Attribute
|
Essential
|
Advanced
|
Fortify
|
Focus
|
|||
Extras
|
None
|
None
|
|
Employees
|
|||
Reputation
|
Same
|
Maximum of 9.33 based on 177 reviews over 8 years from: G2, Gartner Peer Insights, PeerSpot, Software Advice and TrustRadius.
|
|
Followers
|
Same
|
||
Research Firms
|
None
|
None
|
|
Founded
|
2001 | ||
Funding
|
Bootstrapped
|
Same
|
19M USD in 3 rounds from 2 investors (1 acquisitions)
|
Revenue
|
|||
CVE
|
257 CVEs reported to MITRE, ranked in the top 10 CVE labs worldwide.
|
119 CVEs reported to MITRE (Open Text Corporation)
|
|
Compliance
|
SOC 2 Type II and SOC 3
|
CSA STAR, CMMC, FedRamp, ISO/IEC 9001 and TISAX |
|
Documentation
|
|||
Visits
|
|||
Authority
|
54 out of 100 (Open Text Corporation)
|
||
Distribution
|
Same
|
||
Marketplaces | AWS, Azure and GitHub | ||
Freemium
|
No
|
No
|
No
|
Free trial
|
15-day free trial and PoV
|
||
Demo
|
|||
Pricing
|
|||
Pricing drivers
|
Attribute
|
Essential
|
Advanced
|
Fortify
|
PTaaS
|
No
|
No
|
|
Reverse engineering
|
No
|
Yes | No |
Secure code review
|
No
|
No
|
|
Pivoting
|
No
|
Chains vulnerabilities to reveal new, higher-impact ones.
|
No
|
Exploitation
|
No
|
No
|
|
Zero-day vulnerabilities
|
None
|
Zero-day vulnerability research continuously
|
No
|
SLA
|
Scan time |
||
Accreditations
|
|||
Hacker certifications
|
Not applicable
|
Not applicable
|
|
Type of contract
|
Employee
|
Same
|
|
Standards
|
Some requirements from 65 standards, 18 in common and 47 additional.
|
All requirements from the same standards
|
19 standards, 18 in common and 1 additional.
|
Detection method
|
|||
Remediation
|
5 remediation options, 4 in common and 1 additional.
|
Same, plus 1 remediation option.
|
4 remediation option, all in common.
|
Outputs
|
5 formats, 2 in common and 5 additional.
|
Same, plus 2 formats.
|
5 formats, 2 in common and 3 additional.
|
Attribute
|
Essential |
Advanced
|
Fortify
|
ASPM
|
Yes |
No
|
|
IDE
|
3 functionalities, 1 in common and 2 additional.
|
1 functionality in common.
|
|
CLI
|
|||
CI/CD
|
|||
SCA
|
15 package managers, 8 in common and 7 additional.
|
||
Reachability
|
5 languages, 4 in common and 1 additional.
|
No
|
|
SBOM
|
|||
Containers
|
No |
||
Source SAST (languages)
|
17 languages, all in common.
|
37 languages, 17 in common and 20 additional.
|
|
Source SAST (frameworks)
|
20 frameworks, 3 in common and 17 additional.
|
Same, plus others
|
4 frameworks, 3 in common and 1 additional. |
Binary SAST
|
1 type of binary.
|
Same, plus 2 types of binaries.
|
Yes. No information available
|
DAST
|
5 attack surfaces, all in common.
|
13 attack surfaces, 5 in common and 8 additional. |
|
IAST
|
No
|
No
|
Yes. No information available
|
CSPM
|
Yes |
No
|
|
Secrets
|
15 secrets types, 2 in common and 13 additional.
|
Same, plus verify other attack vectors and secrets exploitability.
|
2 secrets types, all in common.
|
AI
|
3 functions, all in common.
|
3 functions, all in common.
|
|
Fast and automatic
|
|||
Open source
|
Not applicable
|
No
|
|
Deployment
|
|||
Regions | |||
Status
|
|||
Incidents
|
Attribute
|
Essential
|
Advanced
|
Fortify
|
SCM integrations
|
4 integrations, all in common.
|
4 integrations, all in common.
|
|
Binary repositories integrations
|
None
|
None
|
None
|
Ticketing integrations
|
3 integrations, 1 in common and 2 additional.
|
4 integrations, 1 in common and 3 additional. |
|
ChatOps integrations
|
None |
None
|
1 integration. |
IDE integrations
|
4 integrations, 2 in common and 2 additional. |
||
CI/CD integrations
|
26 integrations, 6 in common and 20 additional.
|
6 integrations, all in common.
|
|
SCA integrations
|
Native scanner (included, no integration needed)
|
Native scanner and 5 integrations. |
|
Container integrations
|
Native scanner (included, no integration needed)
|
1 integration. |
|
SAST integrations
|
Native scanner (included, no integration needed)
|
Native scanner (included, no integration needed) |
|
DAST integrations
|
Native scanner (included, no integration needed)
|
Native scanner and 1 integration. |
|
IAST integrations
|
None |
None
|
Native scanner (included, no integration needed)
|
Cloud Integrations
|
4 integrations, 3 in common and 1 additional.
|
||
CSPM integrations
|
Native scanner (included, no integration needed)
|
None | |
Secrets integrations
|
Native scanner (included, no integration needed)
|
Native scanner (included, no integration needed) |
|
Compliance integrations
|
None
|
None
|
None
|