Last updated on
Company health
Ratings
OpenText Fortify Static Code Analyzer description
OpenText Fortify Static Code Analyzer is a security tool that scans your software's blueprints (source code) for potential weaknesses early in the development process. It supports a wide range of programming languages and integrates with popular development tools. It helps find and fix security issues before your software is released, reducing the risk of costly data breaches and protecting your company's reputation. Fortify Static Code Analyzer helps development teams build secure software faster and more efficiently.
What companies are using OpenText Fortify Static Code Analyzer?
Who is OpenText Fortify Static Code Analyzer best for
OpenText Fortify Static Code Analyzer is great for orgs building complex apps and need security baked into their CI/CD pipelines. Users highlight its extensive language support and IDE integration, making it easy to find and fix vulnerabilities early. Keep in mind that some users mention a high rate of false positives.
-
Perfect for mid-sized to large companies (100+ employees) that need to bake security into their development lifecycle.
-
We see this working well for software, IT, telecom, finance, banking, insurance, and healthcare companies.
OpenText Fortify Static Code Analyzer features
Supported Developer-friendly Language Coverage: Supports a wide range of programming languages, including ABAP/BSP, ActionScript, Apex, ASP.NET, C# (.NET), C/C++, Classic ASP (with VBScript), COBOL, ColdFusion CFML, Go, HTML, Java (including Android), JavaScript/AJAX, JSP, Kotlin, and more. |
Supported Flexible Deployment Options: Offers flexible deployment options such as SaaS-based Fortify On Demand platform, Fortify Hosted (combining SaaS and on-premises features), and Fortify On-Prem (full control over the solution). |
Supported Real-time Code Security Analysis and Results: Provides structural and configuration analyzers designed for speed and efficiency. Security Assistant delivers high-confidence findings with immediate results within the IDE. |
Supported Automation with Applied Machine Learning: Automates audit results in minutes using machine learning, minimizing auditor workload and prioritizing issues with accurate and consistent outcomes. |
Supported Seamless IDE Integration: Integrates seamlessly with popular IDEs like Eclipse, IntelliJ IDEA, Microsoft Visual Studio, and VS Code, reducing context switching and increasing developer productivity. |
Supported Extensive Vulnerability Coverage: Identifies a broader range of vulnerability categories than other static code analyzers, enhancing the quality of static application security testing (SAST). |
Supported Prioritization and Remediation Guidance: Prioritizes vulnerabilities to focus on exploitable and critical issues, facilitating faster remediation of the most important issues. |
Supported Advanced Reporting and Analysis: Provides advanced reporting and analysis capabilities to view individual vulnerabilities, track trends, and aggregate findings across projects for portfolio-level insights. |
OpenText Fortify Static Code Analyzer reviews
We've summarised 24 OpenText Fortify Static Code Analyzer reviews (OpenText Fortify Static Code Analyzer G2 reviews) and summarised the main points below.
- Extensive support for a wide range of programming languages (34+).
- Seamless integration with popular IDEs (IntelliJ, Visual Studio, Android Studio) and CI/CD pipelines.
- Detailed vulnerability descriptions and remediation recommendations.
- Flexible deployment options (on-premise, cloud, SaaS).
- Comprehensive reporting features, including customizable reports and dashboards.
- High rate of false positives requiring manual review and validation.
- Initial setup and configuration can be complex and time-consuming.
- Dependencies on JRE configurations can slow down compilation and analysis.
- Limited or no support for scanning Dockerfiles.
- Occasional issues with newer language syntax leading to inaccurate results.
OpenText Fortify Static Code Analyzer alternatives
OpenText Fortify Static Code Analyzer FAQ
OpenText Fortify Static Code Analyzer helps developers find and fix security flaws in their software's source code early in the development process. We find it supports many programming languages and integrates with popular development tools, enabling teams to build secure software efficiently.
What is OpenText Fortify Static Code Analyzer and what does OpenText Fortify Static Code Analyzer do?
OpenText Fortify Static Code Analyzer helps developers find and fix security flaws in their software's source code early in the development process. We find it supports many programming languages and integrates with popular development tools, enabling teams to build secure software efficiently.
OpenText Fortify Static Code Analyzer integrates seamlessly with popular IDEs like Eclipse, IntelliJ IDEA, Microsoft Visual Studio, and VS Code. It also supports various deployment options, including cloud-based and on-premise solutions, offering flexibility for different development environments.
How does OpenText Fortify Static Code Analyzer integrate with other tools?
OpenText Fortify Static Code Analyzer integrates seamlessly with popular IDEs like Eclipse, IntelliJ IDEA, Microsoft Visual Studio, and VS Code. It also supports various deployment options, including cloud-based and on-premise solutions, offering flexibility for different development environments.
We find that OpenText Fortify Static Code Analyzer's main competitors include Coverity, Checkmarx SAST, Snyk Code, and Veracode Static Analysis. These tools offer similar static application security testing (SAST) capabilities.
What the main competitors of OpenText Fortify Static Code Analyzer?
We find that OpenText Fortify Static Code Analyzer's main competitors include Coverity, Checkmarx SAST, Snyk Code, and Veracode Static Analysis. These tools offer similar static application security testing (SAST) capabilities.
Yes, OpenText Fortify Static Code Analyzer is a legitimate and established static application security testing (SAST) tool. We find it's known for its broad language support and integrations, helping developers find and fix security vulnerabilities early in the software development lifecycle.
Is OpenText Fortify Static Code Analyzer legit?
Yes, OpenText Fortify Static Code Analyzer is a legitimate and established static application security testing (SAST) tool. We find it's known for its broad language support and integrations, helping developers find and fix security vulnerabilities early in the software development lifecycle.
I'm sorry, but pricing information for OpenText Fortify Static Code Analyzer is not available at this time. Contact OpenText directly for pricing details.
How much does OpenText Fortify Static Code Analyzer cost?
I'm sorry, but pricing information for OpenText Fortify Static Code Analyzer is not available at this time. Contact OpenText directly for pricing details.
There are no customer service reviews available at the moment. Therefore, I cannot provide insights into OpenText Fortify Static Code Analyzer's customer service quality.
Is OpenText Fortify Static Code Analyzer customer service good?
There are no customer service reviews available at the moment. Therefore, I cannot provide insights into OpenText Fortify Static Code Analyzer's customer service quality.
Reviewed by
Michal has worked at startups for many years and writes about topics relating to software selection and IT management. As a former consultant for Bain, a business advisory company, he also knows how to understand needs of any business and find solutions to its problems.
Tymon is a seasoned CTO who loves finding the perfect tools for any task. He recently headed up the tech department at Batmaid, a well-known Swiss company, where he managed about 60 software purchases, including CX, HR, Payroll, Marketing automation and various developer tools.
An AI tool that observes your work, finds inefficiencies, and suggests smarter ways to do things. Maybe you can use your tools better, automate tasks, or switch software.