Try our new research platform with insights from 80,000+ expert users
Fortify Application Defender Logo

Fortify Application Defender pros and cons

Vendor: OpenText
3.9 out of 5
101 followers
Post review

Pros & Cons summary

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the category report

Prominent pros & cons

PROS

Fortify Application Defender effectively identifies security defects, enhancing overall application safety.
It improves code quality, ensuring organizations develop more robust software.
The real-time data analysis feature provides immediate insights into application performance and security concerns.
Its integration with WebInspect allows for dynamic application scanning and efficient rule automation.
The software composition analysis feature is particularly beneficial for .NET applications, helping to pinpoint and address library vulnerabilities.

CONS

Support for older compilers/IDEs is lacking.
Fortify Application Defender is quite expensive.
The time it takes to scan could be improved, as it can take hours compared to minutes in SonarQube.
Fortify Application Defender could benefit from supporting more code languages, such as GRAAS and Groovy.
Fortify Application Defender gives a lot of false positives, particularly for Python applications.
 

Fortify Application Defender Pros review quotes

TH
Sep 21, 2020
The most valuable feature is the ability to automatically feed it rules what it's coupled with the WebInspect dynamic application scanning technology.
VS
Apr 23, 2024
I find the configuration of rules in Fortify Application Defender useful. Its integration is also easy.
DP
Mar 5, 2020
The most valuable feature is that it analyzes data in real-time.
Find out what your peers are saying about OpenText, Sonar, Checkmarx and others in Application Security Tools. Updated: December 2024.
824,053 professionals have used our research since 2012.
reviewer1142943 - PeerSpot reviewer
Jan 4, 2022
We are able to provide out customers with a secure application after development. They are no longer left wondering if they are vulnerable to different threats within the market following deployment.
HisaoOgata - PeerSpot reviewer
May 24, 2023
The product saves us cost and time.
Saroj-Patnaik - PeerSpot reviewer
Feb 13, 2023
Fortify Application Defender's most valuable features are machine learning algorithms, real-time remediation, and automatic vulnerability notifications.
GM
Aug 22, 2019
The solution helped us to improve the code quality of our organization.
WW
Sep 7, 2021
The information from Fortify Application Defender on how to fix and solve issues is very good compared to other solutions.
Abner Silva - PeerSpot reviewer
Apr 1, 2024
The tool's most valuable feature is software composition analysis. This feature works well with my .NET applications, providing a better understanding of library vulnerabilities.
BD
Apr 9, 2018
Its ability to find security defects is valuable.
 

Fortify Application Defender Cons review quotes

TH
Sep 21, 2020
The biggest complaint that I have heard concerns additional platform support because right now, it only supports applications that are written in .NET and Java.
VS
Apr 23, 2024
The product should integrate industry-standard code review tools internally with its system. This would streamline the coding process, as developers wouldn't need multiple tools for code review and security checks. Many independent and open-source tools are available, from Apache to various libraries. Using multiple DevOps pipeline tools can slow the turnaround time.
DP
Mar 5, 2020
The workbench is a little bit complex when you first start using it.
Find out what your peers are saying about OpenText, Sonar, Checkmarx and others in Application Security Tools. Updated: December 2024.
824,053 professionals have used our research since 2012.
reviewer1142943 - PeerSpot reviewer
Jan 4, 2022
The licensing can be a little complex.
HisaoOgata - PeerSpot reviewer
May 24, 2023
The false positive rate should be lower.
Saroj-Patnaik - PeerSpot reviewer
Feb 13, 2023
Fortify Application Defender gives a lot of false positives.
GM
Aug 22, 2019
The solution is quite expensive.
WW
Sep 7, 2021
The solution could improve the time it takes to scan. When comparing it to SonarQube it does it in minutes while in Fortify Application Defender it can take hours.
Abner Silva - PeerSpot reviewer
Apr 1, 2024
I encountered many false positives for Python applications.
BD
Apr 9, 2018
Support for older compilers/IDEs is lacking.