We performed a comparison between Acunetix and Fortify on Demand based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."For us, the most valuable aspect of the solution is the log-sequence feature."
"The automated approach to these repetitive discovery attempts would take days to do manually and therefore it helps reduce the time needed to do an assessment."
"It comes equipped with an internal applicator, which automatically identifies and addresses vulnerabilities within the program."
"Acunetix has an awesome crawler. It gives a referral site map of near targets and also goes really deep to find all the inputs without issues. This was valuable because it helped me find some files or directories, like web admin panels without authentication, which were hidden."
"One of the features that I feel is groundbreaking, that I would like to see expanded on, is the IAS feature: The Interactive Application Security Testing module that gets loaded onto an application on a server, for more in-depth, granular findings. I think that is really neat. I haven't seen a lot of competitors doing that."
"The solution is highly stable."
"I haven't seen reporting of that level in any other tool."
"The most valuable feature of the solution is the speed at which it can scan multiple domains in just a few hours."
"It has saved us a lot of time as we focus primarily on programming rather than tool operational work."
"Being able to reduce risk overall is a very valuable feature for us."
"The SAST feature is the most valuable."
"Fortify on Demand is easy to use and the reporting is good."
"The features that I have found most valuable include its security scan, the vulnerability finds, and the web interface to search and review the issues."
"t's a cloud-based solution, so there was no installation involved."
"This product is top-notch solution and the technology is the best on the market."
"Fortify on Demand's best feature is that there's no need to install and configure it locally since it's on the cloud."
"There is room for improvement in website authentication because I've seen other products that can do it much better."
"The only problem that they have is the price. It is a bit expensive, and you cannot change the number of applications for the whole year."
"Tools that would allow us to work more efficiently with the mobile environment, with Android and iOS."
"The vulnerability identification speed should be improved."
"It would be nice to have a feature to "retest" only a single vulnerability that the customer reports as patched, and delete it from the next scans since it has already been patched."
"There's a clear need for a reduction in pricing to make the service more accessible."
"The jargon used makes it difficult for project managers to understand the issues, and the technical explanations used make it difficult for developers to understand issues. These things should be simplified much more. That would be very helpful for us when explaining to them what needs to be fixed. The report output needs to be simplified."
"The solution limits the number of scans. It would be much better if we could have unlimited scans."
"The reporting capabilities need improvement, as there are some features that we would like to have but are not available at the moment."
"If you have a continuous integration in place, for example, and you want it to run along with your build and you want it to be fast, you're not going to get it. It adds to your development time."
"Not fully integrated with CIT processes."
"We want a user-based control and role-based access for developers. We want to give limited access to developers so that it only pertains to the code that they write and scanning of the codes for any vulnerabilities as they're progressing with writing the code. As of now, the interface to give restricted access to the developers is not the best. It gives them more access than what is basically required, but we don't want over-provisioning and over-access."
"We have some stability issues, but they are minimal."
"During development, when our developer makes changes to their code, they typically use GitHub or GitLab to track those changes. However, proper integration between Fortify on Demand and GitHub and GitLab is not there yet. Improved integration would be very valuable to us."
"I would like the solution to add AI support."
"With Rapid7 I utilized its reporting capabilities to deliver Client Reports within just a few minutes of checking the data. I believe that HP’s FoD Clients could sell more services to clients if HP put more effort into delivering visually pleasing reporting capabilities."
Acunetix is ranked 17th in Application Security Tools with 26 reviews while Fortify on Demand is ranked 8th in Application Security Tools with 57 reviews. Acunetix is rated 7.6, while Fortify on Demand is rated 8.0. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, PortSwigger Burp Suite Professional, HCL AppScan and Fortify WebInspect, whereas Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Fortify WebInspect. See our Acunetix vs. Fortify on Demand report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.