# Invicti (formerly Netsparker), OpenText Core Application Security vs SonarQube Comparison

| | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Star Rating** | 4.6 out of 5 | 4.1 out of 5 | 4.4 out of 5 | 
| **Total Reviews** | 69 | 34 | 141 | 
| **Largest Market Segment** | Enterprise (47.7% of reviews) | Enterprise (41.2% of reviews) | Enterprise (42.0% of reviews) | 
| **Entry Level Price** | No pricing available | No pricing available | Free | 

---
## Top Pros & Cons

### Invicti (formerly Netsparker)

Pros:
- Ease of Use (9 reviews)
- Scanning Technology (7 reviews)

Cons:
- Poor Customer Support (3 reviews)
- Slow Performance (3 reviews)

### OpenText Core Application Security

**Not enough data**

### SonarQube

Pros:
- Code Quality (24 reviews)
- Features (20 reviews)

Cons:
- Software Bugs (12 reviews)
- Complex Configuration (10 reviews)

---
## Ratings Comparison
| Rating | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
  | **Meets Requirements** | 9.1 (59 reviews) | 8.1 (31 reviews) | 8.8 (119 reviews) | 
  | **Ease of Use** | 9.1 (59 reviews) | 8.2 (31 reviews) | 8.5 (122 reviews) | 
  | **Ease of Setup** | 9.0 (49 reviews) | 8.2 (12 reviews) | 8.1 (81 reviews) | 
  | **Ease of Admin** | 9.2 (46 reviews) | 8.9 (12 reviews) | 8.5 (67 reviews) | 
  | **Quality of Support** | 8.9 (59 reviews) | 7.9 (30 reviews) | 8.2 (101 reviews) | 
  | **Has the product been a good partner in doing business?** | 9.6 (44 reviews) | 9.0 (12 reviews) | 8.3 (60 reviews) | 
  | **Product Direction (% positive)** | 10.0 (55 reviews) | 8.8 (30 reviews) | 8.6 (115 reviews) | 

---
## Pricing

### Invicti (formerly Netsparker)

#### Entry-Level Pricing

No pricing available

#### Free Trial

No information available

### OpenText Core Application Security

#### Entry-Level Pricing

No pricing available

#### Free Trial

Yes

### SonarQube

#### Entry-Level Pricing

Plan: Free

Price: Free

Description: For developers wanting to try SonarQube.


Key Features:
- Scan of private projects limited to 50k lines of code
- Users limited to max. 5
- Architecture management

[Browse all 3 editions](https://www.g2.com/products/sonarqube/pricing)

#### Free Trial

Yes

---
## Features Comparison By Category

### Website Security

| Product | Score | Reviews |
|---|---|---|
| **Invicti (formerly Netsparker)** | 8.9/10 | 26 |
| **OpenText Core Application Security** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Administration

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Content Delivery** | 8.7 (18 reviews) | Not enough data | Not enough data | 
| **Dashboard &amp; Reporting** | 9.5 (22 reviews) | Not enough data | Not enough data | 
| **Alerting** | 9.0 (22 reviews) | Not enough data | Not enough data | 

#### Risk Analysis

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Blacklist and Whitelist** | Feature Not Available | Not enough data | Not enough data | 
| **Vulnerability Assessment** | 9.3 (23 reviews) | Not enough data | Not enough data | 
| **Security Auditing** | 9.2 (23 reviews) | Not enough data | Not enough data | 

#### Threat Protection

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Firewall** | 7.9 (13 reviews) | Not enough data | Not enough data | 
| **DDoS Protection** | Feature Not Available | Not enough data | Not enough data | 
| **Malware Detection** | 8.2 (14 reviews) | Not enough data | Not enough data | 
| **Malware Removal** | Feature Not Available | Not enough data | Not enough data | 

#### Generative AI

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **AI Text Summarization** | Feature Not Available | Not enough data | Not enough data | 

### Penetration Testing

| Product | Score | Reviews |
|---|---|---|
| **Invicti (formerly Netsparker)** | 8.7/10 | 21 |
| **OpenText Core Application Security** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Administration

