# OpenText Static Application Security Testing vs Semgrep Comparison | | OpenText Static Application Security Testing | Semgrep | |---|---|---| | **Star Rating** | 4.5 out of 5 | 4.6 out of 5 | | **Total Reviews** | 24 | 55 | | **Largest Market Segment** | Enterprise (47.6% of reviews) | Enterprise (46.3% of reviews) | | **Entry Level Price** | No pricing available | Starting at $40.00 1 contributor Per Month | --- ## Top Pros & Cons ### OpenText Static Application Security Testing Pros: - Easy Integrations (1 reviews) - Integrations (1 reviews) Cons: - False Positives (1 reviews) ### Semgrep Pros: - Ease of Use (16 reviews) - Features (14 reviews) Cons: - Not User-Friendly (7 reviews) - Limited Features (6 reviews) --- ## Ratings Comparison | Rating | OpenText Static Application Security Testing | Semgrep | |---|---|---| | **Meets Requirements** | 8.3 (15 reviews) | 8.8 (49 reviews) | | **Ease of Use** | 8.7 (15 reviews) | 9.1 (50 reviews) | | **Ease of Setup** | 8.3 (9 reviews) | 9.4 (37 reviews) | | **Ease of Admin** | 8.1 (9 reviews) | 9.1 (22 reviews) | | **Quality of Support** | 8.7 (15 reviews) | 8.8 (44 reviews) | | **Has the product been a good partner in doing business?** | 8.5 (9 reviews) | 9.6 (22 reviews) | | **Product Direction (% positive)** | 9.1 (13 reviews) | 9.2 (45 reviews) | --- ## Pricing ### OpenText Static Application Security Testing #### Entry-Level Pricing No pricing available #### Free Trial No information available ### Semgrep #### Entry-Level Pricing Plan: Semgrep Code, Supply Chain, and Secrets Detection Price: Starting at $40.00 1 contributor Per Month Description: Extensible AppSec for growing teams. Choose from Code (SAST), Supply Chain (SCA), and Secrets Detection to eliminate noise out of the box, streamline developer workflows, and give security teams full visibility. Key Features: - Choose from SAST, SCA, and Secrets Detection - Pro Rules and cross-file analysis - AI Assistant [Learn more about Semgrep](https://www.g2.com/products/semgrep/reviews) #### Free Trial Yes --- ## Features Comparison By Category ### Static Application Security Testing (SAST) | Product | Score | Reviews | |---|---|---| | **OpenText Static Application Security Testing** | 8.1/10 | 13 | | **Semgrep** | 8.4/10 | 22 | #### Administration | Feature | OpenText Static Application Security Testing | Semgrep | |---|---|---| | **API / Integrations** | 8.9 (9 reviews) | 9.0 (18 reviews) | | **Extensibility** | 8.7 (10 reviews) | 8.2 (17 reviews) | #### Analysis | Feature | OpenText Static Application Security Testing | Semgrep | |---|---|---| | **Reporting and Analytics** | 8.3 (11 reviews) | 8.4 (19 reviews) | | **Issue Tracking** | 8.0 (11 reviews) | 9.2 (22 reviews) | | **Static Code Analysis** | 8.8 (11 reviews) | 9.4 (22 reviews) | | **Code Analysis** | 8.5 (10 reviews) | 9.2 (22 reviews) | #### Testing | Feature | OpenText Static Application Security Testing | Semgrep | |---|---|---| | **Command-Line Tools** | 8.1 (9 reviews) | 8.7 (20 reviews) | | **Manual Testing** | 6.9 (9 reviews) | Feature Not Available | | **Test Automation** | 8.7 (10 reviews) | Feature Not Available | | **Compliance Testing** | 8.5 (8 reviews) | 7.7 (17 reviews) | | **Black-Box Scanning** | 7.0 (9 reviews) | 7.5 (18 reviews) | | **Detection Rate** | 8.3 (9 reviews) | 8.1 (19 reviews) | | **False Positives** | 6.2 (11 reviews) | 7.3 (21 reviews) | #### Agentic AI - Static Application Security Testing (SAST) | Feature | OpenText Static Application Security Testing | Semgrep | |---|---|---| | **Autonomous Task Execution** | Not enough data | 7.9 (11 reviews) | ### Dynamic Application Security Testing (DAST) | Product | Score | Reviews | |---|---|---| | **OpenText Static Application Security Testing** | N/A | N/A | | **Semgrep** | N/A | N/A | #### Administration | Feature | OpenText Static Application Security Testing | Semgrep | |---|---|---| | **API / Integrations** | Not enough data | Feature Not Available | | **Extensibility** | Not enough data | Feature Not Available | #### Analysis | Feature | OpenText Static Application Security Testing | Semgrep | |---|---|---| | **Reporting and Analytics** | Not enough data | Not enough data | | **Issue Tracking** | Not enough data | Not enough data | | **Static Code Analysis** | Not enough data | Not enough data | | **Vulnerability Scan** | Not enough data | Not enough data | | **Code Analysis** | Not enough data | Not enough data | #### Testing | Feature | OpenText Static Application Security Testing | Semgrep | |---|---|---| | **Manual Testing** | Not enough data | Feature Not Available | | **Test Automation** | Not enough data | Feature Not Available | | **Compliance Testing** | Not enough data | Feature Not Available | | **Black-Box Scanning** | Not enough data | Not enough data | | **Detection Rate** | Not enough data | Not enough data | | **False Positives** | Not enough data | Not enough data | ### Vulnerability Scanner | Product | Score | Reviews | |---|---|---| | **OpenText Static Application Security Testing** | N/A | N/A | | **Semgrep** | 8.1/10 | 12 | #### Performance | Feature | OpenText Static Application Security Testing | Semgrep | |---|---|---| | **Issue Tracking** | Not enough data | 8.2 (12 reviews) | | **Detection Rate** | Not enough data | 8.0 (11 reviews) | | **False Positives** | Not enough data | 8.0 (11 reviews) | | **Automated Scans** | Not enough data | 9.0 (10 reviews) | #### Network | Feature | OpenText Static Application Security Testing | Semgrep | |---|---|---| | **Compliance Testing** | Not enough data | 8.5 (10 reviews) | | **Perimeter Scanning** | Not enough data | 7.8 (10 reviews) | | **Configuration Monitoring** | Not enough data | 8.0 (10 reviews) | #### Application | Feature | OpenText Static Application Security Testing | Semgrep | |---|---|---| | **Manual Application Testing** | Not enough data | Feature Not Available | | **Static Code Analysis** | Not enough data | 8.9 (11 reviews) | | **Black Box Testing** | Not enough data | 8.5 (11 reviews) | #### Agentic AI - Vulnerability Scanner | Feature | OpenText Static Application Security Testing | Semgrep | |---|---|---| | **Autonomous Task Execution** | Not enough data | 6.9 (6 reviews) | | **Proactive Assistance** | Not enough data | 7.5 (6 reviews) | ### Software Composition Analysis | Product | Score | Reviews | |---|---|---| | **OpenText Static Application Security Testing** | N/A | N/A | | **Semgrep** | 8.4/10 | 18 | #### Functionality - Software Composition Analysis | Feature | OpenText Static Application Security Testing | Semgrep | |---|---|---| | **Language Support** | Not enough data | 8.4 (18 reviews) | | **Integration** | Not enough data | 8.2 (18 reviews) | | **Transparency** | Not enough data | 8.5 (18 reviews) | #### Effectiveness - Software Composition Analysis | Feature | OpenText Static Application Security Testing | Semgrep | |---|---|---| | **Remediation Suggestions** | Not enough data | 8.5 (18 reviews) | | **Continuous Monitoring** | Not enough data | 8.3 (18 reviews) | | **Thorough Detection** | Not