We develop software packages for clients, and these clients are mostly in the BFSI sector. The packages need to be scanned, and we engage Fortify WebInspect for this. Customers typically perform their own application pen tests, but in some cases, we have engagements where customers want us to scan the dynamic codes, which is where we use WebInspect.
Customers use Fortify WebInspect to scan web applications and get results with recommendations. After running scans, customers often have questions and need my support or recommendations to understand how to fix the issues identified. This includes understanding what vulnerabilities were found and what they mean.
Senior Manager - IT Security & ISMS at Ericsson
Real User
Top 5
2023-04-25T11:17:08Z
Apr 25, 2023
This is a scanning tool. We carried out a POC with the aim of taking a proactive approach to scanning the applications and remediating the vulnerabilities in the development environment. We have 15-18 applications currently using Fortify. We'll be testing additional applications in the coming months.
Consulting Engineer at a consultancy with 11-50 employees
Real User
Top 10
2023-03-21T07:18:35Z
Mar 21, 2023
Most of the time, it is used to access the current state of a client's web application. Sometimes it's used to test in the test environment, and sometimes in the enterprise environment, for example, the published environment. It mainly scans and checks for critical vulnerabilities. It can also check the differences between the web application, between the crawled URLs. It's not the main functionality, however, it is possible to use it in that manner.
Information Security Architect at a real estate/law firm with 1,001-5,000 employees
Real User
2021-11-11T16:34:45Z
Nov 11, 2021
We use it for code scanning, security scanning, and finding vulnerabilities. I am using its latest version. I have Fortify code scan on the cloud and Fortify WebInspect on-premise for a dynamic scan. So, SAST is on the cloud, and DAST is on-premise.
Fortify WebInspect is an automated DAST solution that helps security professionals and QA testers uncover security vulnerabilities and configuration concerns by providing complete vulnerability detection. This is accomplished by mimicking real-world external security attacks on a live application in order to discover and prioritize concerns for root-cause study. Fortify WebInspect provides a number of REST APIs for easier integration, as well as the ability to be maintained via an intuitive...
We develop software packages for clients, and these clients are mostly in the BFSI sector. The packages need to be scanned, and we engage Fortify WebInspect for this. Customers typically perform their own application pen tests, but in some cases, we have engagements where customers want us to scan the dynamic codes, which is where we use WebInspect.
Customers use Fortify WebInspect to scan web applications and get results with recommendations. After running scans, customers often have questions and need my support or recommendations to understand how to fix the issues identified. This includes understanding what vulnerabilities were found and what they mean.
My company sells Fortify WebInspect to our customers.
This is a scanning tool. We carried out a POC with the aim of taking a proactive approach to scanning the applications and remediating the vulnerabilities in the development environment. We have 15-18 applications currently using Fortify. We'll be testing additional applications in the coming months.
Most of the time, it is used to access the current state of a client's web application. Sometimes it's used to test in the test environment, and sometimes in the enterprise environment, for example, the published environment. It mainly scans and checks for critical vulnerabilities. It can also check the differences between the web application, between the crawled URLs. It's not the main functionality, however, it is possible to use it in that manner.
Fortify WebInspect can be deployed on the cloud or on-premise. Fortify WebInspect is used as a vulnerability scanner for applications.
We use this solution for security testing.
We use it for code scanning, security scanning, and finding vulnerabilities. I am using its latest version. I have Fortify code scan on the cloud and Fortify WebInspect on-premise for a dynamic scan. So, SAST is on the cloud, and DAST is on-premise.
We primarily use the solution for web applications and tests.
We primarily use the solution to test web applications regularly.
This is a security testing tool that is used by our security team and the QA team.
We use WebInspect for performance network application testing to be sure that we aren't creating any security issues.
I am using WebInspect for finding vulnerabilities.
We use WebInspect for dynamic application security testing, and integrating that into all our needs.
We primarily use the solution for dynamic application scanning.
We primarily use the application for web application scanning.