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **API / Integrations** | 8.2 (14 reviews) | Not enough data | Not enough data | 
| **Extensibility** | 8.3 (13 reviews) | Not enough data | Not enough data | 
| **Reporting and Analytics** | 9.1 (18 reviews) | Not enough data | Not enough data | 

#### Analysis

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Issue Tracking** | 8.4 (15 reviews) | Not enough data | Not enough data | 
| **Reconnaissance** | 9.0 (17 reviews) | Not enough data | Not enough data | 
| **Vulnerability Scan** | 9.7 (18 reviews) | Not enough data | Not enough data | 

#### Testing

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Command-Line Tools** | 7.6 (12 reviews) | Not enough data | Not enough data | 
| **Manual Testing** | 8.6 (15 reviews) | Not enough data | Not enough data | 
| **Test Automation** | 9.0 (18 reviews) | Not enough data | Not enough data | 
| **Performance and Reliability** | 9.1 (18 reviews) | Not enough data | Not enough data | 

### Static Application Security Testing (SAST)

| Product | Score | Reviews |
|---|---|---|
| **Invicti (formerly Netsparker)** | N/A | N/A |
| **OpenText Core Application Security** | N/A | N/A |
| **SonarQube** | 7.3/10 | 25 |

#### Administration

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **API / Integrations** | Not enough data | Not enough data | 7.9 (20 reviews) | 
| **Extensibility** | Not enough data | Not enough data | 6.0 (20 reviews) | 

#### Analysis

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Reporting and Analytics** | Not enough data | Not enough data | 7.4 (21 reviews) | 
| **Issue Tracking** | Not enough data | Not enough data | 8.0 (20 reviews) | 
| **Static Code Analysis** | Not enough data | Not enough data | 9.0 (23 reviews) | 
| **Code Analysis** | Not enough data | Not enough data | 9.1 (23 reviews) | 

#### Testing

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Command-Line Tools** | Not enough data | Not enough data | 6.6 (18 reviews) | 
| **Manual Testing** | Not enough data | Not enough data | 5.9 (19 reviews) | 
| **Test Automation** | Not enough data | Not enough data | 6.0 (21 reviews) | 
| **Compliance Testing** | Not enough data | Not enough data | 6.9 (18 reviews) | 
| **Black-Box Scanning** | Not enough data | Not enough data | 6.8 (17 reviews) | 
| **Detection Rate** | Not enough data | Not enough data | 8.2 (21 reviews) | 
| **False Positives** | Not enough data | Not enough data | 6.7 (23 reviews) | 

#### Agentic AI - Static Application Security Testing (SAST)

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Autonomous Task Execution** | Not enough data | Not enough data | Not enough data | 

### Dynamic Application Security Testing (DAST)

| Product | Score | Reviews |
|---|---|---|
| **Invicti (formerly Netsparker)** | 8.4/10 | 30 |
| **OpenText Core Application Security** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Administration

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **API / Integrations** | 8.2 (21 reviews) | Not enough data | Not enough data | 
| **Extensibility** | 8.3 (20 reviews) | Not enough data | Not enough data | 

#### Analysis

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Reporting and Analytics** | 9.0 (29 reviews) | Not enough data | Not enough data | 
| **Issue Tracking** | 9.2 (26 reviews) | Not enough data | Not enough data | 
| **Static Code Analysis** | Feature Not Available | Not enough data | Not enough data | 
| **Vulnerability Scan** | 9.4 (29 reviews) | Not enough data | Not enough data | 
| **Code Analysis** | 7.6 (18 reviews) | Not enough data | Not enough data | 

#### Testing

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Manual Testing** | 7.1 (19 reviews) | Not enough data | Not enough data | 
| **Test Automation** | 8.5 (24 reviews) | Not enough data | Not enough data | 
| **Compliance Testing** | 8.4 (23 reviews) | Not enough data | Not enough data | 
| **Black-Box Scanning** | 9.1 (21 reviews) | Not enough data | Not enough data | 
| **Detection Rate** | 8.6 (21 reviews) | Not enough data | Not enough data | 
| **False Positives** | 7.4 (21 reviews) | Not enough data | Not enough data | 

