We performed a comparison between Fortify on Demand and Polyspace Code Prover based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The SAST feature is the most valuable."
"The most valuable feature is the capacity to be able to check vulnerabilities during the development process. The development team can check whether the code they are using is vulnerable to some type of attack or there is some type of vulnerability so that they can mitigate it. It helps us in achieving a more secure approach towards internal applications. It is an intuitive solution. It gives all the information that a developer needs to remediate a vulnerability in the coding process. It also gives you some examples of how to remediate a vulnerability in different programming languages. This solution is pretty much what we were searching for."
"Provides good depth of scanning and we get good results."
"The most valuable features are the detailed reporting and the ability to set up deep scanning of the software, both of which are in the same place."
"The most valuable features are the server, scanning, and it has helped identify issues with the security analysis."
"What stands out to me is the user-friendliness of each feature."
"We have the option to test applications with or without credentials."
"Audit workbench: for on-the-fly defect auditing."
"The product detects memory corruptions."
"When we work on safety modules, it is mandatory to fulfill ISO 26262 compliance. Using Prover helps fulfill the standard on top of many other quality checks, like division by zero, data type casts, and null pointer dereferences."
"Polyspace Code Prover is a very user-friendly tool."
"The outputs are very reliable."
"Polyspace Code Prover has made me realize it differs from other static code analysis tools because it runs the code. So it's quite distinct in that aspect."
"Takes up a lot of resources which can slow things down."
"It would be highly beneficial if Fortify on Demand incorporated runtime analysis, similar to how Contrast Security utilizes agents for proactive application security."
"It lacks of some important features that the competitors have, such as Software Composition Analysis, full dead code detection, and Agile Alliance's Best Practices and Technical Debt."
"Sometimes when we run a full scan, we have a bunch of issues in the code. We should not have any issues."
"They have very good support, but there is always room for improvement."
"They could provide features for artificial intelligence similar to other vendors."
"The solution has some issues with latency. Sometimes it takes a while to respond. This issue should be addressed."
"If you have a continuous integration in place, for example, and you want it to run along with your build and you want it to be fast, you're not going to get it. It adds to your development time."
"The tool has some stability issues."
"Automation could be a challenge."
"I'd like the data to be taken from any format."
"Using Code Prover on large applications crashes sometimes."
"One of the main disadvantages is the time it takes to initiate the first run."
Fortify on Demand is ranked 8th in Application Security Tools with 57 reviews while Polyspace Code Prover is ranked 23rd in Application Security Tools with 5 reviews. Fortify on Demand is rated 8.0, while Polyspace Code Prover is rated 7.6. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Polyspace Code Prover writes "A stable solution for developing software components". Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Fortify WebInspect, whereas Polyspace Code Prover is most compared with SonarQube, Coverity, Klocwork, CodeSonar and Semmle QL. See our Fortify on Demand vs. Polyspace Code Prover report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.