247
Back to Top

HPE Fortify Ultimate Edition - license - 1 license

Mfg. Part: H7S87AAE | CDW Part: 4111077 | UNSPSC: 43233205
$150,261.40Advertised Price
Lease Option ($3,987.94 /month) Lease Availability
Close

Have leasing questions? Let us know how can we help.

Note: Leasing is available to organizations only. Leasing is not available to individuals.
800.808.4239
Mon-Fri 7am-7:30pm CT
Availability:In Stock
Ships same day if ordered before 4 PM CT
  • License
  • electronic
View More
Product Overview
Main Features
  • License
  • electronic
Software security solutions from HP Fortify cover your entire software development lifecycle (SDLC) for mobile, third party and website security. HP Fortify can be deployed as a service, in-house or in a hybrid model using the best of both. This flexible delivery model allows you to get started quickly and scale as needed.

Technical Specifications
Specifications are provided by the manufacturer. Refer to the manufacturer for an explanation of the print speed and other ratings.
Software
Distribution Media: Electronic
License Category: License
License Qty: 1 license
License Type: License

Header
Brand: HPE
Compatibility: PC
Manufacturer: HP Software
Model: Ultimate Edition
Packaged Quantity: 1
Product Line: HPE Fortify

General
Category: Security applications
Installation Type: Locally installed
Subcategory: Security - security suite