### Vulnerability Scanner

| Product | Score | Reviews |
|---|---|---|
| **Invicti (formerly Netsparker)** | 8.6/10 | 20 |
| **OpenText Core Application Security** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Performance

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Issue Tracking** | 8.6 (18 reviews) ✓ Verified | Not enough data | Not enough data | 
| **Detection Rate** | 9.0 (18 reviews) ✓ Verified | Not enough data | Not enough data | 
| **False Positives** | 7.9 (20 reviews) ✓ Verified | Not enough data | Not enough data | 
| **Automated Scans** | 9.1 (19 reviews) ✓ Verified | Not enough data | Not enough data | 

#### Network

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Compliance Testing** | 8.7 (14 reviews) ✓ Verified | Not enough data | Not enough data | 
| **Perimeter Scanning** | 8.6 (11 reviews) ✓ Verified | Not enough data | Not enough data | 
| **Configuration Monitoring** | 8.3 (11 reviews) ✓ Verified | Not enough data | Not enough data | 

#### Application

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Manual Application Testing** | 8.2 (15 reviews) | Not enough data | Not enough data | 
| **Static Code Analysis** | 8.2 (15 reviews) ✓ Verified | Not enough data | Not enough data | 
| **Black Box Testing** | 9.2 (18 reviews) ✓ Verified | Not enough data | Not enough data | 

#### Agentic AI - Vulnerability Scanner

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Autonomous Task Execution** | Not enough data | Not enough data | Not enough data | 
| **Proactive Assistance** | Not enough data | Not enough data | Not enough data | 

### Software Development Analytics Tools

| Product | Score | Reviews |
|---|---|---|
| **Invicti (formerly Netsparker)** | N/A | N/A |
| **OpenText Core Application Security** | N/A | N/A |
| **SonarQube** | 8.0/10 | 35 |

#### Functionality

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Repository Integration** | Not enough data | Not enough data | 8.1 (32 reviews) | 
| **Analytics and Trends** | Not enough data | Not enough data | 8.5 (31 reviews) | 
| **Productivity Updates** | Not enough data | Not enough data | 8.2 (29 reviews) | 

#### Management

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Historical Data Consolidation** | Not enough data | Not enough data | Feature Not Available | 
| **Data Context** | Not enough data | Not enough data | 7.5 (26 reviews) | 
| **Testing Integration** | Not enough data | Not enough data | 7.9 (29 reviews) | 

### Bug Tracking

| Product | Score | Reviews |
|---|---|---|
| **Invicti (formerly Netsparker)** | N/A | N/A |
| **OpenText Core Application Security** | N/A | N/A |
| **SonarQube** | 8.1/10 | 11 |

#### Bug Reporting

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **User Reports &amp; Feedback** | Not enough data | Not enough data | 7.7 (10 reviews) | 
| **Tester Reports &amp; Feedback** | Not enough data | Not enough data | 8.0 (10 reviews) | 
| **Team Reports &amp; Comments** | Not enough data | Not enough data | 8.3 (10 reviews) | 

#### Bug Monitoring

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Analytics** | Not enough data | Not enough data | 7.8 (10 reviews) | 
| **Bug History** | Not enough data | Not enough data | 8.2 (10 reviews) | 
| **Data Retention** | Not enough data | Not enough data | 8.5 (10 reviews) | 

#### Agentic AI - Bug Tracking

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Adaptive Learning** | Not enough data | Not enough data | Not enough data | 
| **Natural Language Interaction** | Not enough data | Not enough data | Not enough data | 
| **Proactive Assistance** | Not enough data | Not enough data | Not enough data | 

### Software Composition Analysis

| Product | Score | Reviews |
|---|---|---|
| **Invicti (formerly Netsparker)** | N/A | N/A |
| **OpenText Core Application Security** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Functionality - Software Composition Analysis 

