Badges
35 Points
7 Years
User Activity
Over 4 years ago
I believe the reviewer or the forum organizer has posted this review in the wrong area, or confused Fortify's WebInspect product (DAST) with their Static Code Analyzer ("Fortify SCA") product (SCA)
+++++++++
Fortify general:…
Over 5 years ago
Answered a question: Why Do I Need Application Security Software?
Acquiring the tools is not the goal, it is to operate an Application Security program. Remember that you need People-Technology-and-Processes, not simply some cool technology tool, even if that modern tech is now much faster and clearer than ever before. An AppSec program…
About 6 years ago
Fortify does not offer a cloud version of WebInspect that the user can drive or configure directly
The closest they have to WebInspect in a cloud format is the Fortify On Demand SaaS ("FOD"), and truthfully that is more "DAST or AppSec As A Service". In FOD, the customer…
About 6 years ago
Answered a question: Checkmarx vs SonarQube: How Do I Choose?
SonarQube likely should be removed from your site's AppSec category. Read the other comments to understand why. It's a good tool, but this is not its category.
Over 6 years ago
Answered a question: What Application Security Solution Do You Use That Is DevOps Friendly?
[Full disclosure - I work for Fortify Software]
Fortify SCA (Static Code Analyzer) can support your DevOps system in a variety of ways, so the choices are all yours, which can make this tough. I just wanted to share some of our On-premise and On-line options below to get…
Answers
Over 6 years ago
Static Application Security Testing (SAST)
Comments
Over 4 years ago
Dynamic Application Security Testing (DAST)
About 6 years ago
Dynamic Application Security Testing (DAST)
About me
I joined this forum to help correct some blatantly bad info about the software i support, but I am blocked from noting these. For instance, one EOL product used for DAST was being compared to an Open Source management suite, so WTF? Also, I could correct the public URLs to help the readers find more relevant data. Ah well....