Product Reviews
HPE Fortify Ultimate Edition - license is rated 3.7 out of 5 by 7.
Rated 4 out of 5 by from We can load the details and within a few days, receive the results of intrusion attacks, although it needs to have better packaged reporting capabilities. Valuable Features:* The ability to utilize the Client Portal, which provided my clients with a view of the project status, vulnerabilities and needed remediation steps in real-time* I don’t know of any other On-Demand enterprise solution like this one where we can load the details and within a few days, receive the results of intrusion attacks, and work with HP Security Experts when needed for clarification* The process was easy to follow and we were supported by 24/7 by TAM personnel to help with any fire drills. This was helpful many times when I needed a quick answer late at night or early in the morningImprovements to My Organization:The HP FoD effort allowed my client to utilize this service anytime their internal IT team was overwhelmed with workloads. FoD gives them an option to utilize the additional HP Services when they are overwhelmed with other IT Security needs across the company.Room for Improvement:* I believe that sales packages should be posted for single applications, and packages of multiple applications. For example, we have one-time a package for single applications, and 12 month unlimited use for static and a package for static & dynamic testing. It would be nice to see packages posted for a single application, and groups of three, five, or 10 applications. More than 10 applications would need to be custom pricing like you have today.* I would like it to be easier to understand, and have better packaged reporting capabilities. For most of the reporting I needed, I exported to Excel and then had to produce more visually accepted reports for Executive Clients. With Rapid7 I utilized its reporting capabilities to deliver Client Reports within just a few minutes of checking the data. I believe that HP’s FoD Clients could sell more services to clients if HP put more effort into delivering visually pleasing reporting capabilities.Use of Solution:The solution was used for approximately three months. We were supposed to be done in one month, but different priorities made our client come back to the solution after two months to wrap up the effort.Stability Issues:Because the product is based on HP’s Fortify Platform, the product is great.Scalability Issues:I can’t answer this question appropriately yet as I only utilized the service for one application so far.Customer Service:10/10 - Christine Bobba, Gerald and the whole TAM Team were very supportive. Stuart Ward does a great job running his TAM Team focused on customer service.Technical Support:Jason Powell was really support from a technical perspective. He was able to quickly gather the details we needed to resolve security issues with the code or set up.Previous Solutions:I’ve used Rapid7 and Qualys Security Solutions in Managed Service Environments for previous clients. Both are really good solutions, but I’ve not utilized any other On-Demand Solution.I switched because my client uses HP as its core product set. I needed to use Fortify and the FoD Solution allowed me to be up and running within a few short days.Initial Setup:Super easy deployment and usage of the scanning capabilities. The setup was straightforward, and the ability to enter data and start the correct scan was intuitive.ROI:We did not charge for the product, we charged for our PMO Services to run the product.Pricing, Setup Cost and Licensing:We used the one-time application, Security Scan Dynamic. I believe the original fee was $8,000.I would suggest, and I have, that companies should utilize the 12 month unlimited test package.Other Solutions Considered:I searched online and FoD allowed me the best opportunity for success due to my client’s timeline.Disclaimer: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Date published: 2017-09-01
Rated 4 out of 5 by from Helps us identify security vulnerability earlier in the development. Valuable Features:We identified a lot of security vulnerability much earlier in the development and could fix this well before the product was rolled out to a huge number of clients.Improvements to My Organization:Security of our applications is a huge concern for everyone now. Using quality products like HPE’s Fortify helped us minimize issues raised by the clients. Therefore, customer satisfaction in terms of the security was high.Room for Improvement:The Visual Studio plugin seems to hang when a scan is run on big projects. I would expect some improvements there. Also, the comments added on each issue were getting lost on multiple iterations of scans, which could be fixed.Use of Solution:I have used it for one year.Deployment Issues:Performance of the Visual Studio plugin was not acceptable.Technical Support:Technical support is very good. We had a few issues in the initial setup and the HPE team’s support was commendable.Previous Solutions:I did not previously use a different solution.Initial Setup:Initial setup was complex; we ran into lot of memory issues. The Visual Studio plugin was not responsive, either.Implementation Team:An in-house team implemented it. Don’t use the Visual Studio plugin, unless your solution is really small. Otherwise, use the command line setup.Other Solutions Considered:It’s a tool used at the enterprise level; hence, I did not have a chance to explore other options.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2017-05-17
Rated 4 out of 5 by from Helps us identify security vulnerability earlier in the development. Valuable Features:We identified a lot of security vulnerability much earlier in the development and could fix this well before the product was rolled out to a huge number of clients.Improvements to My Organization:Security of our applications is a huge concern for everyone now. Using quality products like HPE’s Fortify helped us minimize issues raised by the clients. Therefore, customer satisfaction in terms of the security was high.Room for Improvement:The Visual Studio plugin seems to hang when a scan is run on big projects. I would expect some improvements there. Also, the comments added on each issue were getting lost on multiple iterations of scans, which could be fixed.Use of Solution:I have used it for one year.Deployment Issues:Performance of the Visual Studio plugin was not acceptable.Technical Support:Technical support is very good. We had a few issues in the initial setup and the HPE team’s support was commendable.Previous Solutions:I did not previously use a different solution.Initial Setup:Initial setup was complex; we ran into lot of memory issues. The Visual Studio plugin was not responsive, either.Implementation Team:An in-house team implemented it. Don’t use the Visual Studio plugin, unless your solution is really small. Otherwise, use the command line setup.Other Solutions Considered:It’s a tool used at the enterprise level; hence, I did not have a chance to explore other options.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2017-05-17