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Language Support** | Not enough data | Not enough data | Not enough data | 
| **Integration** | Not enough data | Not enough data | Not enough data | 
| **Transparency** | Not enough data | Not enough data | Not enough data | 

#### Effectiveness - Software Composition Analysis

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Remediation Suggestions** | Not enough data | Not enough data | Not enough data | 
| **Continuous Monitoring** | Not enough data | Not enough data | Not enough data | 
| **Thorough Detection** | Not enough data | Not enough data | Not enough data | 

### API Security

| Product | Score | Reviews |
|---|---|---|
| **Invicti (formerly Netsparker)** | N/A | N/A |
| **OpenText Core Application Security** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### API Management 

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **API Discovery** | Feature Not Available | Not enough data | Not enough data | 
| **API Monitoring** | Feature Not Available | Not enough data | Not enough data | 
| **Reporting** | Feature Not Available | Not enough data | Not enough data | 
| **Change Management** | Feature Not Available | Not enough data | Not enough data | 

#### Security Testing

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Compliance Monitoring** | Feature Not Available | Not enough data | Not enough data | 
| **API Verification** | Feature Not Available | Not enough data | Not enough data | 
| **API Testing** | Not enough data | Not enough data | Not enough data | 

#### Security Management

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Security and Policy Enforcement** | Not enough data | Not enough data | Not enough data | 
| **Anomoly Detection** | Feature Not Available | Not enough data | Not enough data | 
| **Bot Detection** | Feature Not Available | Not enough data | Not enough data | 

### Secure Code Review

| Product | Score | Reviews |
|---|---|---|
| **Invicti (formerly Netsparker)** | N/A | N/A |
| **OpenText Core Application Security** | N/A | N/A |
| **SonarQube** | 7.5/10 | 45 |

#### Documentation

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Feedback** | Not enough data | Not enough data | 8.0 (42 reviews) | 
| **Prioritization** | Not enough data | Not enough data | 7.6 (37 reviews) | 
| **Remediation Suggestions** | Not enough data | Not enough data | 8.3 (38 reviews) | 

#### Security

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **False Positives** | Not enough data | Not enough data | 6.7 (37 reviews) | 
| **Custom Compliance** | Not enough data | Not enough data | 7.0 (34 reviews) | 
| **Agility** | Not enough data | Not enough data | 7.9 (37 reviews) | 

### Application Security

| Product | Score | Reviews |
|---|---|---|
| **Invicti (formerly Netsparker)** | N/A | N/A |
| **OpenText Core Application Security** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Generative AI

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **AI Text Summarization** | Not enough data | Not enough data | Not enough data | 

### Application Security Posture Management (ASPM)

| Product | Score | Reviews |
|---|---|---|
| **Invicti (formerly Netsparker)** | N/A | N/A |
| **OpenText Core Application Security** | N/A | N/A |
| **SonarQube** | 8.5/10 | 7 |

#### Risk management - Application Security Posture Management (ASPM)

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Vulnerability Management** | Not enough data | Not enough data | 9.3 (5 reviews) | 
| **Risk Assessment and Prioritization** | Not enough data | Not enough data | Feature Not Available | 
| **Compliance Management** | Not enough data | Not enough data | 9.0 (5 reviews) | 
| **Policy Enforcement** | Not enough data | Not enough data | 8.9 (6 reviews) | 

#### Integration and efficiency - Application Security Posture Management (ASPM)

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Integration with Development Tools** | Not enough data | Not enough data | 7.8 (6 reviews) | 
| **Automation and Efficiency** | Not enough data | Not enough data | Feature Not Available | 

#### Reporting and Analytics - Application Security Posture Management (ASPM)

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Trend Analysis** | Not enough data | Not enough data | 7.8 (6 reviews) | 
| **Risk Scoring** | Not enough data | Not enough data | Not enough data | 
| **Customizable Dashboards** | Not enough data | Not enough data | 8.3 (5 reviews) | 

