2026 Best Software Awards are here!See the list
Compare OpenText Core Application Security and SonarQube 
Featured Products
At a Glance
Market Segments
Enterprise (41.2% of reviews)
Enterprise (42.2% of reviews)
Entry-Level Pricing
No pricing available
Free
OpenText Core Application Security
Star Rating
(34)4.1 out of 5
Market Segments
Enterprise (41.2% of reviews)
Pros & Cons
Not enough data
Entry-Level Pricing
No pricing available
Learn more about OpenText Core Application SecuritySonarQube
Star Rating
(138)4.4 out of 5
Market Segments
Enterprise (42.2% of reviews)
Pros & Cons
Entry-Level Pricing
Free
Free Trial is available
Browse all 6 pricing plansSummary
AI Generated Summary
AI-generated. Powered by real user reviews.
- G2 reviewers report that SonarQube excels in user satisfaction, boasting a significantly higher overall score compared to OpenText Core Application Security. Users appreciate its simple deployment process, particularly highlighting the ease of installation on Kubernetes using YAML formats.
- Users say that SonarQube's integration with GitHub is seamless, allowing developers to conduct scans effortlessly. This feature enhances productivity by enabling teams to receive immediate feedback on code quality and potential errors, which is a standout aspect of the platform.
- Reviewers mention that while OpenText Core Application Security provides a deep level of vulnerability analysis, it falls short in overall user satisfaction compared to SonarQube. Users note that it effectively detects security flaws, but some feel it lacks the intuitive user experience that SonarQube offers.
- According to verified reviews, SonarQube is praised for its ability to provide secure code suggestions, helping developers improve their coding practices. This proactive approach to code quality is a significant advantage for teams looking to enhance their software development lifecycle.
- Users highlight that OpenText Core Application Security allows for efficient error management and open communication, which is beneficial for team collaboration. However, the overall feedback suggests that it does not match the comprehensive features and user-friendly interface of SonarQube.
- G2 reviewers note that while both products serve the enterprise market, SonarQube has a larger user base and more recent reviews, indicating a more active and satisfied community. This is reflected in its higher ratings for support quality and ease of use, making it a more reliable choice for organizations.
Pricing
Entry-Level Pricing
OpenText Core Application Security
No pricing availableSonarQube
Cloud - based: Free
Free
For developers wanting to try SonarQube.
- Scan of private projects limited to 50k lines of code
- Users limited to max. 5
- Architecture management
Free Trial
OpenText Core Application Security
Free Trial is available
SonarQube
Free Trial is available
Ratings
Meets Requirements
8.1
31
8.8
118
Ease of Use
8.2
31
8.5
121
Ease of Setup
8.2
12
8.0
80
Ease of Admin
8.9
12
8.5
67
Quality of Support
7.9
30
8.1
100
Has the product been a good partner in doing business?
