Secure your software with frequent and automated scans
December 09, 2019

Secure your software with frequent and automated scans

Gene Baker | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with Fortify on Demand (formerly HP Fortify on Demand)

We use Fortify on our applications to perform SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing). This is an Enterprise approved product and it is part of a suite of products used across the enterprise. This is NOT the only product we use for our testing, but part of a suite of products.
  • SAST
  • DAST
  • Manage Software Security Risk
  • Automation
  • Compliance
  • Integration
  • Cross module compliance
  • Good as part of our security suite to help prevent successful attacks.
  • Reporting of defects helps to educate developers.
  • Worth the price we paid.
CAST in my opinion provides a far superior product in that it can parse in an entire suite of applications and do scans across modules. HP Fortify probably has deeper and more current scanning so I think both products complement each other. I would not rely solely on Fortify and would try to have that as part of the mix of products. Overall it's a good product. We use Fortify because the Enterprise has made that a mandatory part of our security suite.
Always receive excellent support from the vendor. No issues there.

Do you think Micro Focus Fortify on Demand delivers good value for the price?

Yes

Are you happy with Micro Focus Fortify on Demand's feature set?

Yes

Did Micro Focus Fortify on Demand live up to sales and marketing promises?

Yes

Did implementation of Micro Focus Fortify on Demand go as expected?

Yes

Would you buy Micro Focus Fortify on Demand again?

Yes

Integrated as part of our CI / CD chain. Scans are done in an automated fashion and defects are reported out and tracked. Easy to use, easy to integrate. Very pleased with the product. It does not perform cross module analysis scanning for vulnerabilities that may cross applications as well as it could, but it's pretty close.