Fortify

Unclaimed

Comprehensive application security testing for identifying and remediating vulnerabilities.

Vulnerability Scanning

Visit Website

FreemiumVisit Website

TL;DR - Fortify

Comprehensive SAST, DAST, and IAST capabilities
Integrates security into the SDLC
Identifies and prioritizes software vulnerabilities

Pricing: Free plan available

Best for: Growing teams

Pros & Cons

Pros

Offers a broad range of AST technologies in one platform
Strong reputation and maturity in the AST market
Provides detailed and actionable vulnerability insights
Good integration capabilities with development tools
Scalable for large organizations and complex applications

Cons

Can be complex to set up and configure
May require significant resources for deployment and management
Can produce a high number of findings, requiring effort to triage

Key Features

Static Application Security Testing (SAST)Dynamic Application Security Testing (DAST)Interactive Application Security Testing (IAST)Software Composition Analysis (SCA)Runtime Application Self-Protection (RASP)Vulnerability correlation and prioritizationIntegration with IDEs and CI/CD pipelinesCustomizable policies and rules

Pricing

Freemium

Fortify offers a generous free tier with optional paid upgrades for advanced features.

View pricing

About Fortify

By Toolradar Team·Updated Feb 24, 2026

Fortify, a Micro Focus product, offers a suite of application security testing (AST) solutions designed to help organizations identify, prioritize, and remediate security vulnerabilities in their software. It encompasses Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Interactive Application Security Testing (IAST) capabilities, providing a holistic view of application security risks throughout the software development lifecycle (SDLC). Fortify is primarily aimed at enterprises and development teams that need to integrate security into their DevOps pipelines. It helps developers write more secure code, security teams enforce policies, and organizations meet compliance requirements by providing detailed vulnerability analysis, remediation guidance, and reporting. Its robust scanning engines and integration capabilities make it suitable for large-scale application portfolios and complex development environments.

How we evaluate tools →Source: microfocus.com

Reviews

No reviews yet. Be the first to review Fortify!

Write a Review

Best Fortify Alternatives

Top alternatives based on features, pricing, and user needs.

VeracodePaid

Application security testing platform

CheckmarxPaid

Application security testing platform

See all Vulnerability Scanning tools →

Explore More

Best Vulnerability Scanning Tools

Fortify FAQ

What is Fortify?

Fortify is a suite of application security testing (AST) tools by Micro Focus that helps organizations find and fix security vulnerabilities in their software. It includes Static, Dynamic, and Interactive Application Security Testing.

How much does Fortify cost?

Fortify is a paid enterprise solution. Specific pricing details are typically provided upon request or through a sales consultation, as it depends on the scope of deployment and features required.

Who is Fortify for?

Fortify is designed for enterprises, development teams, and security professionals who need to secure their software applications throughout the development lifecycle, especially in regulated industries or for large application portfolios.

What are the main features of Fortify?

Key features include Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Interactive Application Security Testing (IAST), Software Composition Analysis (SCA), Runtime Application Self-Protection (RASP), vulnerability correlation, and integrations with development tools and CI/CD pipelines.

Source: microfocus.com