Rated 3 out of 5 by from Our client uses the audit workbench for on-the-fly defect auditing. .NET code scanning is still dependent on building the code base before running any scan. Valuable Features:* Scan wizard: for configuring large scans* Audit workbench: for on-the-fly defect auditing* CLI: to integrate the tool into CI/CDImprovements to My Organization:Security defects are captured early in the lifecycle and fixed quicker. Usage of Fortify has made developers more aware about security vulnerabilities and their consequences, as well as various secure programming practices.Room for Improvement:.NET code scanning is still dependent on building the code base before running any scan. Also, it's dependent on an IDE such as Visual Studio.More conventional reporting formats need to be provided.Also, a provision should be available to generate customized reports.Use of Solution:I have used it for a year and four months.Stability Issues:For code bases heavy on JavaScript, the static scan takes a long time (as long as two days). Even then, the scan crashes at times. Increasing system memory doesn't seem to improve the situation (tried with 16/32 GB system memory).It requires a high-end system with 8/16/32 GB RAM for stable performance.Technical Support:I haven't reached out to HP Support so far.Previous Solutions:I did not previously use any product for static application security.Initial Setup:Initial setup is quite easy.Cost and Licensing Advice:Buying a license would be feasible for regular use. For intermittent use, the cloud-based option can be used (Fortify on Demand).Other Solutions Considered:Before choosing this product, we evaluated Veracode ( https://www.itcentralstation.com/products/veracode ) and Checkmarx ( https://www.itcentralstation.com/products/checkmarx ) (among licensed), and FindBugs and Yasca (among free).Other Advice:If you are already using HPE tools and services such as ALM, then Fortify is a good option, as it provides out-of-the-box support for these. Scanning capability-wise, the tool is decent enough, and is also easy to use. However, it generates a large number of false positives after a scan, which can be tedious to verify manually.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2017-05-17
Rated 3 out of 5 by from Our client uses the audit workbench for on-the-fly defect auditing. .NET code scanning is still dependent on building the code base before running any scan. Valuable Features:* Scan wizard: for configuring large scans* Audit workbench: for on-the-fly defect auditing* CLI: to integrate the tool into CI/CDImprovements to My Organization:Security defects are captured early in the lifecycle and fixed quicker. Usage of Fortify has made developers more aware about security vulnerabilities and their consequences, as well as various secure programming practices.Room for Improvement:.NET code scanning is still dependent on building the code base before running any scan. Also, it's dependent on an IDE such as Visual Studio.More conventional reporting formats need to be provided.Also, a provision should be available to generate customized reports.Use of Solution:I have used it for a year and four months.Stability Issues:For code bases heavy on JavaScript, the static scan takes a long time (as long as two days). Even then, the scan crashes at times. Increasing system memory doesn't seem to improve the situation (tried with 16/32 GB system memory).It requires a high-end system with 8/16/32 GB RAM for stable performance.Technical Support:I haven't reached out to HP Support so far.Previous Solutions:I did not previously use any product for static application security.Initial Setup:Initial setup is quite easy.Cost and Licensing Advice:Buying a license would be feasible for regular use. For intermittent use, the cloud-based option can be used (Fortify on Demand).Other Solutions Considered:Before choosing this product, we evaluated Veracode ( https://www.itcentralstation.com/products/veracode ) and Checkmarx ( https://www.itcentralstation.com/products/checkmarx ) (among licensed), and FindBugs and Yasca (among free).Other Advice:If you are already using HPE tools and services such as ALM, then Fortify is a good option, as it provides out-of-the-box support for these. Scanning capability-wise, the tool is decent enough, and is also easy to use. However, it generates a large number of false positives after a scan, which can be tedious to verify manually.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2017-05-17
Rated 4 out of 5 by from We can load the details and within a few days, receive the results of intrusion attacks, although it needs to have better packaged reporting capabilities. Valuable Features:* The ability to utilize the Client Portal, which provided my clients with a view of the project status, vulnerabilities and needed remediation steps in real-time* I don’t know of any other On-Demand enterprise solution like this one where we can load the details and within a few days, receive the results of intrusion attacks, and work with HP Security Experts when needed for clarification* The process was easy to follow and we were supported by 24/7 by TAM personnel to help with any fire drills. This was helpful many times when I needed a quick answer late at night or early in the morningImprovements to My Organization:The HP FoD effort allowed my client to utilize this service anytime their internal IT team was overwhelmed with workloads. FoD gives them an option to utilize the additional HP Services when they are overwhelmed with other IT Security needs across the company.Room for Improvement:* I believe that sales packages should be posted for single applications, and packages of multiple applications. For example, we have one-time a package for single applications, and 12 month unlimited use for static and a package for static & dynamic testing. It would be nice to see packages posted for a single application, and groups of three, five, or 10 applications. More than 10 applications would need to be custom pricing like you have today.