Introducing G2.ai, the future of software buying.Try now
Compare OpenText Core Application Security and SonarQube 
Featured Products
Sponsored
You’re seeing this ad based on the product’s relevance to this page. Sponsored content does not receive preferential treatment in any of G2’s ratings.
Endor Labs
Visit Website
Sponsored
You’re seeing this ad based on the product’s relevance to this page. Sponsored content does not receive preferential treatment in any of G2’s ratings.
Aikido Security
Visit Website
Sponsored
You’re seeing this ad based on the product’s relevance to this page. Sponsored content does not receive preferential treatment in any of G2’s ratings.
CAST Highlight
Visit Website
At a Glance
Market Segments
Enterprise (41.2% of reviews)
Enterprise (41.9% of reviews)
Entry-Level Pricing
No pricing available
Free
OpenText Core Application Security
Star Rating
(34)4.1 out of 5
Market Segments
Enterprise (41.2% of reviews)
Pros & Cons
Not enough data
Entry-Level Pricing
No pricing available
Learn more about OpenText Core Application SecuritySonarQube
Star Rating
(125)4.5 out of 5
Market Segments
Enterprise (41.9% of reviews)
Pros & Cons
Entry-Level Pricing
Free
Browse all 5 pricing plansSummary
AI Generated Summary
AI-generated. Powered by real user reviews.
- Users report that SonarQube Server excels in Static Code Analysis with a score of 9.0, which reviewers mention provides comprehensive insights into code quality and potential vulnerabilities, making it a preferred choice for developers focused on maintaining high code standards.
- Reviewers mention that OpenText Fortify On Demand shines in Detection Rate, scoring 8.5, which users say is crucial for identifying security vulnerabilities effectively, thus enhancing the overall security posture of applications.
- G2 users highlight that SonarQube Server's Documentation is particularly strong, with a feedback score of 7.7, allowing teams to easily understand and implement best practices, while users on G2 note that OpenText Fortify On Demand's documentation could be more user-friendly.
- Users say that SonarQube Server's Ease of Setup is rated at 7.8, which reviewers mention can be a bit challenging for new users, whereas OpenText Fortify On Demand scores higher at 8.2, indicating a smoother onboarding experience.
- Reviewers mention that SonarQube Server's API / Integrations score of 7.7 is beneficial for teams looking to integrate with existing tools, while users report that OpenText Fortify On Demand's extensibility is rated lower at 6.3, suggesting limitations in customization options.
- Users on G2 report that OpenText Fortify On Demand has a higher score in Quality of Support at 8.0, with reviewers mentioning responsive customer service, while SonarQube Server matches this score but lacks the same level of personalized support experience.
Pricing
Entry-Level Pricing
OpenText Core Application Security
No pricing availableSonarQube
Community Edition
Free
Explore: https://www.sonarsource.com/plans-and-pricing/
- Free
- Popular & classic languages support
- Integration with DevOps platforms
Free Trial
OpenText Core Application Security
Free Trial is available
SonarQube
Free Trial is available
Ratings
Meets Requirements
8.1
31
8.8
108
Ease of Use
8.2
31
8.5
111
Ease of Setup
8.2
12
8.1
70
Ease of Admin
8.9
12
8.5
63
Quality of Support
7.9
30
8.2
91
Has the product been a good partner in doing business?
