Overview
Product Information on OpenText Static Application Security Testing (Fortify)
What is OpenText Static Application Security Testing (Fortify)?
OpenText Static Application Security Testing (Fortify) Pricing
Overall experience with OpenText Static Application Security Testing (Fortify)
“Minimizing False Positives: The Best Tool for Large Companies”
“Fortify Trusted for SAST Yet Faces Challenges with Scan Times and Dashboards”
About Company
Company Description
OpenText powers and protects information. As a global secure information management provider for businesses, OpenText tools span content management, artificial intelligence (AI), cybersecurity, cloud, and business networks. For over 30 years, OpenText has helped organizations manage and protect their data and documents while modernizing their information architecture. Its integrated hub connects information across departments and applications to enhance employee experience, productivity, and collaboration, while making information structured and searchable through AI, machine learning, and semantic search. In addition, OpenText delivers endpoint security and digital life protection solutions to safeguard businesses against cyberattacks and data breaches.
Company Details
Do You Manage Peer Insights at OpenText?
Access Vendor Portal to update and manage your profile.
Key Insights
A Snapshot of What Matters - Based on Validated User Reviews
Reviewer Insights for: OpenText Static Application Security Testing (Fortify)
Deciding Factors: OpenText Static Application Security Testing (Fortify) Vs. Market Average
Performance of OpenText Static Application Security Testing (Fortify) Across Market Features
OpenText Static Application Security Testing (Fortify) Likes & Dislikes
Accuracy and performance for large scale applications is very good.
It is a well known product. Auditors have never shown concern with using Fortify for SAST.
Excellent source code security scanning tools
Expensive and set up can be complex.However, support teams are very helpful and solve problems very fast.
1. Poor scan times. Scans on large apps over 2 million lines of code run for 24 hours 2. Poor dashboards. I have been unable to use the dashboards to report KPI data to executives. I was required to create PowerBI or Excel reports on exported data to satisfy this need 3. High noise: Fine tuning Fortify is complex. It is possible, but you must either develop scan rules or use their on premist Fortify Security Assistant that doesn't function properly
better server support
Top OpenText Static Application Security Testing (Fortify) Alternatives
Peer Discussions
OpenText Static Application Security Testing (Fortify) Reviews and Ratings
- Manager, It Security And Risk Management50M-1B USDHealthcare and BiotechReview Source
Fortify Trusted for SAST Yet Faces Challenges with Scan Times and Dashboards
I have been a Fortify customer for 7 years now and have administered and deployed FoD as well as their on premise engine (Software Security Center and Static Code Analysis). The scan results are trustworthy, but I have found that Fortify produces high false positives. The system overall is trustworthy, but for modern applications that must deliver scanning at devsecops speeds it is behind. I would only suggest fortify for large enterprises that can wait on scan results and have the budget for many vendors tools. - CYBERSECURITY SPECIALIST10B+ USDBankingReview Source
Minimizing False Positives: The Best Tool for Large Companies
It is the best in the area. There are fewer false positives.Good for big companies. - DEVOPS50M-1B USDMiscellaneousReview Source
Delving into the Strengths and Weaknesses of Esteemed Security Code Scanner
Excellent Software security code scanning product to uncover flaws - Manager of IT Services1B-10B USDTelecommunicationReview Source
Fortify Explores AI and Machine Learning for Enhanced Security Solutions
We have been using fortify for more than 5 years now. It's a comprehensive solution with the largest rules based on my research. While accuracy is debatable and I believe it's the same for all the static solutions I guess. It can be resource intensive for some programming languages so you need to consider good resourcing for your scanning machines when it comes to use fortify to its great potential. Fortify has announced that they are embarking on a journey in AI and machine learning to enhance and reduce noise and build auto remediation features in Fortify, which I believe will be very useful to our company and the team. - IT Associate50M-1B USDIT ServicesReview Source
Senior Software Consultant Endorses Fortify SCA
As a senior software consultant who has used many static analysis tools in past years, I can confidently say that fortify SCA stands out as the best in class solution. Here are the reasons why it is a great solution. Extensive language support Low false positive rate: Especially with the latest versions Rules customization options AI feature that saves tons of my time. The AI feature simply audits the issue. Scan performance is always better compared to other competitors.