In my opinion, there are no areas that could be improved with Fortify Software Security Center. I would say it is a good product and a mature product. However, the SAST has many improvement areas. As I mentioned, for demand, it is a must for SAST, and they have to involve the other four pillars to complete the whole solution. We are currently adding Kiuwan or SonarQube to the whole solution to complete it.
I would like the false positive issue to diminish. I have experienced a lot of false positives, but I think this is due to using an older version. I hope the new version will resolve my problem.
Improvements needed for Software Security Center include better aggregation views of datasets. I desire additional features like trend analysis or deeper views of vulnerability data based on analysis. I also wish for features similar to those found in a SIM tool to see different data trends and log correlation.
The integrability of this solution can be improved. Integration with other tools such as Jira is needed. We are having issues with false positives that need to be resolved. Being able to save reports in different formats would be helpful because they could be imported into other tools or repositories. Technical support should respond more quickly to requests and inquiries. In the next release, I would like to see a more streamlined output that is easy to manage. They do have a dashboard now, but it can be improved by making it simpler.
Find out what your peers are saying about OpenText, Checkmarx, Invicti and others in Static Application Security Testing (SAST). Updated: January 2026.
Head Of Information Security at a tech services company with 51-200 employees
Real User
Aug 7, 2019
This solution is difficult to implement, and it should be made more comfortable for the end-users. Additional documentation may help, but the process overall should be made easier. Technical support is not good, as they respond slowly. I would like to see different channels of support, and different methods to contact them, such as adding WhatsApp support. I would like to see more engineers and better response time. Even solving problems should be better. The documentation is not clear and needs to be improved.
SAST is a method designed to detect security vulnerabilities within an application's source code. By analyzing the code structure, SAST identifies potential flaws early in the development cycle, promoting secure coding practices and reducing the risk of security issues in production.
Unlike dynamic testing that examines an application during runtime, SAST operates on static code analysis. This early detection capability is crucial as it enables developers to address vulnerabilities before...
In my opinion, there are no areas that could be improved with Fortify Software Security Center. I would say it is a good product and a mature product. However, the SAST has many improvement areas. As I mentioned, for demand, it is a must for SAST, and they have to involve the other four pillars to complete the whole solution. We are currently adding Kiuwan or SonarQube to the whole solution to complete it.
I would like the false positive issue to diminish. I have experienced a lot of false positives, but I think this is due to using an older version. I hope the new version will resolve my problem.
Improvements needed for Software Security Center include better aggregation views of datasets. I desire additional features like trend analysis or deeper views of vulnerability data based on analysis. I also wish for features similar to those found in a SIM tool to see different data trends and log correlation.
The product's overlap feature is restrictive and requires more customization efforts, which can be expensive.
Fortify Software Security Center's setup is really painful.
The integrability of this solution can be improved. Integration with other tools such as Jira is needed. We are having issues with false positives that need to be resolved. Being able to save reports in different formats would be helpful because they could be imported into other tools or repositories. Technical support should respond more quickly to requests and inquiries. In the next release, I would like to see a more streamlined output that is easy to manage. They do have a dashboard now, but it can be improved by making it simpler.
This solution is difficult to implement, and it should be made more comfortable for the end-users. Additional documentation may help, but the process overall should be made easier. Technical support is not good, as they respond slowly. I would like to see different channels of support, and different methods to contact them, such as adding WhatsApp support. I would like to see more engineers and better response time. Even solving problems should be better. The documentation is not clear and needs to be improved.