Fortify by OpenText vs. Qualys VMDR

Fortify by OpenText

Qualys VMDR

Overview
Product	Rating	Most Used By	Product Summary	Starting Price
Fortify by OpenText	Score 9.0 out of 10	N/A	An AppSec solution formerly from Micro Focus, spanning SCA, SAST and DAST that supports the breadth and management of any application portfolio, used to secure code. Features API discovery and testing for any application, throughout the software lifecycle.	N/A
Qualys VMDR	Score 9.1 out of 10	N/A	Qualys VMDR 2.0 with TruRisk gives enterprises visibility and insight into cyber risk exposure with the goal of making it easy to prioritize vulnerabilities, assets, or groups of assets based on business risk. Security teams can take action to mitigate risk, helping the business measure its true risk, and track risk reduction over time.	N/A

Pricing

Fortify by OpenText

Qualys VMDR

Editions & Modules

No answers on this topic

Offerings

Pricing Offerings
Fortify by OpenText	Qualys VMDR
Free Trial
No	No
Free/Freemium Version
No	No
Premium Consulting/Integration Services
No	No

Entry-level Setup Fee

No setup fee

Additional Details

—

More Pricing Information

Features

Fortify by OpenText

Qualys VMDR

Threat Intelligence

Comparison of Threat Intelligence features of Product A and Product B
	Fortify by OpenText - Ratings	Qualys VMDR 8.4 7 Ratings 4% above category average
Network Analytics	00 Ratings	7.57 Ratings
Threat Recognition	00 Ratings	8.07 Ratings
Vulnerability Classification	00 Ratings	9.57 Ratings
Automated Alerts and Reporting	00 Ratings	9.07 Ratings
Threat Analysis	00 Ratings	8.57 Ratings
Threat Intelligence Reporting	00 Ratings	8.07 Ratings
Automated Threat Identification	00 Ratings	8.07 Ratings

Vulnerability Management Tools

Comparison of Vulnerability Management Tools features of Product A and Product B
	Fortify by OpenText - Ratings	Qualys VMDR 8.8 7 Ratings 6% above category average
IT Asset Realization	00 Ratings	9.07 Ratings
Authentication	00 Ratings	8.57 Ratings
Configuration Monitoring	00 Ratings	9.07 Ratings
Web Scanning	00 Ratings	8.56 Ratings
Vulnerability Intelligence	00 Ratings	9.07 Ratings

Best Alternatives
	Fortify by OpenText	Qualys VMDR
Small Businesses	GitLab Score 8.7 out of 10	Action1 Score 9.5 out of 10
Medium-sized Companies	Veracode Score 8.8 out of 10	Action1 Score 9.5 out of 10
Enterprises	Veracode Score 8.8 out of 10	CrowdStrike Falcon Score 9.1 out of 10
All Alternatives	View all alternatives	View all alternatives

User Ratings
	Fortify by OpenText	Qualys VMDR
Likelihood to Recommend	9.0 (6 ratings)	9.5 (7 ratings)
Likelihood to Renew	10.0 (1 ratings)	10.0 (1 ratings)
Usability	7.0 (1 ratings)	8.5 (2 ratings)
Availability	- (0 ratings)	10.0 (1 ratings)
Performance	- (0 ratings)	9.0 (1 ratings)
Support Rating	10.0 (1 ratings)	8.0 (2 ratings)
Implementation Rating	- (0 ratings)	9.0 (1 ratings)
Configurability	- (0 ratings)	9.0 (1 ratings)
Contract Terms and Pricing Model	- (0 ratings)	9.0 (1 ratings)
Ease of integration	- (0 ratings)	9.0 (1 ratings)
Product Scalability	- (0 ratings)	9.0 (1 ratings)
Vendor post-sale	- (0 ratings)	8.0 (1 ratings)
Vendor pre-sale	- (0 ratings)	8.0 (1 ratings)

