Chrome DevTools is a set of authoring, debugging, and profiling tools built into Google Chrome.
N/A
Fortify by OpenText
Score 9.0 out of 10
N/A
An AppSec solution formerly from Micro Focus, spanning SCA, SAST and DAST that supports the breadth and management of any application portfolio, used to secure code. Features API discovery and testing for any application, throughout the software lifecycle.
Chrome DevTools are great for troubleshooting bugs, broken elements on pages, styling issues, responsiveness, identifying performance issues, third-party connections for data privacy, reviewing cookies and local storage, screenshots in different dimensions. Chrome DevTools are for technical users, so you do need to have a decent understanding of some basics like HTML and CSS to get started using them.
It is best suited for runtime application security scanning and very useful for automation. You can seemlessly integrate with pipeline for dynamic scans. Cloud based apps can also be scanned for vulnerabilities, cross site scripting attacks. Basically all OWASP TOP 10. It is less appropriate to use if you have serverless architecture
As one delves into DevTools, one encounters a gradually steeper learning curve. You can do a lot very quickly, but to fully utilize DevTools takes time as one explores what it can do.
With many new updates, tools and items are moved, and a comfortable workflow becomes a frustrating search. This often happens when following only slightly outdated tutorials on a given feature, even in Google's own documentation.
The experimental flags, settings, and options are scattered about and a little clunky to configure when one has to make changes in multiple places.
Since every firm needs to perform static code analysis on their applications, I believe Micro Focus Fortify WebInspect would work well for them (they also offer dynamic scanning, although I haven't used it myself). Different static analysis tools scan code in different ways, and Micro Focus Fortify WebInspect asks you to submit a complete build of the application along with debugging files. Depending on how your company builds its apps, this requirement may be simple or challenging.
While Chrome DevTools are very powerful, it's not the easiest thing to use, as there are so many different tools built in. It takes some exploring to discover all the options possible within DevTools, but with a little exploring, the DevTools become a very powerful asset. Accessing the basic HTML and CSS inspection is very easy though, and that's the most common usage for the DevTools.
It is a cloud-based platform which can provide us a very useful and unique features like Application Assessment, Scans, Vulnerability Test, Comprehensive Reporting, Monitoring, etc. Fortify by Open Text is also outstanding in various parameters for the support and integration and it is highly adaptable in various DevOps Program where you need secure app testing with all given features.
I'm not entirely sure what to rate the support for DevTools, because I don't have any experience dealing with official customer support for DevTools. I would guess the primary support for DevTools would be in a Chrome forum. Typically if I have a question or issue, I am able to find an answer from doing a quick Google search. It's pretty widely used, so it's not difficult to find answers.
I find them pretty much the same, they have the same tools except Firefox doesn't provide the lighthouse functionality. I do prefer firefox's dark theme and colour palette. But I use Chrome Dev tools because of the Light house functionality that analyzes the page load and scores the website on desktop and mobile experience.
Fortify Application Defender is a little more timely and upfront with a lot of their information on cyber security. we like what they provide and how they communicate with our users. I think they have a good understanding and practice in their field. they seem best suited for us and the best fit.
