4 out of 5.0, Reviewed Aug 17, 2016
The account manage was very helpful with the implementation. Tool helps the organization become write more secure code.
Identify an internal implementation strategy: who, why, and why
lightweight and easy to use
wish it supported more than just Java and .Net
Identify who needs all the licenses.
overall a good experience
4 out of 5.0, Reviewed Jun 13, 2016
Overall, the quality of the review themselves in terms of findings were on par with WhiteHat and my internal staff. The portal is very clunky (I prefer WhiteHat), but Cigital is supposedly working out the kinks.
Have Cigital walk you through the portal and its idiosyncrasies. Thoroughly pilot it with your internal security team and one guinea pig team before you take it live (oddities in the portal and inconsistencies in the report readouts will require explanation and tuning from Cigital).
Once it is running, it is fairly quick to get results.
The portal has a horrible interface and incomplete use cases.
It would be nice if there were more flexibility in moving slots around. If a customer wants to create parallel streams of work, include the flexibility to do that and "use up" assessment slots earlier.
Nothing, really. Just make sure you have a good queue of applications ready to go, so you can leverage the investment.
Easy to get access to the portal, and they were flexible in getting their consultants set up with the internal scanning requirements.