Findbugs vs. Fortify by OpenText

Findbugs

Findbugs

1 Reviews and Ratings

Fortify by OpenText

Fortify by OpenText

22 Reviews and Ratings

Overview
Product	Rating	Most Used By	Product Summary	Starting Price
Findbugs	Score 7.0 out of 10	N/A	FindBugs is an open source program which uses static analysis to look for bugs in Java code. It is free software, distributed under the terms of the Lesser GNU Public License, and was developed (and its brand is trademarked by) the University of Maryland.	N/A
Fortify by OpenText	Score 9.2 out of 10	N/A	An AppSec solution formerly from Micro Focus, spanning SCA, SAST and DAST that supports the breadth and management of any application portfolio, used to secure code. Features API discovery and testing for any application, throughout the software lifecycle.	N/A

Pricing

Findbugs

Fortify by OpenText

Editions & Modules

No answers on this topic

No answers on this topic

Offerings

Pricing Offerings
Findbugs	Fortify by OpenText
Free Trial
No	No
Free/Freemium Version
No	No
Premium Consulting/Integration Services
No	No

Entry-level Setup Fee

No setup fee

No setup fee

Additional Details

—

—

More Pricing Information

Best Alternatives
	Findbugs	Fortify by OpenText
Small Businesses	PyCharm Score 9.0 out of 10	GitLab Score 8.6 out of 10
Medium-sized Companies	PyCharm Score 9.0 out of 10	Veracode Score 9.2 out of 10
Enterprises	PyCharm Score 9.0 out of 10	Veracode Score 9.2 out of 10
All Alternatives	View all alternatives	View all alternatives

User Ratings
	Findbugs	Fortify by OpenText
Likelihood to Recommend	7.0 (1 ratings)	9.1 (6 ratings)
Likelihood to Renew	- (0 ratings)	10.0 (1 ratings)
Usability	- (0 ratings)	7.0 (1 ratings)
Support Rating	- (0 ratings)	10.0 (1 ratings)

User Testimonials
	Findbugs	Fortify by OpenText
Likelihood to Recommend	Open Source Findbugs is best suited even when you want to adapt to certain coding conventions and discover possible bugs beforehand and it's best suited for the java open source. whether you are a developer or a DevOps engineer you can even use it as a plugin in your Jenkins pipeline or any other build automation server and your developer tool such as visual studio as well. Incentivized Arush Soel Associate Staff Engineer Read full review	OpenText It is best suited for runtime application security scanning and very useful for automation. You can seemlessly integrate with pipeline for dynamic scans. Cloud based apps can also be scanned for vulnerabilities, cross site scripting attacks. Basically all OWASP TOP 10. It is less appropriate to use if you have serverless architecture Incentivized Verified User Anonymous Read full review
Pros	Open Source Scan the code for existing bugs present It can detect an vulnerabilities and also show possible bad warnings Can help identify errors in advance to avoid code crash post deployment Incentivized Arush Soel Associate Staff Engineer Read full review	OpenText DAST Scanning API Scanning Less detection of false positive Incentivized Zishan Ali Dakhani Employee Read full review
Cons	Open Source It’s documentation is not always up to date Difficulty in finding a prper solution when an issue arises during its configuration has limited features Incentivized Arush Soel Associate Staff Engineer Read full review	OpenText Reporting could be better Can be an involved setup if your organization is not using common build tools Users get spammed with a lot of email updates from the service Incentivized Verified User Anonymous Read full review
Likelihood to Renew	Open Source No answers on this topic	OpenText Since every firm needs to perform static code analysis on their applications, I believe Micro Focus Fortify WebInspect would work well for them (they also offer dynamic scanning, although I haven't used it myself). Different static analysis tools scan code in different ways, and Micro Focus Fortify WebInspect asks you to submit a complete build of the application along with debugging files. Depending on how your company builds its apps, this requirement may be simple or challenging. Incentivized Zishan Ali Dakhani Employee Read full review
Usability	Open Source No answers on this topic	OpenText It is a cloud-based platform which can provide us a very useful and unique features like Application Assessment, Scans, Vulnerability Test, Comprehensive Reporting, Monitoring, etc. Fortify by Open Text is also outstanding in various parameters for the support and integration and it is highly adaptable in various DevOps Program where you need secure app testing with all given features. Incentivized Ankitkumar Mistry Product Consultant Read full review
Support Rating	Open Source No answers on this topic	OpenText Always receive excellent support from the vendor. No issues there. Incentivized Gene Baker Vice President, Chief Architect, Development Manager and Software Engineer Read full review
Alternatives Considered	Open Source Sonar cloud has its own cloud where all the code vulnerabilities are collected and stored as a whole whereas its a plugin that is used in a code itself but the cons is that SonarCloud needs a license if you want to use it privately and also requires personal access token authentication if used with an external service Incentivized Arush Soel Associate Staff Engineer Read full review	OpenText Fortify Application Defender is a little more timely and upfront with a lot of their information on cyber security. we like what they provide and how they communicate with our users. I think they have a good understanding and practice in their field. they seem best suited for us and the best fit. Incentivized Verified User Anonymous Read full review
Return on Investment	Open Source Its being used overall by most of the teams Some of the teams migrating to another testing tool as it has limited features Still recommend as its open source and beginners friendly Incentivized Arush Soel Associate Staff Engineer Read full review	OpenText DevSecOps helped in reducing efforts License cost was less We could roll out double the count of applications with implementation of WebInspect Incentivized Verified User Anonymous Read full review
ScreenShots