The solution has been quite stable over the years.
We've found the documentation to be very good.
When there are issues, there is a lot of explanation about what they are and how to solve problems. Communication is very clear.
Stable, with good documentation but the pricing is a bit high
Pros and Cons
- "We've found the documentation to be very good."
- "The pricing is a bit high."
What is most valuable?
What needs improvement?
The pricing is a bit high.
We have not enough for really sharing between with editor. Therefore, we have to use an older version of a product.
For how long have I used the solution?
We've used the solution for 12 or so years at this point. It's been well over a decade. We've used it for quite a while.
What do I think about the stability of the solution?
The stability of the solution is pretty good. There are no bugs or glitches. It doesn't crash or freeze. It's pretty reliable.
Buyer's Guide
Fortify Static Code Analyzer
May 2025
Learn what your peers think about Fortify Static Code Analyzer. Get advice and tips from experienced pros sharing their opinions. Updated: May 2025.
851,823 professionals have used our research since 2012.
How are customer service and support?
Technical support is good. When we put in requests, we get feedback and results. Older requests get treated with priority, and newer requests go into a queue.
What's my experience with pricing, setup cost, and licensing?
The pricing of the solution is a bit high. It would be nice if it was more competitive.
Which other solutions did I evaluate?
While we do want to continue to use the product, we want to negotiate with Microsoft about the licensing. in the meantime, we will likely evaluate a few other options.
What other advice do I have?
We're just an end-user and a customer. We don't have a business relationship with Fortify.
We are not using the latest version of the solution right now. We're waiting for the Fortify version with PCI DSS 4.0.
I'd rate the solution at a six out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Cloud Security Analyst at a agriculture with 1-10 employees
Identifies issues like password credentials and access keys embedded in the code
Pros and Cons
- "Integrating the Fortify Static Code Analyzer into our software development lifecycle was straightforward. It highlights important information beyond just syntax errors. It identifies issues like password credentials and access keys embedded in the code."
- "The product shows false positives for Python applications."
Buyer's Guide
Download our free Fortify Static Code Analyzer Report and get advice and tips from experienced pros
sharing their opinions.
Updated: May 2025
Product Categories
Static Code AnalysisPopular Comparisons
Buyer's Guide
Download our free Fortify Static Code Analyzer Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What is the difference between SAST and SCA tools?
- When evaluating Static Code Analysis Software, what aspect do you think is the most important to look for?
- Differences between Black Duck & Veracode
- What is your recommended static code analysis tool for JavaScript and C/C++?
- Is there an automated way to validate and enforce requirements for application security when creating components, and cloud environments?
- Why is Static Code Analysis important for companies?