9.0
12
8.4
57
Product Direction (% positive)
8.8
30
8.6
105
Features by Category
Administration
Not enough data
7.8
19
Not enough data
6.0
20
Analysis
Not enough data
7.4
21
Not enough data
8.0
20
Not enough data
8.9
22
Not enough data
9.0
22
Testing
Not enough data
6.6
18
Not enough data
5.9
19
Not enough data
6.0
21
Not enough data
6.9
18
Not enough data
6.8
17
Not enough data
8.2
21
Not enough data
6.9
21
Agentic AI - Static Application Security Testing (SAST)
Not enough data
Not enough data
Dynamic Application Security Testing (DAST)Hide 13 FeaturesShow 13 Features
Not enough data
Not enough data
Administration
Not enough data
Not enough data
Not enough data
Not enough data
Analysis
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Testing
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Functionality
Not enough data
8.1
31
Not enough data
8.4
30
Not enough data
8.2
29
Management
Not enough data
7.7
27
Not enough data
7.5
25
Not enough data
7.8
27
Bug Reporting
Not enough data
7.7
10
Not enough data
8.0
10
Not enough data
8.3
10
Bug Monitoring
Not enough data
7.8
10
Not enough data
8.2
10
Not enough data
8.5
10
Agentic AI - Bug Tracking
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Functionality - Software Composition Analysis
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Effectiveness - Software Composition Analysis
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Documentation
Not enough data
7.7
35
Not enough data
7.6
35
Not enough data
8.2
36
Security
Not enough data
6.9
33
Not enough data
7.0
32
Not enough data
7.9
33
Generative AI
Not enough data
Not enough data
Risk management - Application Security Posture Management (ASPM)
Not enough data
9.3
5
Not enough data
8.7
5
Not enough data
9.0
5
Not enough data
8.9
6
Integration and efficiency - Application Security Posture Management (ASPM)
Not enough data
7.8
6
Not enough data
8.6
6
Reporting and Analytics - Application Security Posture Management (ASPM)
Not enough data
7.8
6
Not enough data
Not enough data
Not enough data
8.3
5
Agentic AI - Application Security Posture Management (ASPM)
Not enough data
Not enough data
Not enough data
Not enough data
Functionality - Software Bill of Materials (SBOM)
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Management - Software Bill of Materials (SBOM)
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
AI Compliance
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Risk Management & Monitoring
Not enough data
Not enough data
Not enough data
Not enough data
AI Lifecycle Management
Not enough data
Not enough data
Access Control and Security
Not enough data
Not enough data
Collaboration and Communication
Not enough data
Not enough data
Agentic AI - AI Governance Tools
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Runtime Application Self-Protection (RASP) ToolsHide 4 FeaturesShow 4 Features
Not enough data
Not enough data
Threat Detection & Response - Runtime Application Self-Protection (RASP)
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Agentic AI - Static Code Analysis
Not enough data
6.3
8
Not enough data
5.7
7
Not enough data
6.7
8
Performance - AI AppSec Assistants
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Integration - AI AppSec Assistants
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Cloud Visibility
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Security
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Identity
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Interactive Application Security Testing (IAST)Hide 1 FeatureShow 1 Feature
Not enough data
Not enough data
Agentic AI - Interactive Application Security Testing (IAST)
Not enough data
Not enough data
Categories
Categories
Shared Categories
OpenText Core Application Security and SonarQube are categorized as Static Code Analysis
Unique Categories
OpenText Core Application Security is categorized as Dynamic Application Security Testing (DAST), Interactive Application Security Testing (IAST), and Runtime Application Self-Protection (RASP) Tools
SonarQube is categorized as Application Security Posture Management (ASPM), Secure Code Review, Software Development Analytics Tools, Static Application Security Testing (SAST), Bug Tracking, Software Composition Analysis, Software Bill of Materials (SBOM), AI AppSec Assistants, and AI Governance Tools
Reviews
Reviewers' Company Size
OpenText Core Application Security
Small-Business(50 or fewer emp.)
Mid-Market(51-1000 emp.)
Enterprise(> 1000 emp.)
SonarQube
Small-Business(50 or fewer emp.)
Mid-Market(51-1000 emp.)
Enterprise(> 1000 emp.)
Small-Business
(50 or fewer emp.)
Mid-Market
(51-1000 emp.)
Enterprise
(> 1000 emp.)
Reviewers' Industry
Information Technology and Services
26.5%
Computer Software
8.8%
Computer & Network Security
8.8%
Construction
5.9%
Airlines/Aviation
5.9%
Other
44.1%
Information Technology and Services
26.6%
Computer Software
21.8%
Financial Services
6.5%
Hospital & Health Care
3.2%
Computer & Network Security
3.2%
Other
38.7%
Alternatives
Discussions
OpenText Core Application Security has no discussions with answers
SonarQube has no discussions with answers
Hunting for software insights?
With over 3 million reviews, we can provide the specific details that help you make an informed software buying decision for your business. Finding the right product is important, let us help.
