# OpenText Core Application Security, OpenText Static Application Security Testing vs SonarQube Comparison

| | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Star Rating** | 4.1 out of 5 | 4.5 out of 5 | 4.4 out of 5 | 
| **Total Reviews** | 34 | 24 | 141 | 
| **Largest Market Segment** | Enterprise (41.2% of reviews) | Enterprise (47.6% of reviews) | Enterprise (42.0% of reviews) | 
| **Entry Level Price** | No pricing available | No pricing available | Free | 

---
## Top Pros & Cons

### OpenText Core Application Security

**Not enough data**

### OpenText Static Application Security Testing

Pros:
- Easy Integrations (1 reviews)
- Integrations (1 reviews)

Cons:
- False Positives (1 reviews)

### SonarQube

Pros:
- Code Quality (24 reviews)
- Features (20 reviews)

Cons:
- Software Bugs (12 reviews)
- Complex Configuration (10 reviews)

---
## Ratings Comparison
| Rating | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
  | **Meets Requirements** | 8.1 (31 reviews) | 8.3 (15 reviews) | 8.8 (119 reviews) | 
  | **Ease of Use** | 8.2 (31 reviews) | 8.7 (15 reviews) | 8.5 (122 reviews) | 
  | **Ease of Setup** | 8.2 (12 reviews) | 8.3 (9 reviews) | 8.1 (81 reviews) | 
  | **Ease of Admin** | 8.9 (12 reviews) | 8.1 (9 reviews) | 8.5 (67 reviews) | 
  | **Quality of Support** | 7.9 (30 reviews) | 8.7 (15 reviews) | 8.2 (101 reviews) | 
  | **Has the product been a good partner in doing business?** | 9.0 (12 reviews) | 8.5 (9 reviews) | 8.3 (60 reviews) | 
  | **Product Direction (% positive)** | 8.8 (30 reviews) | 9.1 (13 reviews) | 8.6 (115 reviews) | 

---
## Pricing

### OpenText Core Application Security

#### Entry-Level Pricing

No pricing available

#### Free Trial

Yes

### OpenText Static Application Security Testing

#### Entry-Level Pricing

No pricing available

#### Free Trial

No information available

### SonarQube

#### Entry-Level Pricing

Plan: Free

Price: Free

Description: For developers wanting to try SonarQube.


Key Features:
- Scan of private projects limited to 50k lines of code
- Users limited to max. 5
- Architecture management

[Browse all 3 editions](https://www.g2.com/products/sonarqube/pricing)

#### Free Trial

Yes

---
## Features Comparison By Category

### Static Application Security Testing (SAST)

| Product | Score | Reviews |
|---|---|---|
| **OpenText Core Application Security** | N/A | N/A |
| **OpenText Static Application Security Testing** | 8.1/10 | 13 |
| **SonarQube** | 7.3/10 | 25 |

#### Administration

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **API / Integrations** | Not enough data | 8.9 (9 reviews) | 7.9 (20 reviews) | 
| **Extensibility** | Not enough data | 8.7 (10 reviews) | 6.0 (20 reviews) | 

#### Analysis

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Reporting and Analytics** | Not enough data | 8.3 (11 reviews) | 7.4 (21 reviews) | 
| **Issue Tracking** | Not enough data | 8.0 (11 reviews) | 8.0 (20 reviews) | 
| **Static Code Analysis** | Not enough data | 8.8 (11 reviews) | 9.0 (23 reviews) | 
| **Code Analysis** | Not enough data | 8.5 (10 reviews) | 9.1 (23 reviews) | 

#### Testing

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Command-Line Tools** | Not enough data | 8.1 (9 reviews) | 6.6 (18 reviews) | 
| **Manual Testing** | Not enough data | 6.9 (9 reviews) | 5.9 (19 reviews) | 
| **Test Automation** | Not enough data | 8.7 (10 reviews) | 6.0 (21 reviews) | 
| **Compliance Testing** | Not enough data | 8.5 (8 reviews) | 6.9 (18 reviews) | 
| **Black-Box Scanning** | Not enough data | 7.0 (9 reviews) | 6.8 (17 reviews) | 
| **Detection Rate** | Not enough data | 8.3 (9 reviews) | 8.2 (21 reviews) | 
| **False Positives** | Not enough data | 6.2 (11 reviews) | 6.7 (23 reviews) | 