9.0
12
8.3
60
Product Direction (% positive)
8.8
30
8.6
115
Features by Category
Administration
Not enough data
7.8
19
Not enough data
6.0
20
Analysis
Not enough data
7.4
21
Not enough data
8.0
20
Not enough data
9.0
23
Not enough data
9.1
23
Testing
Not enough data
6.6
18
Not enough data
5.9
19
Not enough data
6.0
21
Not enough data
6.9
18
Not enough data
6.8
17
Not enough data
8.2
21
Not enough data
6.7
23
Agentic AI - Static Application Security Testing (SAST)
Not enough data
Not enough data
Dynamic Application Security Testing (DAST)Hide 13 FeaturesShow 13 Features
Not enough data
Not enough data
Administration
Not enough data
Not enough data
Not enough data
Not enough data
Analysis
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Testing
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Functionality
Not enough data
8.1
31
Not enough data
8.5
31
Not enough data
8.2
29
Management
Not enough data
Feature Not Available
Not enough data
7.5
25
Not enough data
7.9
28
Bug Reporting
Not enough data
7.7
10
Not enough data
8.0
10
Not enough data
8.3
10
Bug Monitoring
Not enough data
7.8
10
Not enough data
8.2
10
Not enough data
8.5
10
Agentic AI - Bug Tracking
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Functionality - Software Composition Analysis
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Effectiveness - Software Composition Analysis
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Documentation
Not enough data
8.0
42
Not enough data
7.6
37
Not enough data
8.4
39
Security
Not enough data
6.6
38
Not enough data
7.0
34
Not enough data
7.9
37
Generative AI
Not enough data
Not enough data
Risk management - Application Security Posture Management (ASPM)
Not enough data
9.3
5
Not enough data
Feature Not Available
Not enough data
9.0
5
Not enough data
8.9
6
Integration and efficiency - Application Security Posture Management (ASPM)
Not enough data
7.8
6
Not enough data
Feature Not Available
Reporting and Analytics - Application Security Posture Management (ASPM)
Not enough data
7.8
6
Not enough data
Not enough data
Not enough data
8.3
5
Agentic AI - Application Security Posture Management (ASPM)
Not enough data
Not enough data
Not enough data
Not enough data
Functionality - Software Bill of Materials (SBOM)
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Management - Software Bill of Materials (SBOM)
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
AI Compliance
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Feature Not Available
Risk Management & Monitoring
Not enough data
Feature Not Available
Not enough data
Not enough data
AI Lifecycle Management
Not enough data
Feature Not Available
Access Control and Security
Not enough data
Not enough data
Collaboration and Communication
Not enough data
Feature Not Available
Agentic AI - AI Governance Tools
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Feature Not Available
Not enough data
Not enough data
Runtime Application Self-Protection (RASP) ToolsHide 4 FeaturesShow 4 Features
Not enough data
Not enough data
Threat Detection & Response - Runtime Application Self-Protection (RASP)
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Agentic AI - Static Code Analysis
Not enough data
6.3
8
Not enough data
5.7
7
Not enough data
6.7
8
Performance - AI AppSec Assistants
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Integration - AI AppSec Assistants
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Cloud Visibility
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Security
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Identity
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Interactive Application Security Testing (IAST)Hide 1 FeatureShow 1 Feature
Not enough data
Not enough data
Agentic AI - Interactive Application Security Testing (IAST)
Not enough data
Not enough data
Categories
Categories
Shared Categories
OpenText Core Application Security and SonarQube are categorized as Static Code Analysis
Unique Categories
OpenText Core Application Security is categorized as Dynamic Application Security Testing (DAST), Interactive Application Security Testing (IAST), and Runtime Application Self-Protection (RASP) Tools
SonarQube is categorized as Application Security Posture Management (ASPM), Secure Code Review, Software Development Analytics Tools, Static Application Security Testing (SAST), Bug Tracking, Software Composition Analysis, Software Bill of Materials (SBOM), AI AppSec Assistants, and AI Governance Tools
Reviews
Reviewers' Company Size
OpenText Core Application Security
Small-Business(50 or fewer emp.)
Mid-Market(51-1000 emp.)
Enterprise(> 1000 emp.)
SonarQube
Small-Business(50 or fewer emp.)
Mid-Market(51-1000 emp.)
Enterprise(> 1000 emp.)
Small-Business
(50 or fewer emp.)
Mid-Market
(51-1000 emp.)
Enterprise
(> 1000 emp.)
Reviewers' Industry
Information Technology and Services
26.5%
Computer Software
8.8%
Computer & Network Security
8.8%
Construction
5.9%
Airlines/Aviation
5.9%
Other
44.1%
Information Technology and Services
26.9%
Computer Software
20.1%
Financial Services
7.5%
Manufacturing
3.0%
Hospital & Health Care
3.0%
Other
39.6%
Alternatives
Discussions
OpenText Core Application Security has no discussions with answers
SonarQube has no discussions with answers
Hunting for software insights?
With over 3 million reviews, we can provide the specific details that help you make an informed software buying decision for your business. Finding the right product is important, let us help.