enough data | 8.3 (18 reviews) | ### Secure Code Review | Product | Score | Reviews | |---|---|---| | **OpenText Static Application Security Testing** | N/A | N/A | | **Semgrep** | 8.4/10 | 21 | #### Documentation | Feature | OpenText Static Application Security Testing | Semgrep | |---|---|---| | **Feedback** | Not enough data | 8.9 (19 reviews) | | **Prioritization** | Not enough data | 9.3 (20 reviews) | | **Remediation Suggestions** | Not enough data | 8.2 (20 reviews) | #### Security | Feature | OpenText Static Application Security Testing | Semgrep | |---|---|---| | **False Positives** | Not enough data | 7.4 (21 reviews) | | **Custom Compliance** | Not enough data | 7.9 (17 reviews) | | **Agility** | Not enough data | 8.9 (17 reviews) | ### Static Code Analysis | Product | Score | Reviews | |---|---|---| | **OpenText Static Application Security Testing** | N/A | N/A | | **Semgrep** | 7.7/10 | 10 | #### Agentic AI - Static Code Analysis | Feature | OpenText Static Application Security Testing | Semgrep | |---|---|---| | **Adaptive Learning** | Not enough data | 7.7 (10 reviews) | | **Natural Language Interaction** | Not enough data | 7.6 (9 reviews) | | **Proactive Assistance** | Not enough data | 7.7 (10 reviews) | ### AI AppSec Assistants | Product | Score | Reviews | |---|---|---| | **OpenText Static Application Security Testing** | N/A | N/A | | **Semgrep** | N/A | N/A | #### Performance - AI AppSec Assistants | Feature | OpenText Static Application Security Testing | Semgrep | |---|---|---| | **Remediation** | Not enough data | Not enough data | | **Real-time Vulnerability Detection** | Not enough data | Not enough data | | **Accuracy** | Not enough data | Not enough data | #### Integration - AI AppSec Assistants | Feature | OpenText Static Application Security Testing | Semgrep | |---|---|---| | **Stack Integration** | Not enough data | Not enough data | | **Workflow Integration** | Not enough data | Not enough data | | **Codebase Contextual Awareness** | Not enough data | Not enough data | ### Interactive Application Security Testing (IAST) | Product | Score | Reviews | |---|---|---| | **OpenText Static Application Security Testing** | N/A | N/A | | **Semgrep** | N/A | N/A | #### Agentic AI - Interactive Application Security Testing (IAST) | Feature | OpenText Static Application Security Testing | Semgrep | |---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | --- ## Categories **Shared Categories (2):** [Static Code Analysis Tools](https://www.g2.com/categories/static-code-analysis), [Static Application Security Testing (SAST) Software](https://www.g2.com/categories/static-application-security-testing-sast) **Unique to Semgrep (6):** [AI AppSec Assistants](https://www.g2.com/categories/ai-appsec-assistants), [Software Composition Analysis Tools](https://www.g2.com/categories/software-composition-analysis), [Vulnerability Scanner Software](https://www.g2.com/categories/vulnerability-scanner), [Secure Code Review Software](https://www.g2.com/categories/secure-code-review), [Interactive Application Security Testing (IAST) Software](https://www.g2.com/categories/interactive-application-security-testing-iast), [Dynamic Application Security Testing (DAST) Software](https://www.g2.com/categories/dynamic-application-security-testing-dast) --- ## Reviewer Demographics ### By Company Size | Segment | OpenText Static Application Security Testing | Semgrep | |---|---|---| | **Small-Business** | 28.6% | 11.1% | | **Mid-Market** | 23.8% | 42.6% | | **Enterprise** | 