#### Agentic AI - Static Application Security Testing (SAST)

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Autonomous Task Execution** | Not enough data | Not enough data | Not enough data | 

### Dynamic Application Security Testing (DAST)

| Product | Score | Reviews |
|---|---|---|
| **OpenText Core Application Security** | N/A | N/A |
| **OpenText Static Application Security Testing** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Administration

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **API / Integrations** | Not enough data | Not enough data | Not enough data | 
| **Extensibility** | Not enough data | Not enough data | Not enough data | 

#### Analysis

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Reporting and Analytics** | Not enough data | Not enough data | Not enough data | 
| **Issue Tracking** | Not enough data | Not enough data | Not enough data | 
| **Static Code Analysis** | Not enough data | Not enough data | Not enough data | 
| **Vulnerability Scan** | Not enough data | Not enough data | Not enough data | 
| **Code Analysis** | Not enough data | Not enough data | Not enough data | 

#### Testing

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Manual Testing** | Not enough data | Not enough data | Not enough data | 
| **Test Automation** | Not enough data | Not enough data | Not enough data | 
| **Compliance Testing** | Not enough data | Not enough data | Not enough data | 
| **Black-Box Scanning** | Not enough data | Not enough data | Not enough data | 
| **Detection Rate** | Not enough data | Not enough data | Not enough data | 
| **False Positives** | Not enough data | Not enough data | Not enough data | 

### Software Development Analytics Tools

| Product | Score | Reviews |
|---|---|---|
| **OpenText Core Application Security** | N/A | N/A |
| **OpenText Static Application Security Testing** | N/A | N/A |
| **SonarQube** | 8.0/10 | 35 |

#### Functionality

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Repository Integration** | Not enough data | Not enough data | 8.1 (32 reviews) | 
| **Analytics and Trends** | Not enough data | Not enough data | 8.5 (31 reviews) | 
| **Productivity Updates** | Not enough data | Not enough data | 8.2 (29 reviews) | 

#### Management

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Historical Data Consolidation** | Not enough data | Not enough data | Feature Not Available | 
| **Data Context** | Not enough data | Not enough data | 7.5 (26 reviews) | 
| **Testing Integration** | Not enough data | Not enough data | 7.9 (29 reviews) | 

### Bug Tracking

| Product | Score | Reviews |
|---|---|---|
| **OpenText Core Application Security** | N/A | N/A |
| **OpenText Static Application Security Testing** | N/A | N/A |
| **SonarQube** | 8.1/10 | 11 |

#### Bug Reporting

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **User Reports &amp; Feedback** | Not enough data | Not enough data | 7.7 (10 reviews) | 
| **Tester Reports &amp; Feedback** | Not enough data | Not enough data | 8.0 (10 reviews) | 
| **Team Reports &amp; Comments** | Not enough data | Not enough data | 8.3 (10 reviews) | 

#### Bug Monitoring

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Analytics** | Not enough data | Not enough data | 7.8 (10 reviews) | 
| **Bug History** | Not enough data | Not enough data | 8.2 (10 reviews) | 
| **Data Retention** | Not enough data | Not enough data | 8.5 (10 reviews) | 

#### Agentic AI - Bug Tracking

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Adaptive Learning** | Not enough data | Not enough data | Not enough data | 
| **Natural Language Interaction** | Not enough data | Not enough data | Not enough data | 
| **Proactive Assistance** | Not enough data | Not enough data | Not enough data | 

### Software Composition Analysis

| Product | Score | Reviews |
|---|---|---|
| **OpenText Core Application Security** | N/A | N/A |
| **OpenText Static Application Security Testing** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Functionality - Software Composition Analysis 

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Language Support** | Not enough data | Not enough data | Not enough data | 
| **Integration** | Not enough data | Not enough data | Not enough data | 
| **Transparency** | Not enough data | Not enough data | Not enough data | 