* I would like it to be easier to understand, and have better packaged reporting capabilities. For most of the reporting I needed, I exported to Excel and then had to produce more visually accepted reports for Executive Clients. With Rapid7 I utilized its reporting capabilities to deliver Client Reports within just a few minutes of checking the data. I believe that HP’s FoD Clients could sell more services to clients if HP put more effort into delivering visually pleasing reporting capabilities.Use of Solution:The solution was used for approximately three months. We were supposed to be done in one month, but different priorities made our client come back to the solution after two months to wrap up the effort.Stability Issues:Because the product is based on HP’s Fortify Platform, the product is great.Scalability Issues:I can’t answer this question appropriately yet as I only utilized the service for one application so far.Customer Service:10/10 - Christine Bobba, Gerald and the whole TAM Team were very supportive. Stuart Ward does a great job running his TAM Team focused on customer service.Technical Support:Jason Powell was really support from a technical perspective. He was able to quickly gather the details we needed to resolve security issues with the code or set up.Previous Solutions:I’ve used Rapid7 and Qualys Security Solutions in Managed Service Environments for previous clients. Both are really good solutions, but I’ve not utilized any other On-Demand Solution.I switched because my client uses HP as its core product set. I needed to use Fortify and the FoD Solution allowed me to be up and running within a few short days.Initial Setup:Super easy deployment and usage of the scanning capabilities. The setup was straightforward, and the ability to enter data and start the correct scan was intuitive.ROI:We did not charge for the product, we charged for our PMO Services to run the product.Cost and Licensing Advice:We used the one-time application, Security Scan Dynamic. I believe the original fee was $8,000.I would suggest, and I have, that companies should utilize the 12 month unlimited test package.Other Solutions Considered:I searched online and FoD allowed me the best opportunity for success due to my client’s timeline.Disclaimer: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Date published: 2015-10-11
Rated 4 out of 5 by from It provides an independent review of third-party applications, allowing organizations to test software before purchasing. But try the free version first as there's no "right" way to measure ROI. Valuable Features:I was able to quickly pass compliance with HIPAA.Correlated static and dynamic results with detailed priority guidance.Accurate results, tailored to each application.All results manually reviewed by application security experts .Central testing program management for all applications.Improvements to My Organization:HP Fortify on Demand provides an independent review of third-party applications, allowing organizations to test software before purchasing, and also allowing software vendors to demonstrate the security of their software. Third-party vendors can upload the source code and/or provide a URL, review the results, and then publish a report back to their customer.This service compels commercial vendors to take action to proactively fix vulnerabilities, while allowing them to remain in control of their applications. Security professionals can demand that high-priority problems be addressed and verified during the procurement or upgrade process, prior to acceptance. HP Fortify on Demand serves as an independent third-party solution to conduct unbiased analysis of applications and provide a detailed tamper-proof report back to the security team.Room for Improvement:You are going to like the new detailed reporting. It can correlate the results from different forms of testing and prioritize them by severity to present the truest representation of application risk.Use of Solution:1 yearDeployment Issues:It was very easy to install and deploy.Stability Issues:No.Scalability Issues:No. Scalable infrastructure allows for fast turnaround times and it has no limitations based on lines of code, megabytes, or anything else.Customer Service:GoodTechnical Support:GoodPrevious Solutions:I currently use other solutions. We gave HP Fortify on Demand a try and we are very happy with the results.Initial Setup:Yes. Very easy.Implementation Team:We tried the free version first and then we acquired the software the product website.ROI:Keep in mind that the calculation for return on investment and, therefore the definition, can be modified to suit the situation. It all depends on what you include as returns and costs. The definition of the term in the broadest sense just attempts to measure the profitability of an investment and, as such, there is no one "right" calculation. But, I have to say the client is very satisfied.Cost and Licensing Advice:Try the free version first.Other Solutions Considered:I am already using other software. We wanted to try it and it works like a charm.Other Advice:Trust me, you want to be able to do automated and manual testing on a web application that is live.Disclaimer: My company has a business relationship with this vendor other than being a customer:Partners
Date published: 2015-07-06
  • y_2017, m_10, d_20, h_19
  • bvseo_bulk, prod_bvrr, vn_bulk_2.0.3
  • cp_1, bvpage1
  • co_hasreviews, tv_0, tr_7
  • loc_en_US, sid_4111077, prod, sort_[SortEntry(order=SUBMISSION_TIME, direction=DESCENDING), SortEntry(order=FEATURED, direction=DESCENDING)]
  • clientName_cdwg
 
Adding to Cart...
10/21/2017 1:12:50 PM
^ Back to Top

Maximum 300 characters
An account manager will email you within one business day to confirm your request.

Your Quote has been submitted

What Happens Next? A confirmation email is on its way. Within one business day, you will be contacted by an Account Manager to finalize your quote.

Error!

Something went wrong.

Please try again later.