#### Agentic AI  - Application Security Posture Management (ASPM)

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Autonomous Task Execution** | Not enough data | Not enough data | Not enough data | 
| **Multi-step Planning** | Not enough data | Not enough data | Not enough data | 

### Software Bill of Materials (SBOM)

| Product | Score | Reviews |
|---|---|---|
| **Invicti (formerly Netsparker)** | N/A | N/A |
| **OpenText Core Application Security** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Functionality - Software Bill of Materials (SBOM)

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Format Support** | Not enough data | Not enough data | Not enough data | 
| **Annotations** | Not enough data | Not enough data | Not enough data | 
| **Attestation** | Not enough data | Not enough data | Not enough data | 

#### Management - Software Bill of Materials (SBOM)

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Monitoring** | Not enough data | Not enough data | Not enough data | 
| **Dashboards** | Not enough data | Not enough data | Not enough data | 
| **User Provisioning** | Not enough data | Not enough data | Not enough data | 

### AI Governance Tools

| Product | Score | Reviews |
|---|---|---|
| **Invicti (formerly Netsparker)** | N/A | N/A |
| **OpenText Core Application Security** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### AI Compliance

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Regulatory Reporting** | Not enough data | Not enough data | Not enough data | 
| **Automated Compliance** | Not enough data | Not enough data | Not enough data | 
| **Audit Trails** | Not enough data | Not enough data | Feature Not Available | 

#### Risk Management &amp; Monitoring

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **AI Risk Management** | Not enough data | Not enough data | Feature Not Available | 
| **Real-time Monitoring** | Not enough data | Not enough data | Not enough data | 

#### AI Lifecycle Management

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Lifecycle Automation** | Not enough data | Not enough data | Feature Not Available | 

#### Access Control and Security

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Pole-based Access Control (RBAC)** | Not enough data | Not enough data | Not enough data | 

#### Collaboration and Communication 

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Model Sharing and Reuse** | Not enough data | Not enough data | Feature Not Available | 

#### Agentic AI - AI Governance Tools

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Autonomous Task Execution** | Not enough data | Not enough data | Not enough data | 
| **Multi-step Planning** | Not enough data | Not enough data | Not enough data | 
| **Cross-system Integration** | Not enough data | Not enough data | Not enough data | 
| **Adaptive Learning** | Not enough data | Not enough data | Not enough data | 
| **Natural Language Interaction** | Not enough data | Not enough data | Not enough data | 
| **Proactive Assistance** | Not enough data | Not enough data | Feature Not Available | 
| **Decision Making** | Not enough data | Not enough data | Not enough data | 

### Runtime Application Self-Protection (RASP) Tools

| Product | Score | Reviews |
|---|---|---|
| **Invicti (formerly Netsparker)** | N/A | N/A |
| **OpenText Core Application Security** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Threat Detection &amp; Response - Runtime Application Self-Protection (RASP)

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Threat Remediation** | Not enough data | Not enough data | Not enough data | 
| **Threat Detection** | Not enough data | Not enough data | Not enough data | 
| **Application Behavior Monitoring** | Not enough data | Not enough data | Not enough data | 
| **Intelligence and Reporting** | Not enough data | Not enough data | Not enough data | 

### Static Code Analysis

| Product | Score | Reviews |
|---|---|---|
| **Invicti (formerly Netsparker)** | N/A | N/A |
| **OpenText Core Application Security** | N/A | N/A |
| **SonarQube** | 6.2/10 | 8 |

#### Agentic AI - Static Code Analysis

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Adaptive Learning** | Not enough data | Not enough data | 6.3 (8 reviews) | 
| **Natural Language Interaction** | Not enough data | Not enough data | 5.7 (7 reviews) | 
| **Proactive Assistance** | Not enough data | Not enough data | 6.7 (8 reviews) | 

### AI AppSec Assistants

| Product | Score | Reviews |
|---|---|---|
| **Invicti (formerly Netsparker)** | N/A | N/A |
| **OpenText Core Application Security** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Performance - AI AppSec Assistants

