Try our new research platform with insights from 80,000+ expert users

OpenText Core Application Security vs Polyspace Code Prover comparison

OpenText and MathWorks are both solutions in the Application Security Tools category. OpenText is ranked #13 with an average rating of 7.3, while MathWorks is ranked #26 with an average rating of 6.5. OpenText holds a 3.2% mindshare in AS, compared to MathWorks’s 1.3% mindshare. Additionally, 90% of OpenText users are willing to recommend the solution, compared to 85% of MathWorks users who would recommend it.
OpenText Core Application S...
Read 64 OpenText Core Application Security reviews
  • 6,712 Views
  • 4,967 Comparison Views
90% willing to recommend
Polyspace Code Prover
Read 7 Polyspace Code Prover reviews
  • 2,475 Views
  • 1,807 Comparison Views
85% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Dec 28, 2025

OpenText Core Application Security and Polyspace Code Prover both compete in the application security domain, focusing on different aspects. Based on features, OpenText has an advantage with its comprehensive application security view, while Polyspace shines in specialized safety-critical and runtime issues.

Features: OpenText Core Application Security includes static and dynamic scanning, real-time updates, and central testing management. It aids in rapid compliance, risk reduction, and integration flexibility. Polyspace Code Prover is designed for functional safety, detecting overflow or division errors through code execution and smoothly integrating into automotive and embedded software environments, critical for safety assurance.

Room for Improvement: OpenText Core Application Security could improve in reporting visuals, reducing false positives, and expanding language support. Challenges also exist in integrating with incident management. Polyspace Code Prover needs enhancements in automation, speed, and scalability, particularly for large systems, and could improve flexibility in runtime analysis and false positive reduction.

Ease of Deployment and Customer Service: OpenText Core Application Security provides flexible deployment options, including both on-premises and cloud solutions. Polyspace mainly focuses on on-premises deployment with limited cloud options, which might restrict flexibility. OpenText's customer service experiences vary, while Polyspace generally offers timely problem resolution.

Pricing and ROI: OpenText Core Application Security is priced on the higher end but offers great security returns and flexible pricing to suit diverse setups. Polyspace Code Prover's cost is justified by its specialized safety-critical capabilities, providing significant value in high-assurance-level industries.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed OpenText Core Application Security vs. Polyspace Code Prover Report (Updated: March 2026).
Buyer's Guide
OpenText Core Application Security vs. Polyspace Code Prover
March 2026
Download the complete report
Helped 884,797 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

OpenText Core Application S...
Ranking in Application Security Tools
13th
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
64
Ranking in other categories
Static Application Security Testing (SAST) (12th)
Polyspace Code Prover
Ranking in Application Security Tools
26th
Average Rating
7.2
Reviews Sentiment
2.3
Number of Reviews
7
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of March 2026, in the Application Security Tools category, the mindshare of OpenText Core Application Security is 3.2%, down from 4.5% compared to the previous year. The mindshare of Polyspace Code Prover is 1.3%, up from 1.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools Mindshare Distribution
ProductMindshare (%)
OpenText Core Application Security3.2%
Polyspace Code Prover1.3%
Other95.5%
Application Security Tools
 

