Review: 5 application security testing tools compared

Users weigh in on favorite features, room for improvement

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

Application security is arguably the biggest cyber threat, responsible for 90 percent of security incidents, according to the Department of Homeland Security. Yet it suffers from not-my-job syndrome, or, as SANS put it in its 2015 State of Application Security report, "Many information security engineers don’t understand software development — and most software developers don’t understand security."

Stepping into that gap are application security testing tools. Scads of them, in fact. (Gartner's 2015 Magic Quadrant for application security testing showed a handful of leaders, followed by a pack of challengers and niche players.)

For this profile, we chose the top 5 vendors and tools as measured by the number of product reviews, ratings, and comparisons from the IT Central Station community.

Ready to find out what enterprise users really think about HP Fortify on Demand, QualysGuard Web Application Scanning, Checkmarx, WhiteHat Sentinel, and SonarQube? Buckle up. Here, in their own words is what users say are the standout features (and greatest shortcomings) of each of these products.

To continue reading this article register now

Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.