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Remediation** | Not enough data | Not enough data | Not enough data | 
| **Real-time Vulnerability Detection** | Not enough data | Not enough data | Not enough data | 
| **Accuracy** | Not enough data | Not enough data | Not enough data | 

#### Integration - AI AppSec Assistants

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Stack Integration** | Not enough data | Not enough data | Not enough data | 
| **Workflow Integration** | Not enough data | Not enough data | Not enough data | 
| **Codebase Contextual Awareness** | Not enough data | Not enough data | Not enough data | 

### Cloud Security

| Product | Score | Reviews |
|---|---|---|
| **Invicti (formerly Netsparker)** | N/A | N/A |
| **OpenText Core Application Security** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Cloud Visibility

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Data Discovery** | Not enough data | Not enough data | Not enough data | 
| **Cloud Registry** | Not enough data | Not enough data | Not enough data | 
| **Cloud Gap Analytics** | Not enough data | Not enough data | Not enough data | 

#### Security

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Data Security** | Not enough data | Not enough data | Not enough data | 
| **Data loss Prevention** | Not enough data | Not enough data | Not enough data | 
| **Security Auditing** | Not enough data | Not enough data | Not enough data | 

#### Identity

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **SSO** | Not enough data | Not enough data | Not enough data | 
| **Governance** | Not enough data | Not enough data | Not enough data | 
| **User Analytics** | Not enough data | Not enough data | Not enough data | 

### Interactive Application Security Testing (IAST)

| Product | Score | Reviews |
|---|---|---|
| **Invicti (formerly Netsparker)** | N/A | N/A |
| **OpenText Core Application Security** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Agentic AI - Interactive Application Security Testing (IAST)

| Feature | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Autonomous Task Execution** | Not enough data | Not enough data | Not enough data | 

---
## Categories
**Shared Categories (1):** [Static Code Analysis Tools](https://www.g2.com/categories/static-code-analysis)

**Unique to Invicti (formerly Netsparker) (9):** [Dynamic Application Security Testing (DAST) Software](https://www.g2.com/categories/dynamic-application-security-testing-dast), [Penetration Testing Tools](https://www.g2.com/categories/penetration-testing-tools), [Website Security Software](https://www.g2.com/categories/website-security), [API Security Tools](https://www.g2.com/categories/api-security), [Static Application Security Testing (SAST) Software](https://www.g2.com/categories/static-application-security-testing-sast), [Vulnerability Scanner Software](https://www.g2.com/categories/vulnerability-scanner), [Software Composition Analysis Tools](https://www.g2.com/categories/software-composition-analysis), [Interactive Application Security Testing (IAST) Software](https://www.g2.com/categories/interactive-application-security-testing-iast), [Application Security Posture Management (ASPM) Software](https://www.g2.com/categories/application-security-posture-management-aspm)

**Unique to OpenText Core Application Security (3):** [Dynamic Application Security Testing (DAST) Software](https://www.g2.com/categories/dynamic-application-security-testing-dast), [Interactive Application Security Testing (IAST) Software](https://www.g2.com/categories/interactive-application-security-testing-iast), [Runtime Application Self-Protection (RASP) Tools ](https://www.g2.com/categories/runtime-application-self-protection-rasp-tools)

**Unique to SonarQube (9):** [Application Security Posture Management (ASPM) Software](https://www.g2.com/categories/application-security-posture-management-aspm), [Secure Code Review Software](https://www.g2.com/categories/secure-code-review), [Software Development Analytics Tools](https://www.g2.com/categories/software-development-analytics-tools), [Static Application Security Testing (SAST) Software](https://www.g2.com/categories/static-application-security-testing-sast), [Bug Tracking Software](https://www.g2.com/categories/bug-tracking), [Software Composition Analysis Tools](https://www.g2.com/categories/software-composition-analysis), [Software Bill of Materials (SBOM) Software](https://www.g2.com/categories/software-bill-of-materials-sbom), [AI AppSec Assistants](https://www.g2.com/categories/ai-appsec-assistants), [ AI Governance Tools](https://www.g2.com/categories/ai-governance-tools)