#### Effectiveness - Software Composition Analysis

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Remediation Suggestions** | Not enough data | Not enough data | Not enough data | 
| **Continuous Monitoring** | Not enough data | Not enough data | Not enough data | 
| **Thorough Detection** | Not enough data | Not enough data | Not enough data | 

### Secure Code Review

| Product | Score | Reviews |
|---|---|---|
| **OpenText Core Application Security** | N/A | N/A |
| **OpenText Static Application Security Testing** | N/A | N/A |
| **SonarQube** | 7.5/10 | 45 |

#### Documentation

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Feedback** | Not enough data | Not enough data | 8.0 (42 reviews) | 
| **Prioritization** | Not enough data | Not enough data | 7.6 (37 reviews) | 
| **Remediation Suggestions** | Not enough data | Not enough data | 8.3 (38 reviews) | 

#### Security

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **False Positives** | Not enough data | Not enough data | 6.7 (37 reviews) | 
| **Custom Compliance** | Not enough data | Not enough data | 7.0 (34 reviews) | 
| **Agility** | Not enough data | Not enough data | 7.9 (37 reviews) | 

### Application Security

| Product | Score | Reviews |
|---|---|---|
| **OpenText Core Application Security** | N/A | N/A |
| **OpenText Static Application Security Testing** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Generative AI

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **AI Text Summarization** | Not enough data | Not enough data | Not enough data | 

### Application Security Posture Management (ASPM)

| Product | Score | Reviews |
|---|---|---|
| **OpenText Core Application Security** | N/A | N/A |
| **OpenText Static Application Security Testing** | N/A | N/A |
| **SonarQube** | 8.5/10 | 7 |

#### Risk management - Application Security Posture Management (ASPM)

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Vulnerability Management** | Not enough data | Not enough data | 9.3 (5 reviews) | 
| **Risk Assessment and Prioritization** | Not enough data | Not enough data | Feature Not Available | 
| **Compliance Management** | Not enough data | Not enough data | 9.0 (5 reviews) | 
| **Policy Enforcement** | Not enough data | Not enough data | 8.9 (6 reviews) | 

#### Integration and efficiency - Application Security Posture Management (ASPM)

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Integration with Development Tools** | Not enough data | Not enough data | 7.8 (6 reviews) | 
| **Automation and Efficiency** | Not enough data | Not enough data | Feature Not Available | 

#### Reporting and Analytics - Application Security Posture Management (ASPM)

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Trend Analysis** | Not enough data | Not enough data | 7.8 (6 reviews) | 
| **Risk Scoring** | Not enough data | Not enough data | Not enough data | 
| **Customizable Dashboards** | Not enough data | Not enough data | 8.3 (5 reviews) | 

#### Agentic AI  - Application Security Posture Management (ASPM)

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Autonomous Task Execution** | Not enough data | Not enough data | Not enough data | 
| **Multi-step Planning** | Not enough data | Not enough data | Not enough data | 

### Software Bill of Materials (SBOM)

| Product | Score | Reviews |
|---|---|---|
| **OpenText Core Application Security** | N/A | N/A |
| **OpenText Static Application Security Testing** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Functionality - Software Bill of Materials (SBOM)

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Format Support** | Not enough data | Not enough data | Not enough data | 
| **Annotations** | Not enough data | Not enough data | Not enough data | 
| **Attestation** | Not enough data | Not enough data | Not enough data | 

#### Management - Software Bill of Materials (SBOM)

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Monitoring** | Not enough data | Not enough data | Not enough data | 
| **Dashboards** | Not enough data | Not enough data | Not enough data | 
| **User Provisioning** | Not enough data | Not enough data | Not enough data | 

### AI Governance Tools

| Product | Score | Reviews |
|---|---|---|
| **OpenText Core Application Security** | N/A | N/A |
| **OpenText Static Application Security Testing** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### AI Compliance

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Regulatory Reporting** | Not enough data | Not enough data | Not enough data | 
| **Automated Compliance** | Not enough data | Not enough data | Not enough data | 
| **Audit Trails** | Not enough data | Not enough data | Feature Not Available | 

