Introducing G2.ai, the future of software buying.Try now
Compare OpenText Static Application Security Testing and SonarQube 
Featured Products
Sponsored
You’re seeing this ad based on the product’s relevance to this page. Sponsored content does not receive preferential treatment in any of G2’s ratings.
Aikido Security
Visit Website
Sponsored
You’re seeing this ad based on the product’s relevance to this page. Sponsored content does not receive preferential treatment in any of G2’s ratings.
Endor Labs
Visit Website
Sponsored
You’re seeing this ad based on the product’s relevance to this page. Sponsored content does not receive preferential treatment in any of G2’s ratings.
CAST Highlight
Visit Website
At a Glance
Market Segments
Enterprise (47.6% of reviews)
Enterprise (41.9% of reviews)
Entry-Level Pricing
No pricing available
Free
OpenText Static Application Security Testing
Star Rating
(24)4.5 out of 5
Market Segments
Enterprise (47.6% of reviews)
Entry-Level Pricing
No pricing available
Learn more about OpenText Static Application Security TestingSonarQube
Star Rating
(125)4.5 out of 5
Market Segments
Enterprise (41.9% of reviews)
Entry-Level Pricing
Free
Browse all 5 pricing plansSummary
AI Generated Summary
AI-generated. Powered by real user reviews.
- Users report that "SonarQube Server" excels in "Static Code Analysis" with a score of 9.0, highlighting its ability to provide comprehensive insights into code quality, while "OpenText Fortify Static Code Analyzer" follows closely with a score of 8.7, indicating strong performance but slightly less depth in analysis.
- Reviewers mention that "OpenText Fortify" shines in "Test Automation" with a score of 8.5, making it a preferred choice for teams looking to integrate automated testing into their workflows, whereas "SonarQube Server" scores lower at 6.3, suggesting it may not be as robust in this area.
- G2 users highlight that "OpenText Fortify" offers superior "API / Integrations" with a score of 9.0, allowing for seamless integration with various development tools, while "SonarQube Server" scores 7.7, indicating some limitations in extensibility and integration capabilities.
- Users on G2 report that "SonarQube Server" provides better "Documentation" with a score of 8.2 for "Remediation Suggestions," which helps developers understand how to fix issues, while "OpenText Fortify" scores lower in this area, suggesting that its guidance may not be as clear or comprehensive.
- Reviewers mention that "OpenText Fortify" has a higher score of 8.3 in "Reporting and Analytics," which is crucial for teams needing detailed insights into vulnerabilities and compliance, compared to "SonarQube Server" which scores 7.6, indicating less robust reporting features.
- Users say that "SonarQube Server" is easier to use with a score of 8.3, making it more accessible for teams new to static code analysis, while "OpenText Fortify" scores 8.7, suggesting it may have a steeper learning curve despite its advanced features.
Pricing
Entry-Level Pricing
OpenText Static Application Security Testing
No pricing availableSonarQube
Community Edition
Free
Explore: https://www.sonarsource.com/plans-and-pricing/
- Free
- Popular & classic languages support
- Integration with DevOps platforms
Free Trial
OpenText Static Application Security Testing
No trial information availableSonarQube
Free Trial is available
Ratings
Meets Requirements
8.3
15
8.8
108
Ease of Use
8.7
15
8.5
111
Ease of Setup
8.3
9
8.1
70
Ease of Admin
8.1
9
8.5
63
Quality of Support
8.7
15
8.2
91
Has the product been a good partner in doing business?
8.5
9
8.4
57
Product Direction (% positive)
9.1
13
8.6
105
Features by Category
Administration
8.9
9
7.8
19
8.7
10
6.0
20
Analysis
8.3
11
7.4
21
8.0
11
8.0
20
8.8
11
8.9
22
8.5
10
9.0
22
Testing
8.1
9
6.6
18
6.9
9
5.9
19
8.7
10
6.0
21
8.5
8
6.9
18
7.0
9
6.8
17
8.3
9
8.2
21
6.2
11
6.9
21
Agentic AI - Static Application Security Testing (SAST)
Not enough data
Not enough data
Functionality
Not enough data
8.1
31
Not enough data
8.4
30
Not enough data
8.2
29
Management
Not enough data
7.7
27
Not enough data
7.5
25
Not enough data
7.8
27
Bug Reporting
Not enough data
7.7
10
Not enough data
8.0
10
Not enough data
8.3
10
Bug Monitoring
Not enough data
7.8
10
Not enough data
8.2
10
Not enough data
8.5
10
Agentic AI - Bug Tracking
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Functionality - Software Composition Analysis
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Effectiveness - Software Composition Analysis
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Documentation
Not enough data
7.7
35
Not enough data
7.6
35
Not enough data
8.2
36
Security
Not enough data
6.9
33
Not enough data
7.0
32
Not enough data
7.9
33
Risk management - Application Security Posture Management (ASPM)
Not enough data
9.3
5
Not enough data
8.7
5
Not enough data
9.0
5
Not enough data
8.9
6
Integration and efficiency - Application Security Posture Management (ASPM)
Not enough data
7.8
6
Not enough data
8.6
6
Reporting and Analytics - Application Security Posture Management (ASPM)
Not enough data
7.8
6
Not enough data
Not enough data
Not enough data
8.3
5
Agentic AI - Application Security Posture Management (ASPM)
Not enough data
Not enough data
Not enough data
Not enough data
Functionality - Software Bill of Materials (SBOM)
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Management - Software Bill of Materials (SBOM)
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
AI Compliance
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Risk Management & Monitoring
Not enough data
Not enough data
Not enough data
Not enough data
AI Lifecycle Management
Not enough data
Not enough data
Access Control and Security
Not enough data
Not enough data
Collaboration and Communication
Not enough data
Not enough data
Agentic AI - AI Governance Tools
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Agentic AI - Static Code Analysis
Not enough data
6.3
8
Not enough data
5.7
7
Not enough data
6.7
8
Cloud Visibility
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Security
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Identity
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Categories
Categories
Shared Categories
OpenText Static Application Security Testing and SonarQube are categorized as Static Code Analysis and Static Application Security Testing (SAST)
Unique Categories
OpenText Static Application Security Testing has no unique categories
Reviews
Reviewers' Company Size
OpenText Static Application Security Testing
Small-Business(50 or fewer emp.)
Mid-Market(51-1000 emp.)
Enterprise(> 1000 emp.)
SonarQube
Small-Business(50 or fewer emp.)
Mid-Market(51-1000 emp.)
Enterprise(> 1000 emp.)
Small-Business
(50 or fewer emp.)
Mid-Market
(51-1000 emp.)
Enterprise
(> 1000 emp.)
Reviewers' Industry
Financial Services
23.8%
Banking
19.0%
Information Technology and Services
14.3%
Computer Software
14.3%
Computer & Network Security
9.5%
Other
19.0%
Information Technology and Services
26.6%
Computer Software
21.8%
Financial Services
6.5%
Hospital & Health Care
3.2%
Computer & Network Security
3.2%
Other
38.7%
Discussions
will provide Video training course for this tool?
1 Comment
SH
Micro Focus has a comprehensive set of free training tools! Check out this one on SCA...Read more
What are the main components of Fortify?
1 Comment
VC
Fortify SSC server
Fortify scan software for windows or Linux Read more
OpenText Static Application Security Testing has no more discussions with answers
SonarQube has no discussions with answers
Hunting for software insights?
With over 3 million reviews, we can provide the specific details that help you make an informed software buying decision for your business. Finding the right product is important, let us help.
