Fortify by OpenText vs. Tanium

It is best suited for runtime application security scanning and very useful for automation. You can seemlessly integrate with pipeline for dynamic scans. Cloud based apps can also be scanned for vulnerabilities, cross site scripting attacks. Basically all OWASP TOP 10. It is less appropriate to use if you have serverless architecture

Incentivized

Tanium is well suited for organizations where enterprise infrastructure has great significance and needs to be properly managed as well as protected. Most organizations depend upon their infrastructure to sustain so Tanium can be a boon for them to sustain in this competitive market. However, Tanium is less appropriate for the traditional offices that don't have or have a less online presence.

Incentivized

• DAST Scanning
• API Scanning
• Less detection of false positive

Incentivized

• It's recognize threat and offering easily.
• Helps in security management and installing patches.
• Tanium offers endpoint data precisely, merges many teams and processes effectively.
• It's protect from all kinds of malicious threat and help you to achieve your task.

Incentivized

• Reporting could be better
• Can be an involved setup if your organization is not using common build tools
• Users get spammed with a lot of email updates from the service

Incentivized

• One issue is its ring topology, as the data is stored in central hubs and pushed through its peer nodes. If the central hub fails, then the associated node will also result in failure.
• Another problem is that all Tanium management is on premises requiring the customer to maintain it. If we want ask any help from Tanium support we always get a response like "you are maintaining it yourselves and it's your responsibility.
• The Tanium User Interface could be improved a bit as, although the tool is rich in performance, a more impressive UI might really attract new customers.

Incentivized

Since every firm needs to perform static code analysis on their applications, I believe Micro Focus Fortify WebInspect would work well for them (they also offer dynamic scanning, although I haven't used it myself). Different static analysis tools scan code in different ways, and Micro Focus Fortify WebInspect asks you to submit a complete build of the application along with debugging files. Depending on how your company builds its apps, this requirement may be simple or challenging.

Incentivized

It is a cloud-based platform which can provide us a very useful and unique features like Application Assessment, Scans, Vulnerability Test, Comprehensive Reporting, Monitoring, etc. Fortify by Open Text is also outstanding in various parameters for the support and integration and it is highly adaptable in various DevOps Program where you need secure app testing with all given features.

Incentivized

Always receive excellent support from the vendor. No issues there.

Incentivized

Fortify Application Defender is a little more timely and upfront with a lot of their information on cyber security. we like what they provide and how they communicate with our users. I think they have a good understanding and practice in their field. they seem best suited for us and the best fit.

Incentivized

Tanium is always my first choice, so much excellent feedback online from genuine users, easy to use in any system environment, and value for money, so many good things about Tanium stacks up against all the other competitors in the market. Tanium is one of the most reliable and trusted risk and compliance management software.

Incentivized

• DevSecOps helped in reducing efforts
• License cost was less
• We could roll out double the count of applications with implementation of WebInspect

Incentivized

• Enhanced security.
• Increase in customer trust.
• Overall increase in company revenue.

Incentivized