We performed a comparison between Fortify on Demand and ShiftLeft based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."Fortify on Demand's best feature is that there's no need to install and configure it locally since it's on the cloud."
"The solution is user-friendly."
"Audit workbench: for on-the-fly defect auditing."
"The vulnerability detection and scanning are awesome features."
"The most valuable features are the detailed reporting and the ability to set up deep scanning of the software, both of which are in the same place."
"Fortify supports most languages. Other tools are limited to Java and other typical languages. IBM's solutions aren't flexible enough to support any language. Fortify also integrates with lots of tools because it has API support."
"The features that I have found most valuable include its security scan, the vulnerability finds, and the web interface to search and review the issues."
"The user interface is good."
"When it comes to ShiftLeft, the most valuable feature is definitely its ease of use and cost-effectiveness."
"With Rapid7 I utilized its reporting capabilities to deliver Client Reports within just a few minutes of checking the data. I believe that HP’s FoD Clients could sell more services to clients if HP put more effort into delivering visually pleasing reporting capabilities."
"They could provide features for artificial intelligence similar to other vendors."
"In terms of what could be improved, we need more strategic analysis reports, not just for one specific application, but for the whole enterprise. In the next release, we need more reports and more analytic views for all the applications. There is no enterprise view in Fortify. I would like enterprise views and reports."
"We have some stability issues, but they are minimal."
"There were some regulated compliances, which were not there."
"If you have a continuous integration in place, for example, and you want it to run along with your build and you want it to be fast, you're not going to get it. It adds to your development time."
"The solution has some issues with latency. Sometimes it takes a while to respond. This issue should be addressed."
"It does scanning for all virtual machines and other things, but it doesn't do the scanning for containers. It currently lacks the ability to do the scanning on containers. We're asking their product management team to expand this capability to containers."
"Having support from senior management is crucial in making it mandatory for teams to collaborate with the security team throughout the development process."
Fortify on Demand is ranked 10th in Application Security Tools with 57 reviews while ShiftLeft is ranked 26th in Application Security Tools with 1 review. Fortify on Demand is rated 8.0, while ShiftLeft is rated 10.0. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of ShiftLeft writes "Effectively in identify and fix bugs early in the development lifecycle". Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Fortify WebInspect, whereas ShiftLeft is most compared with SonarQube and Black Duck.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.