friendly."
"The licensing was good."
"The features that I have found most valuable include its security scan, the vulnerability finds, and the web interface to search and review the issues."
"The reporting is very useful because you can always view an entire list of the issues that you have."
"This is a stable solution at the end of the day."
"You can easily download the tool's rule packs and update them."
"We want a user-based control and role-based access for developers. We want to give limited access to developers so that it only pertains to the code that they write and scanning of the codes for any vulnerabilities as they're progressing with writing the code. As of now, the interface to give restricted access to the developers is not the best. It gives them more access than what is basically required, but we don't want over-provisioning and over-access."
"With Rapid7 I utilized its reporting capabilities to deliver Client Reports within just a few minutes of checking the data. I believe that HP’s FoD Clients could sell more services to clients if HP put more effort into delivering visually pleasing reporting capabilities."
"I would like to see improvement in CI integration and integration with GitLab or Jenkins. It needs to be more simple."
"It's still a little bit too complex for regular developers. It takes a little bit more time than usual. I know static code scan is not the main focus of the tool, but the overall time span to scan the code, and even to set up the code scanning, is a bit overwhelming for regular developers."
"They have very good support, but there is always room for improvement."
"The products must provide better integration with build tools."
"Integration to CI/CD pipelines could be improved. The reporting format could be more user friendly so that it is easy to read."
"During development, when our developer makes changes to their code, they typically use GitHub or GitLab to track those changes. However, proper integration between Fortify on Demand and GitHub and GitLab is not there yet. Improved integration would be very valuable to us."
"We are having issues with false positives that need to be resolved."
"Fortify Software Security Center's setup is really painful."
"This solution is difficult to implement, and it should be made more comfortable for the end-users."
More Fortify Software Security Center Pricing and Cost Advice →
Fortify on Demand is ranked 9th in Static Application Security Testing (SAST) with 56 reviews while Fortify Software Security Center is ranked 27th in Static Application Security Testing (SAST) with 3 reviews. Fortify on Demand is rated 8.0, while Fortify Software Security Center is rated 7.4. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Fortify Software Security Center writes "A fair-priced solution that helps with application security testing ". Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Sonatype Lifecycle, whereas Fortify Software Security Center is most compared with Tricentis Tosca, Checkmarx One and Fortify WebInspect. See our Fortify Software Security Center vs. Fortify on Demand report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.