#### Risk Management &amp; Monitoring

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **AI Risk Management** | Not enough data | Not enough data | Feature Not Available | 
| **Real-time Monitoring** | Not enough data | Not enough data | Not enough data | 

#### AI Lifecycle Management

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Lifecycle Automation** | Not enough data | Not enough data | Feature Not Available | 

#### Access Control and Security

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Pole-based Access Control (RBAC)** | Not enough data | Not enough data | Not enough data | 

#### Collaboration and Communication 

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Model Sharing and Reuse** | Not enough data | Not enough data | Feature Not Available | 

#### Agentic AI - AI Governance Tools

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Autonomous Task Execution** | Not enough data | Not enough data | Not enough data | 
| **Multi-step Planning** | Not enough data | Not enough data | Not enough data | 
| **Cross-system Integration** | Not enough data | Not enough data | Not enough data | 
| **Adaptive Learning** | Not enough data | Not enough data | Not enough data | 
| **Natural Language Interaction** | Not enough data | Not enough data | Not enough data | 
| **Proactive Assistance** | Not enough data | Not enough data | Feature Not Available | 
| **Decision Making** | Not enough data | Not enough data | Not enough data | 

### Runtime Application Self-Protection (RASP) Tools

| Product | Score | Reviews |
|---|---|---|
| **OpenText Core Application Security** | N/A | N/A |
| **OpenText Static Application Security Testing** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Threat Detection &amp; Response - Runtime Application Self-Protection (RASP)

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Threat Remediation** | Not enough data | Not enough data | Not enough data | 
| **Threat Detection** | Not enough data | Not enough data | Not enough data | 
| **Application Behavior Monitoring** | Not enough data | Not enough data | Not enough data | 
| **Intelligence and Reporting** | Not enough data | Not enough data | Not enough data | 

### Static Code Analysis

| Product | Score | Reviews |
|---|---|---|
| **OpenText Core Application Security** | N/A | N/A |
| **OpenText Static Application Security Testing** | N/A | N/A |
| **SonarQube** | 6.2/10 | 8 |

#### Agentic AI - Static Code Analysis

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Adaptive Learning** | Not enough data | Not enough data | 6.3 (8 reviews) | 
| **Natural Language Interaction** | Not enough data | Not enough data | 5.7 (7 reviews) | 
| **Proactive Assistance** | Not enough data | Not enough data | 6.7 (8 reviews) | 

### AI AppSec Assistants

| Product | Score | Reviews |
|---|---|---|
| **OpenText Core Application Security** | N/A | N/A |
| **OpenText Static Application Security Testing** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Performance - AI AppSec Assistants

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Remediation** | Not enough data | Not enough data | Not enough data | 
| **Real-time Vulnerability Detection** | Not enough data | Not enough data | Not enough data | 
| **Accuracy** | Not enough data | Not enough data | Not enough data | 

#### Integration - AI AppSec Assistants

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Stack Integration** | Not enough data | Not enough data | Not enough data | 
| **Workflow Integration** | Not enough data | Not enough data | Not enough data | 
| **Codebase Contextual Awareness** | Not enough data | Not enough data | Not enough data | 

### Cloud Security

| Product | Score | Reviews |
|---|---|---|
| **OpenText Core Application Security** | N/A | N/A |
| **OpenText Static Application Security Testing** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Cloud Visibility

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Data Discovery** | Not enough data | Not enough data | Not enough data | 
| **Cloud Registry** | Not enough data | Not enough data | Not enough data | 
| **Cloud Gap Analytics** | Not enough data | Not enough data | Not enough data | 

#### Security

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Data Security** | Not enough data | Not enough data | Not enough data | 
| **Data loss Prevention** | Not enough data | Not enough data | Not enough data | 
| **Security Auditing** | Not enough data | Not enough data | Not enough data | 

#### Identity

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **SSO** | Not enough data | Not enough data | Not enough data | 
| **Governance** | Not enough data | Not enough data | Not enough data | 
| **User Analytics** | Not enough data | Not enough data | Not enough data | 

### Interactive Application Security Testing (IAST)

| Product | Score | Reviews |
|---|---|---|
| **OpenText Core Application Security** | N/A | N/A |
| **OpenText Static Application Security Testing** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Agentic AI - Interactive Application Security Testing (IAST)

| Feature | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Autonomous Task Execution** | Not enough data | Not enough data | Not enough data | 

