Try our new research platform with insights from 80,000+ expert users

FortiDevSec vs Fortify on Demand comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Customer Service

No sentiment score available
No sentiment score available
Fortify on Demand's customer service is valued for excellence, but technical support responsiveness and coordination can sometimes falter.
 

Room For Improvement

No sentiment score available
Sentiment score
5.4
Fortify on Demand needs better reporting, faster scans, expanded language support, streamlined UI, CI/CD integration, and improved customer support.
 

Scalability Issues

No sentiment score available
Sentiment score
8.2
Fortify on Demand is highly scalable, flexible, and suitable for enterprises, despite occasional pricing and scan limitations.
 

Setup Cost

No sentiment score available
No sentiment score available
Enterprise users report mixed pricing perceptions of Fortify on Demand, citing high cost but valuable features and scalability.
 

Stability Issues

No sentiment score available
Sentiment score
8.9
Fortify on Demand is stable and reliable, with minor issues, generally meeting user expectations with high stability scores.
 

Valuable Features

No sentiment score available
Sentiment score
8.5
Fortify on Demand enhances security and efficiency with code scanning, CI/CD integration, real-time dashboards, and detailed reporting.
 

Categories and Ranking

FortiDevSec
Ranking in Static Application Security Testing (SAST)
25th
Average Rating
9.0
Reviews Sentiment
7.5
Number of Reviews
1
Ranking in other categories
Vulnerability Management (35th)
Fortify on Demand
Ranking in Static Application Security Testing (SAST)
8th
Average Rating
8.0
Reviews Sentiment
7.8
Number of Reviews
59
Ranking in other categories
Application Security Tools (9th)
 

Mindshare comparison

As of November 2024, in the Static Application Security Testing (SAST) category, the mindshare of FortiDevSec is 0.2%, up from 0.1% compared to the previous year. The mindshare of Fortify on Demand is 5.3%, up from 4.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Static Application Security Testing (SAST)
 

Featured Reviews

Mohammed Jaffir - PeerSpot reviewer
Scans codes in CI/CD pipelines and identifies vulnerabilities
In a customer environment, developers integrate their code with CI/CD pipelines. Most developers use cloud platforms like AWS or Azure and project management tools. FortiDevSec integrates with these CI/CD pipelines using agents such as YAML files. Once integrated, FortiDevSec scans the source code using our product or within the IDE. The most valuable feature is the ability to identify known vulnerabilities in applications by generating reports easily. This development gamification is very useful for developers. Compared to TechSmart and Fortify, FortiDevSec has similar features, but it is much easier to use because of its simple setup. SysTrack, for example, is not very simple. For the CI/CD pipeline, we only need to integrate a YAML file into the security process. Compared to other products, the tool requires fewer steps. We must integrate one file with the CI/CD pipeline, automatically pulling the code report to the repository. Using our API and username, it is easy to scan the environment. The tool's integration is also easy.
Jonathan Steyn - PeerSpot reviewer
Source code analyzer, FPR file generation, reduction of false positives and generates compliance reports, for in-depth analysis
Not challenges with the product itself. The product is very reliable. It does have a steep learning curve. But, again, one thing that Fortify or OpenText does very well is training. There are a lot of free resources and training in the community forums, free training as well as commercial training where users can train on how to use the back-end systems and the scanning engines and how to use command-line arguments because some of the procedures or some of the tools do require a bit of a learning curve. That's the only challenge I've really seen for customers because you have to learn how to use the tool effectively. But Fortify has, in fact, improved its user interface and the way users engage the dashboards and the interfaces. It is intuitive. It's easy to understand. But in some regards, the cybersecurity specialist or AppSec would need a bit of training to engage the user interface and to understand how it functions. But from the point of the reliability index and how powerful the tool is, there's no challenge there. But it's just from a learning perspective; users might need a bit more skill to use the tool. The user interface isn't that tedious. It's not that difficult to understand. When I initially learned how to use the interfaces, I was able to master it within a week and was able to use it quite effectively. So training is required. All skills are needed to learn how to use the tool. I would like to see more enhancements in the dashboards. Dashboards are available. They do need some configuration and settings. But I would like to see more business intelligence capabilities within the tool. It's not particularly a cybersecurity function, but, for instance, business impact analysis or other features where you can actually use business intelligence capabilities within your security tool. That would be remarkable because not only do you have a cybersecurity tool, but you also have a tool that can give you business impact analysis and some other measurements. A bit more intelligence in terms of that from a cybersecurity perspective would be remarkable.
report
Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
816,636 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
18%
Construction Company
13%
Financial Services Firm
10%
Insurance Company
8%
Financial Services Firm
20%
Manufacturing Company
14%
Computer Software Company
13%
Government
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What needs improvement with FortiDevSec?
The only drawback I see with FortiDevSec is the lack of extensions.
What advice do you have for others considering FortiDevSec?
We have implemented FortiDevSec for one customer for a year. It has been implemented successfully, and we haven't received any complaints from them. Since it's been used by only one customer, if we...
What do you like most about Micro Focus Fortify on Demand?
It helps deploy and track changes easily as per time-to-time market upgrades.
What is your experience regarding pricing and costs for Micro Focus Fortify on Demand?
In comparison with other tools, they're competitive. It is not more expensive than other solutions, but their pricing is competitive. The licenses for Fortify On Demand are generally bought in unit...
What needs improvement with Micro Focus Fortify on Demand?
Not challenges with the product itself. The product is very reliable. It does have a steep learning curve. But, again, one thing that Fortify or OpenText does very well is training. There are a lot...
 

Also Known As

No data available
Micro Focus Fortify on Demand
 

Learn More

 

Overview

 

Sample Customers

Information Not Available
SAP, Aaron's, British Gas, FICO, Cox Automative, Callcredit Information Group, Vital and more.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST). Updated: November 2024.
816,636 professionals have used our research since 2012.