User Testimonials
	Fortify by OpenText	Qualys VMDR
Likelihood to Recommend	OpenText It is best suited for runtime application security scanning and very useful for automation. You can seemlessly integrate with pipeline for dynamic scans. Cloud based apps can also be scanned for vulnerabilities, cross site scripting attacks. Basically all OWASP TOP 10. It is less appropriate to use if you have serverless architecture Incentivized Verified User Anonymous Read full review	Qualys Qualys VMDR is best suited for larger companies with a very large IT asset footprint. Qualys VMDR is not suited for businesses that are small and upcoming as the price for the tool is very expensive and could be a budget sink if not used properly. In our organization we use the Qualys VMDR dashboard and reporting in order to collect any vulnerabilities we miss during our routine audits to ensure that our environment is stable and protected for attacks. Incentivized Verified User Anonymous Read full review
Pros	OpenText DAST Scanning API Scanning Less detection of false positive Incentivized Zishan Ali Dakhani Employee Read full review	Qualys Seamless reporting across the different widgets (i.e. TruRisk) DEEP-DIVE into an asset's info/vulns Baked-in PCI ASV scans that a Qualys QSA can approve Incentivized Verified User Anonymous Read full review
Cons	OpenText Reporting could be better Can be an involved setup if your organization is not using common build tools Users get spammed with a lot of email updates from the service Incentivized Verified User Anonymous Read full review	Qualys Qualys VMDR can definitely improve on its reporting of assets as we have caught devices not captured in the Qualys VMDR scans. We would like to see an improvement on the dashboard interface as it is faulty sometimes. Qualys VMDR should focus on more competitive pricing as it is very expensive. Incentivized Verified User Anonymous Read full review
Likelihood to Renew	OpenText Since every firm needs to perform static code analysis on their applications, I believe Micro Focus Fortify WebInspect would work well for them (they also offer dynamic scanning, although I haven't used it myself). Different static analysis tools scan code in different ways, and Micro Focus Fortify WebInspect asks you to submit a complete build of the application along with debugging files. Depending on how your company builds its apps, this requirement may be simple or challenging. Incentivized Zishan Ali Dakhani Employee Read full review	Qualys Next to Veeam (which is a tremendous product for backup/DR) this is the best service/software I have used in the past three decades. Should be called the Swiss Army Knife of security. Incentivized Verified User Anonymous Read full review
Usability	OpenText It is a cloud-based platform which can provide us a very useful and unique features like Application Assessment, Scans, Vulnerability Test, Comprehensive Reporting, Monitoring, etc. Fortify by Open Text is also outstanding in various parameters for the support and integration and it is highly adaptable in various DevOps Program where you need secure app testing with all given features. Incentivized Ankitkumar Mistry Product Consultant Read full review	Qualys infrastructure to identify vulnerabilities Mallayasamy kamatchiappan Infra cloud services Read full review
Reliability and Availability	OpenText No answers on this topic	Qualys Always available with the exception on maint windows Incentivized Verified User Anonymous Read full review
Performance	OpenText No answers on this topic	Qualys Once in a while it would be slow - Incentivized Verified User Anonymous Read full review
Support Rating	OpenText Always receive excellent support from the vendor. No issues there. Incentivized Gene Baker Vice President, Chief Architect, Development Manager and Software Engineer Read full review	Qualys This is iron but I am giving it 5 star and I can give more If I can do because they are best in support. So once you own this product they will assign a dedicated support for you and when you are under the weather with anything just connect them with anything call, ping or ticket they will come like Genie. Varun Khare Senior Analyst Read full review
Implementation Rating	OpenText No answers on this topic	Qualys Not really - the integrations via connectors is not heavy lifting. Any complexity has to do with a service that requires more steps (i.e. AWS/GCP) Incentivized Verified User Anonymous Read full review
Alternatives Considered	OpenText Fortify Application Defender is a little more timely and upfront with a lot of their information on cyber security. we like what they provide and how they communicate with our users. I think they have a good understanding and practice in their field. they seem best suited for us and the best fit. Incentivized Verified User Anonymous Read full review	Qualys It is a very similar tool but Qualys VMDR is much better when it comes to reporting and solutions provided. Asset management is really good in Qualys VMDR. Qualys VMDR support is really quick , you can get a TPM if you run into any issues. Qualys VMDR has wide variety of scanning options which lacks in tenable. Incentivized Verified User Anonymous Read full review
Contract Terms and Pricing Model	OpenText No answers on this topic	Qualys MOSTLY good - but as noted having all features purchased on portal only - nothing that is not purchased. Incentivized Verified User Anonymous Read full review
Scalability	OpenText No answers on this topic	Qualys Outside some pretty arcane apps or OS this is painless. The problem - and self-inflicted - is that older stuff is not supported. Incentivized Verified User Anonymous Read full review
Return on Investment	OpenText DevSecOps helped in reducing efforts License cost was less We could roll out double the count of applications with implementation of WebInspect Incentivized Verified User Anonymous Read full review	Qualys Cut down on manual efforts to investigate or remediate vulnerabilities, which can be a big driver of ROI Avoidance of potential incidents with upfront risk mitigation Patching efficiency gains Incentivized Verified User Anonymous Read full review
ScreenShots