---
## Categories
**Shared Categories (1):** [Static Code Analysis Tools](https://www.g2.com/categories/static-code-analysis)

**Unique to OpenText Core Application Security (3):** [Dynamic Application Security Testing (DAST) Software](https://www.g2.com/categories/dynamic-application-security-testing-dast), [Interactive Application Security Testing (IAST) Software](https://www.g2.com/categories/interactive-application-security-testing-iast), [Runtime Application Self-Protection (RASP) Tools ](https://www.g2.com/categories/runtime-application-self-protection-rasp-tools)

**Unique to OpenText Static Application Security Testing (1):** [Static Application Security Testing (SAST) Software](https://www.g2.com/categories/static-application-security-testing-sast)

**Unique to SonarQube (9):** [Application Security Posture Management (ASPM) Software](https://www.g2.com/categories/application-security-posture-management-aspm), [Secure Code Review Software](https://www.g2.com/categories/secure-code-review), [Software Development Analytics Tools](https://www.g2.com/categories/software-development-analytics-tools), [Static Application Security Testing (SAST) Software](https://www.g2.com/categories/static-application-security-testing-sast), [Bug Tracking Software](https://www.g2.com/categories/bug-tracking), [Software Composition Analysis Tools](https://www.g2.com/categories/software-composition-analysis), [Software Bill of Materials (SBOM) Software](https://www.g2.com/categories/software-bill-of-materials-sbom), [AI AppSec Assistants](https://www.g2.com/categories/ai-appsec-assistants), [ AI Governance Tools](https://www.g2.com/categories/ai-governance-tools)


---
## Reviewer Demographics

### By Company Size

| Segment | OpenText Core Application Security | OpenText Static Application Security Testing | SonarQube | 
|---|---|---|---|
| **Small-Business** | 32.4% | 28.6% | 18.1% | 
| **Mid-Market** | 26.5% | 23.8% | 39.9% | 
| **Enterprise** | 41.2% | 47.6% | 42.0% | 

### By Industry

#### OpenText Core Application Security

- **Information Technology and Services:** 26.5%
- **Computer &amp; Network Security:** 8.8%
- **Computer Software:** 8.8%
- **Airlines/Aviation:** 5.9%
- **Construction:** 5.9%
- **Banking:** 2.9%
- **Education Management:** 2.9%
- **Financial Services:** 2.9%
- **Health, Wellness and Fitness:** 2.9%
- **Higher Education:** 2.9%
- **Other:** 29.4%

#### OpenText Static Application Security Testing

- **Financial Services:** 23.8%
- **Banking:** 19.0%
- **Information Technology and Services:** 14.3%
- **Computer Software:** 14.3%
- **Computer &amp; Network Security:** 9.5%
- **Consulting:** 4.8%
- **Hospital &amp; Health Care:** 4.8%
- **Higher Education:** 4.8%
- **Automotive:** 4.8%

#### SonarQube

- **Information Technology and Services:** 26.7%
- **Computer Software:** 20.7%
- **Financial Services:** 7.4%
- **Banking:** 3.7%
- **Computer &amp; Network Security:** 3.0%
- **Hospital &amp; Health Care:** 3.0%
- **Manufacturing:** 2.2%
- **Automotive:** 2.2%
- **Aviation &amp; Aerospace:** 2.2%
- **Telecommunications:** 2.2%
- **Other:** 26.7%

