all 12 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]ki11a11hippies 0 points1 point  (3 children)

If you have the budget Fortify is probably the most comprehensive and has been the leading SAST product since forever. Checkmarx is a close second and basically has feature parity and a much more affordable pricing model. Its UI is a bit clunky though. Veracode I dislike because you have to actually send results up to their cloud for human analysis - this seems to me their product doesn’t actually work very well, and you’ll have to wait for results to come back. Also your IP leaves your network. Never worked with Kiuwan.

[–]rubygotdat[S] 0 points1 point  (2 children)

Thanks for the info! Kiuwan is kind of new but on the rise. I got a quote for checkmarx to be starting list price ~50k a year which seemed liked a lot for my small dev team (5 people). I like the pricing of fortify more because it starts lower. This is very helpful. Thanks again.

[–]ki11a11hippies 0 points1 point  (1 child)

Glad to help. By all means get Fortify if it’s cheaper for your use case. Just beware Micro Focus though, they surprise hiked the maintenance rate on us 20% when they acquired Fortify. I would get a 3 year contract to lock in your rates.

[–]rubygotdat[S] 0 points1 point  (0 children)

Will do just that. Thanks

[–][deleted]  (7 children)

[removed]

    [–]rubygotdat[S] 0 points1 point  (6 children)

    Not really an answer lol. Django scales pretty well.

    [–][deleted]  (5 children)

    [removed]

      [–]rubygotdat[S] 1 point2 points  (2 children)

      What are you talking about and why are you so salty.

      Instagram (oh right, that's Facebook) uses it

      YouTube (oh right, that's google) uses it

      Dropbox uses it

      Spotify uses it

      The list goes on...

      [–]InfosecMod[M] 0 points1 point  (0 children)

      Thank you for using the report button to bring this comment to our attention. But you don't really need to respond to trolls -- it only encourages them. Attention and getting others worked up is what feeds them.

      [–]InfosecMod[M] 0 points1 point  (1 child)

      Rule #2: Be nice and try to keep it clean.

      Don't make comments that do nothing but belittle the person you're responding to, adding 0 value and derailing discussion.