---
## Reviewer Demographics

### By Company Size

| Segment | Invicti (formerly Netsparker) | OpenText Core Application Security | SonarQube | 
|---|---|---|---|
| **Small-Business** | 23.1% | 32.4% | 18.1% | 
| **Mid-Market** | 29.2% | 26.5% | 39.9% | 
| **Enterprise** | 47.7% | 41.2% | 42.0% | 

### By Industry

#### Invicti (formerly Netsparker)

- **Computer Software:** 12.3%
- **Telecommunications:** 10.8%
- **Financial Services:** 9.2%
- **Information Technology and Services:** 9.2%
- **Computer &amp; Network Security:** 6.2%
- **Internet:** 6.2%
- **Insurance:** 4.6%
- **Automotive:** 3.1%
- **Consumer Goods:** 3.1%
- **Education Management:** 3.1%
- **Other:** 32.3%

#### OpenText Core Application Security

- **Information Technology and Services:** 26.5%
- **Computer &amp; Network Security:** 8.8%
- **Computer Software:** 8.8%
- **Airlines/Aviation:** 5.9%
- **Construction:** 5.9%
- **Banking:** 2.9%
- **Education Management:** 2.9%
- **Financial Services:** 2.9%
- **Health, Wellness and Fitness:** 2.9%
- **Higher Education:** 2.9%
- **Other:** 29.4%

#### SonarQube

- **Information Technology and Services:** 26.7%
- **Computer Software:** 20.7%
- **Financial Services:** 7.4%
- **Banking:** 3.7%
- **Computer &amp; Network Security:** 3.0%
- **Hospital &amp; Health Care:** 3.0%
- **Manufacturing:** 2.2%
- **Automotive:** 2.2%
- **Aviation &amp; Aerospace:** 2.2%
- **Telecommunications:** 2.2%
- **Other:** 26.7%

---
## Alternatives

### Alternatives to Invicti (formerly Netsparker)

- [Intruder](https://www.g2.com/products/intruder/reviews) — 4.8/5 stars (206 reviews)
- [Veracode Application Security Platform](https://www.g2.com/products/veracode-application-security-platform/reviews) — 3.8/5 stars (25 reviews)
- [Tenable Nessus](https://www.g2.com/products/tenable-nessus/reviews) — 4.5/5 stars (301 reviews)
- [HCL AppScan](https://www.g2.com/products/hcl-appscan/reviews) — 4.1/5 stars (76 reviews)
- [Burp Suite](https://www.g2.com/products/burp-suite/reviews) — 4.8/5 stars (129 reviews)
- [GitLab](https://www.g2.com/products/gitlab/reviews) — 4.5/5 stars (891 reviews)
- [Detectify](https://www.g2.com/products/detectify/reviews) — 4.5/5 stars (51 reviews)
- [Wiz](https://www.g2.com/products/wiz-wiz/reviews) — 4.7/5 stars (793 reviews)
- [Pentest-Tools.com](https://www.g2.com/products/pentest-tools-com/reviews) — 4.8/5 stars (100 reviews)
- [Postman](https://www.g2.com/products/postman/reviews) — 4.6/5 stars (1775 reviews)

### Alternatives to OpenText Core Application Security

- [Checkmarx](https://www.g2.com/products/checkmarx/reviews) — 4.2/5 stars (38 reviews)
- [Veracode Application Security Platform](https://www.g2.com/products/veracode-application-security-platform/reviews) — 3.8/5 stars (25 reviews)
- [HCL AppScan](https://www.g2.com/products/hcl-appscan/reviews) — 4.1/5 stars (76 reviews)
- [Tenable Nessus](https://www.g2.com/products/tenable-nessus/reviews) — 4.5/5 stars (301 reviews)
- [Burp Suite](https://www.g2.com/products/burp-suite/reviews) — 4.8/5 stars (129 reviews)
- [GitLab](https://www.g2.com/products/gitlab/reviews) — 4.5/5 stars (891 reviews)
- [Dynatrace](https://www.g2.com/products/dynatrace/reviews) — 4.5/5 stars (1363 reviews)
- [Coverity](https://www.g2.com/products/coverity/reviews) — 4.2/5 stars (55 reviews)
- [Gearset DevOps](https://www.g2.com/products/gearset-devops/reviews) — 4.7/5 stars (292 reviews)
- [Acunetix by Invicti](https://www.g2.com/products/acunetix-by-invicti/reviews) — 4.1/5 stars (105 reviews)

