Loading product reviews...
4.0 out of 5.0 (2 ratings)

Reviews Distribution

5 Stars
4 Stars
3 Stars
2 Stars
1 Star
We don't have any qualitative reviews for this vendor yet


View other vendors in this market
We have aggregated ratings data on Cigital but all of our reviewers have opted out of sharing their qualitative review feedback. In certain cases we allow reviewers to withhold their qualitative review feedback from public view, in order to protect their confidentiality.
  • 4 out of 5.0, Reviewed

    Product(s): SecureAssist

    Write and educate on secure coding

    Overall Comment

    The account manage was very helpful with the implementation. Tool helps the organization become write more secure code.

    What one piece of advice would you give other prospective customers?

    Identify an internal implementation strategy: who, why, and why

    What do you like most about the product or service?

    lightweight and easy to use

    What do you dislike most about the product?

    wish it supported more than just Java and .Net

    What one thing do you wish the vendor did differently?

    Nothing

    If you could start over, what would your organization do differently?

    Identify who needs all the licenses.

    Service & support - overall comment

    overall a good experience


  • 4 out of 5.0, Reviewed

    Product(s): Automated Ethical Hacking, Manual Ethical Hacking

    Good application security penetration testing services, on par with the marketplace.

    Overall Comment

    Overall, the quality of the review themselves in terms of findings were on par with WhiteHat and my internal staff. The portal is very clunky (I prefer WhiteHat), but Cigital is supposedly working out the kinks.

    What one piece of advice would you give other prospective customers?

    Have Cigital walk you through the portal and its idiosyncrasies. Thoroughly pilot it with your internal security team and one guinea pig team before you take it live (oddities in the portal and inconsistencies in the report readouts will require explanation and tuning from Cigital).

    What do you like most about the product or service?

    Once it is running, it is fairly quick to get results.

    What do you dislike most about the product?

    The portal has a horrible interface and incomplete use cases.

    What one thing do you wish the vendor did differently?

    It would be nice if there were more flexibility in moving slots around. If a customer wants to create parallel streams of work, include the flexibility to do that and "use up" assessment slots earlier.

    If you could start over, what would your organization do differently?

    Nothing, really. Just make sure you have a good queue of applications ready to go, so you can leverage the investment.

    Integration & Deployment - Overall comment

    Easy to get access to the portal, and they were flexible in getting their consultants set up with the internal scanning requirements.


Ratings Overview

1 2 3 4 5
Section
1

Evaluation & Contracting

Overall rating of product evaluation and contract negotiation

(2)
5.0

Ability to understand your organization's needs

(2)
4.0

Timely and complete response to product questions

(2)
4.5

Pricing and contract flexibility (pricing and terms)

(2)
4.0
1 2 3 4 5
Section
1

Integration & Deployment

Overall rating of integration and deployment

(2)
4.5

How long did your deployment take?

0 - 3 months (<3)


Ease of integration using standard APIs and tools

(1)
2.0

Quality and availability of end-user training

(2)
3.0

Ease of deployment

(2)
4.5
1 2 3 4 5
Section
1

Service & Support

Overall rating of service and support

(2)
4.5

Did you purchase a support package from the vendor?

No


Timeliness of vendor's response

(1)
5.0

Quality of technical support

(1)
4.0
Section
1

Product Capabilities

Overall rating of product capabilities

(2)
4.0

Dynamic AST as a Tool

(1)
4.0

Dynamic AST as a Service

(2)
3.5

Static AST as a Tool

(1)
4.0

Static AST as a Service

(2)
4.0

Stand-Alone AST

(1)
5.0
Section
1

Additional Context

What was the nature of your involvement?

Executive Sponsor

Application Lead

Rollout and Install

Technical Assessment

Vendor Management

Vendor/Product Selection


What other vendors were considered?

Synopsys

The Open Web Application Security Project (OWASP)

Veracode

WhiteHat Security


Why did you purchase this product?

Create internal/operational efficiencies

Cost management

Improve business process agility

Improve compliance & risk management

Improve customer relations/service

Reduce time to market


What were the key factors that drove your decision?

Strong services expertise

Overall cost

Pre-existing relationships

Strong consulting partnership


In which region(s) did your deployment take place?

North America