OpenText Core Application Security Reviews & Product Details

Scans are thorough, easily distributed. Branding. Perceived integration. Review collected by and hosted on G2.com.

Returns many false positives - for example identifies any variable with the name 'key' as a stored encryption key violation. Doesn't understand the context of code, or entry points for an exploit. Cumbersome in execution (will monopolize a machine's resources while running). Review collected by and hosted on G2.com.

There is a good flexibility of the demand ability Review collected by and hosted on G2.com.

Customer service has not been great. Not intuitive so takes some time to get really into it. Review collected by and hosted on G2.com.

We use the HP Fortify on Demand SaaS, this allows us to free up resources from having to spend time maintaining the infrastructure.

The product allows for RBAC, which helps in allowing appropriate access at all levels.

We have implemented a process of Scan-at-Build, this allows us to ensure that continuous testing is performed.

Additionally, we have enabled SSO, so that developers are able to login to check results as well as add commentary information. Review collected by and hosted on G2.com.

One thing that I would like to see improved is the capability for the platform to be able to send alerts on detection of findings. This would allow for stakeholders to be made aware, and take action Review collected by and hosted on G2.com.

it helps spot any flaws in our security application system. Review collected by and hosted on G2.com.

I feel there should me more sell package options Review collected by and hosted on G2.com.

Fortify has a magical dashboard where you can find and detect your security issues in your applications. Review collected by and hosted on G2.com.

I would like a more flexible GUI to edit and design reports. Review collected by and hosted on G2.com.

The response time for analysis report is pretty fast and very well detailed. The reports are very granular and the communication with the vendor is pretty much instantaneous. Review collected by and hosted on G2.com.

Sometimes the level of effort to fight a "red flag" in the code can be overwhelming. This requires engaging senior level people to agree on something. It feels like going through an audit and having to fight the major discrepancies. That is very time consuming. Review collected by and hosted on G2.com.

Microfocus fortify is one of best security vulnerability scanning tool . It helps to mitigate the security risks before launching the application Review collected by and hosted on G2.com.

There is nothing much to dislike about this tool Review collected by and hosted on G2.com.

Client portal is real helpful. Projects status in real time creates a streamlined process internally and externally. Review collected by and hosted on G2.com.

Currently we have not delve very far into the program to have dislikes. Review collected by and hosted on G2.com.

I appreciate the interface for backlog management as well as the test management structure Review collected by and hosted on G2.com.

Better functionality could be added for release management Review collected by and hosted on G2.com.

Excellent service and support, technology and road map meet our requirements the best. Review collected by and hosted on G2.com.

Good flex on demand ability but lack of visibility to the actual testing done Review collected by and hosted on G2.com.