### Alternatives to SonarQube

- [GitHub](https://www.g2.com/products/github/reviews) — 4.7/5 stars (2353 reviews)
- [GitLab](https://www.g2.com/products/gitlab/reviews) — 4.5/5 stars (891 reviews)
- [Mend.io](https://www.g2.com/products/mend-io/reviews) — 4.3/5 stars (112 reviews)
- [Semgrep](https://www.g2.com/products/semgrep/reviews) — 4.6/5 stars (55 reviews)
- [Veracode Application Security Platform](https://www.g2.com/products/veracode-application-security-platform/reviews) — 3.8/5 stars (25 reviews)
- [Snyk](https://www.g2.com/products/snyk/reviews) — 4.5/5 stars (132 reviews)
- [Aikido Security](https://www.g2.com/products/aikido-security/reviews) — 4.6/5 stars (141 reviews)
- [Checkmarx](https://www.g2.com/products/checkmarx/reviews) — 4.2/5 stars (38 reviews)
- [Kiuwan Code Security &amp; Insights](https://www.g2.com/products/kiuwan-code-security-insights/reviews) — 4.5/5 stars (34 reviews)
- [Embold](https://www.g2.com/products/embold/reviews) — 4.7/5 stars (18 reviews)

---
## Top Discussions

### Invicti (formerly Netsparker)

- Title: [What is Invicti (formerly Netsparker) used for?](https://www.g2.com/discussions/what-is-invicti-formerly-netsparker-used-for) — 1 comment
  > **Top comment:** "Dynamic application Security Scanning - DAST Scan"
- Title: [What are URL rewrites and URL rewrite rules?](https://www.g2.com/discussions/netsparker-web-application-security-scanner-96cf6c3d-02fc-4405-a800-e28a0f893517) — 1 comment, 1 upvote *(includes official response)*
  > **Top comment:** "Web application developers use URL Rewrite Rules to hide parameters in the URL directory structure and is typically used to make it easier for search engines..."
- Title: [What is the Knowledge base node and what is reported in it?](https://www.g2.com/discussions/netsparker-web-application-security-scanner) — 1 comment, 1 upvote *(includes official response)*
  > **Top comment:** "Netsparker Desktop and Netsparker Cloud are not just web vulnerability scanners that automatically identify vulnerabilities in web applications. They are all..."
- Title: [How Does Netsparker Integrate with Your Existing SDLC?](https://www.g2.com/discussions/netsparker-scanners-faqs-e4a57e60-032c-4486-a798-94cc2b423ed8) — 1 comment, 1 upvote *(includes official response)*
  > **Top comment:** "We developed the TeamCity, Jenkins and Bamboo plugins to help you complete the Netsparker Cloud-assisted SDLC. Using our plugins, users with Administration..."
- Title: [What are the Plans &amp; Editions of Netsparker?](https://www.g2.com/discussions/netsparker-scanners-faqs-7c0a080f-a51b-479a-9fd4-47828171f241) — 1 comment, 1 upvote *(includes official response)*
  > **Top comment:** "The New Netsparker Plans:

Netsparker Standard – this plan includes Netsparker Desktop, which allows you to scan up to 20 websites
Netsparker Team – this..."

### OpenText Core Application Security

No discussions available for this product.

### SonarQube

No discussions available for this product.

---
**Source:** [G2.com](https://www.g2.com) | [Comparison Page](https://www.g2.com/compare/invicti-formerly-netsparker-vs-opentext-core-application-security-vs-sonarqube)