---
## Alternatives

### Alternatives to OpenText Core Application Security

- [Checkmarx](https://www.g2.com/products/checkmarx/reviews) — 4.2/5 stars (38 reviews)
- [Veracode Application Security Platform](https://www.g2.com/products/veracode-application-security-platform/reviews) — 3.8/5 stars (25 reviews)
- [HCL AppScan](https://www.g2.com/products/hcl-appscan/reviews) — 4.1/5 stars (76 reviews)
- [Tenable Nessus](https://www.g2.com/products/tenable-nessus/reviews) — 4.5/5 stars (301 reviews)
- [Burp Suite](https://www.g2.com/products/burp-suite/reviews) — 4.8/5 stars (129 reviews)
- [GitLab](https://www.g2.com/products/gitlab/reviews) — 4.5/5 stars (891 reviews)
- [Invicti (formerly Netsparker)](https://www.g2.com/products/invicti-formerly-netsparker/reviews) — 4.6/5 stars (69 reviews)
- [Dynatrace](https://www.g2.com/products/dynatrace/reviews) — 4.5/5 stars (1363 reviews)
- [Coverity](https://www.g2.com/products/coverity/reviews) — 4.2/5 stars (55 reviews)
- [Gearset DevOps](https://www.g2.com/products/gearset-devops/reviews) — 4.7/5 stars (292 reviews)

### Alternatives to OpenText Static Application Security Testing

- [Coverity](https://www.g2.com/products/coverity/reviews) — 4.2/5 stars (55 reviews)
- [Checkmarx](https://www.g2.com/products/checkmarx/reviews) — 4.2/5 stars (38 reviews)
- [GitHub](https://www.g2.com/products/github/reviews) — 4.7/5 stars (2353 reviews)
- [GitLab](https://www.g2.com/products/gitlab/reviews) — 4.5/5 stars (891 reviews)
- [Mend.io](https://www.g2.com/products/mend-io/reviews) — 4.3/5 stars (112 reviews)
- [Semgrep](https://www.g2.com/products/semgrep/reviews) — 4.6/5 stars (55 reviews)
- [Snyk](https://www.g2.com/products/snyk/reviews) — 4.5/5 stars (132 reviews)
- [Veracode Application Security Platform](https://www.g2.com/products/veracode-application-security-platform/reviews) — 3.8/5 stars (25 reviews)
- [Klocwork](https://www.g2.com/products/klocwork/reviews) — 4.4/5 stars (23 reviews)
- [HCL AppScan](https://www.g2.com/products/hcl-appscan/reviews) — 4.1/5 stars (76 reviews)

### Alternatives to SonarQube

- [GitHub](https://www.g2.com/products/github/reviews) — 4.7/5 stars (2353 reviews)
- [GitLab](https://www.g2.com/products/gitlab/reviews) — 4.5/5 stars (891 reviews)
- [Mend.io](https://www.g2.com/products/mend-io/reviews) — 4.3/5 stars (112 reviews)
- [Semgrep](https://www.g2.com/products/semgrep/reviews) — 4.6/5 stars (55 reviews)
- [Veracode Application Security Platform](https://www.g2.com/products/veracode-application-security-platform/reviews) — 3.8/5 stars (25 reviews)
- [Snyk](https://www.g2.com/products/snyk/reviews) — 4.5/5 stars (132 reviews)
- [Aikido Security](https://www.g2.com/products/aikido-security/reviews) — 4.6/5 stars (141 reviews)
- [Checkmarx](https://www.g2.com/products/checkmarx/reviews) — 4.2/5 stars (38 reviews)
- [Kiuwan Code Security &amp; Insights](https://www.g2.com/products/kiuwan-code-security-insights/reviews) — 4.5/5 stars (34 reviews)
- [Embold](https://www.g2.com/products/embold/reviews) — 4.7/5 stars (18 reviews)

---
## Top Discussions

### OpenText Core Application Security

No discussions available for this product.

### OpenText Static Application Security Testing

- Title: [What are the main components of Fortify?](https://www.g2.com/discussions/fortify-static-code-analyzer-what-are-the-main-components-of-fortify) — 1 comment
  > **Top comment:** "Fortify SSC server 
Fortify scan software for windows or Linux "
- Title: [will provide Video training course for this tool?](https://www.g2.com/discussions/49959-will-provide-video-training-course-for-this-tool) — 1 comment, 1 upvote
  > **Top comment:** "Micro Focus has a comprehensive set of free training tools! Check out this one on SCA..."

### SonarQube

No discussions available for this product.

---
**Source:** [G2.com](https://www.g2.com) | [Comparison Page](https://www.g2.com/compare/opentext-core-application-security-vs-opentext-static-application-security-testing-vs-sonarqube)