We performed a comparison between Fortify on Demand and Polyspace Code Prover based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Fortify on Demand is easy to use and the reporting is good."
"Micro Focus WebInspect and Fortify code analysis tools are fully integrated with SSC portals and can instantly register to error tracking systems, like TFS and JIRA."
"Its ability to perform different types of scans, keep everything in one place, and track the triage process in Fortify SSC stands out."
"Fortify helps us to stay updated with the newest languages and versions coming out."
"The UL is easy to use compared to that of other tools, and it is highly reliable. The findings provide a lower number of false positives."
"The solution is user-friendly. One feature I find very effective is the tool's automatic scanning capability. It scans replicas of the code developers write and automatically detects any vulnerabilities. The integration with CI/CD tools is also useful for plugins."
"The solution is very fast."
"We have the option to test applications with or without credentials."
"The product detects memory corruptions."
"Polyspace Code Prover is a very user-friendly tool."
"When we work on safety modules, it is mandatory to fulfill ISO 26262 compliance. Using Prover helps fulfill the standard on top of many other quality checks, like division by zero, data type casts, and null pointer dereferences."
"The outputs are very reliable."
"Polyspace Code Prover has made me realize it differs from other static code analysis tools because it runs the code. So it's quite distinct in that aspect."
"I would like to see improvement in CI integration and integration with GitLab or Jenkins. It needs to be more simple."
"It's still a little bit too complex for regular developers. It takes a little bit more time than usual. I know static code scan is not the main focus of the tool, but the overall time span to scan the code, and even to set up the code scanning, is a bit overwhelming for regular developers."
"Sometimes when we run a full scan, we have a bunch of issues in the code. We should not have any issues."
"It lacks of some important features that the competitors have, such as Software Composition Analysis, full dead code detection, and Agile Alliance's Best Practices and Technical Debt."
"There are many false positives identified by the solution."
"If you have a continuous integration in place, for example, and you want it to run along with your build and you want it to be fast, you're not going to get it. It adds to your development time."
"In terms of what could be improved, we need more strategic analysis reports, not just for one specific application, but for the whole enterprise. In the next release, we need more reports and more analytic views for all the applications. There is no enterprise view in Fortify. I would like enterprise views and reports."
"They could provide features for artificial intelligence similar to other vendors."
"Using Code Prover on large applications crashes sometimes."
"The tool has some stability issues."
"One of the main disadvantages is the time it takes to initiate the first run."
"I'd like the data to be taken from any format."
"Automation could be a challenge."
Fortify on Demand is ranked 10th in Application Security Tools with 57 reviews while Polyspace Code Prover is ranked 23rd in Application Security Tools with 5 reviews. Fortify on Demand is rated 8.0, while Polyspace Code Prover is rated 7.6. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Polyspace Code Prover writes "A stable solution for developing software components". Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Fortify WebInspect, whereas Polyspace Code Prover is most compared with SonarQube, Coverity, Klocwork, CodeSonar and Semmle QL. See our Fortify on Demand vs. Polyspace Code Prover report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.