47.6% | 46.3% | ### By Industry #### OpenText Static Application Security Testing - **Financial Services:** 23.8% - **Banking:** 19.0% - **Information Technology and Services:** 14.3% - **Computer Software:** 14.3% - **Computer & Network Security:** 9.5% - **Consulting:** 4.8% - **Hospital & Health Care:** 4.8% - **Higher Education:** 4.8% - **Automotive:** 4.8% #### Semgrep - **Information Technology and Services:** 24.1% - **Computer Software:** 20.4% - **Financial Services:** 16.7% - **Computer & Network Security:** 5.6% - **Semiconductors:** 5.6% - **Manufacturing:** 5.6% - **Insurance:** 3.7% - **International Affairs:** 1.9% - **Information Services:** 1.9% - **Hospital & Health Care:** 1.9% - **Other:** 13.0% --- ## Alternatives ### Alternatives to OpenText Static Application Security Testing - [SonarQube](https://www.g2.com/products/sonarqube/reviews) — 4.4/5 stars (141 reviews) - [Coverity](https://www.g2.com/products/coverity/reviews) — 4.2/5 stars (55 reviews) - [Checkmarx](https://www.g2.com/products/checkmarx/reviews) — 4.2/5 stars (40 reviews) - [GitHub](https://www.g2.com/products/github/reviews) — 4.7/5 stars (2363 reviews) - [GitLab](https://www.g2.com/products/gitlab/reviews) — 4.5/5 stars (894 reviews) - [Mend.io](https://www.g2.com/products/mend-io/reviews) — 4.3/5 stars (112 reviews) - [Snyk](https://www.g2.com/products/snyk/reviews) — 4.5/5 stars (132 reviews) - [Veracode Application Security Platform](https://www.g2.com/products/veracode-application-security-platform/reviews) — 3.8/5 stars (26 reviews) - [Klocwork](https://www.g2.com/products/klocwork/reviews) — 4.4/5 stars (23 reviews) - [HCL AppScan](https://www.g2.com/products/hcl-appscan/reviews) — 4.1/5 stars (76 reviews) ### Alternatives to Semgrep - [SonarQube](https://www.g2.com/products/sonarqube/reviews) — 4.4/5 stars (141 reviews) - [Snyk](https://www.g2.com/products/snyk/reviews) — 4.5/5 stars (132 reviews) - [GitHub](https://www.g2.com/products/github/reviews) — 4.7/5 stars (2363 reviews) - [GitLab](https://www.g2.com/products/gitlab/reviews) — 4.5/5 stars (894 reviews) - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) — 4.7/5 stars (801 reviews) - [Red Hat Ansible Automation Platform](https://www.g2.com/products/red-hat-ansible-automation-platform/reviews) — 4.6/5 stars (377 reviews) - [Replit](https://www.g2.com/products/replit/reviews) — 4.5/5 stars (357 reviews) - [Microsoft Defender for Cloud](https://www.g2.com/products/microsoft-defender-for-cloud/reviews) — 4.4/5 stars (310 reviews) - [GitHub Copilot](https://www.g2.com/products/github-copilot/reviews) — 4.5/5 stars (312 reviews) - [Tenable Nessus](https://www.g2.com/products/tenable-nessus/reviews) — 4.5/5 stars (302 reviews) --- ## Top Discussions ### OpenText Static Application Security Testing - Title: [What are the main components of Fortify?](https://www.g2.com/discussions/fortify-static-code-analyzer-what-are-the-main-components-of-fortify) — 1 comment > **Top comment:** "Fortify SSC server Fortify scan software for windows or Linux " - Title: [will provide Video training course for this tool?](https://www.g2.com/discussions/49959-will-provide-video-training-course-for-this-tool) — 1 comment, 1 upvote > **Top comment:** "Micro Focus has a comprehensive set of free training tools! Check out this one on SCA..." ### Semgrep No discussions available for this product. --- **Source:** [G2.com](https://www.g2.com) | [Comparison Page](https://www.g2.com/compare/opentext-static-application-security-testing-vs-semgrep)