Featured Reviews

Himanshu_Tyagi - PeerSpot reviewer
Himanshu_Tyagi
Lead Cybersecurity at TBO
Supports secure development pipelines and improves issue detection but limits internal visibility and needs broader dashboard integration
If you have an internal team and you want your internal team to validate false positives, basically to determine whether it's a valid issue or an invalid issue, then I wouldn't recommend it much. That was the only reason we migrated from Fortify on Demand to another solution. Fortify has another tool which is Fortify WebInspect. On Demand is the outsourcing solution, and WebInspect you can use with your in-house team, which is basically the product developed by the Fortify team. For automated scanning, Fortify helps a lot. Regarding the visibility for the internal team, everyone is moving toward the DevSecOps side, and Fortify team has made good progress that you can integrate into your CICD pipeline. One thing I would highlight is if Fortify can focus more on the centralized dashboard of the tools because nowadays, tools such as SentinelOne also exist for identifying security issues, but they have a centralized dashboard that merges their cloud solution and application security side solution together. If you have one tool that works for different solutions, it helps a lot. They are doing good, but they should invest more on the AI side as well because AI security is evolving these days. On the cloud side, they have already made good progress, but I believe they should explore the new area related to AI security as well.
Read full review
reviewer2760282 - PeerSpot reviewer
reviewer2760282
General Manager at a manufacturing company with 10,001+ employees
Has struggled with performance and integration but supports critical safety verification
Execution speed of the tests and generally the integration into AWS-driven CI work chains or workflows represent how it can be improved in my opinion. Performance issues plus license costs are two main driving factors. The CI environments that we use employ up to around 40,000 virtual CPUs per day in peak, running at the same time. We always have problems distributing licenses accordingly with other products. I can talk to the experts doing the integration, but as far as I know, I was involved with Polyspace Code Prover and we had a lot of difficulties integrating it into our Bazel-driven CI toolchain, plus integrating it on the AWS environments in Linux that we use. It was much more straightforward using Code Sonar there. The reason is the execution speed, integration with Azure and stuff, and pricing. The CI integration and maybe a better-suited license model for CI-driven execution are other areas I recommend improving. That's something we discussed with all of the software companies whose products we use, such as compilers. We have a lot of parallel builds, and each call to a license server is actually problematic in the long run.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The source code analyzer is the most effective for identifying security vulnerabilities."
"Micro Focus WebInspect and Fortify code analysis tools are fully integrated with SSC portals and can instantly register to error tracking systems, like TFS and JIRA."
"Fortify on Demand is a very good service which can be used by any organization when they are building a team because it identifies security vulnerabilities early in the software development life cycle and provides good visibility into issues in cloud-hosted applications."
"The features that I have found most valuable include its security scan, the vulnerability finds, and the web interface to search and review the issues."
"The most valuable features are the server, scanning, and it has helped identify issues with the security analysis."
"We have the option to test applications with or without credentials."
"The best features with Fortify on Demand include having analysis for any product based on analysis points."
"I don’t know of any other On-Demand enterprise solution like this one where we can load the details and within a few days, receive the results of intrusion attacks, and work with HP Security Experts when needed for clarification"
More OpenText Core Application Security pros
"Polyspace Code Prover is a very user-friendly tool."
"Polyspace Code Prover has made me realize it differs from other static code analysis tools because it runs the code. So it's quite distinct in that aspect."
"The product detects memory corruptions."
"Efficiency and speed are the advantages I see in Code Sonar over Polyspace Code Prover."
"The outputs are very reliable."
"When we work on safety modules, it is mandatory to fulfill ISO 26262 compliance. Using Prover helps fulfill the standard on top of many other quality checks, like division by zero, data type casts, and null pointer dereferences."
 

Cons

"If you have an internal team and you want your internal team to validate false positives, basically to determine whether it's a valid issue or an invalid issue, then I wouldn't recommend it much."
"Reporting could be improved."
"They have a release coming out, which is full of new features. Based on their roadmap, there's nothing that I would suggest for them to put in it that they haven't already suggested. However, I am a customer, so I always think the pricing is something that could be improved. I am working with them on that, and they're very flexible. They work with their customers and kind of tailor the product to the customer's needs. So far, I am very happy with what they're able to provide. Their subscriptions could use a little bit of a reworking, but that would be about it."
"We want a user-based control and role-based access for developers. We want to give limited access to developers so that it only pertains to the code that they write and scanning of the codes for any vulnerabilities as they're progressing with writing the code. As of now, the interface to give restricted access to the developers is not the best. It gives them more access than what is basically required, but we don't want over-provisioning and over-access."
"This solution would be improved if the code-quality perspective were added to it, on top of the security aspect."
"There's a bit of a learning curve. Our development team is struggling with following the rules and following the new processes."
"Micro Focus Fortify on Demand could improve the user interface by making it more user-friendly."
"In terms of what could be improved, we need more strategic analysis reports, not just for one specific application, but for the whole enterprise. In the next release, we need more reports and more analytic views for all the applications. There is no enterprise view in Fortify. I would like enterprise views and reports."
More OpenText Core Application Security cons
"Automation could be a challenge."
"Using Code Prover on large applications crashes sometimes."
"Because we had difficulties in efficiently integrating Polyspace Code Prover into our CI toolchain, these tests are mostly run manually and only occasionally."
"I'd like the data to be taken from any format."
"The tool has some stability issues."
"One of the main disadvantages is the time it takes to initiate the first run."
 

Pricing and Cost Advice

"The licensing was good because the licenses have the heavy centralized server."
"We used the one-time application, Security Scan Dynamic. I believe the original fee was $8,000."
"If I exceed one million lines of code, there might be an extra cost or a change in the pricing bracket."
"There are different costs for Micro Focus Fortify on Demand depending on the assessments you want to use. There is only a standard license needed to use the solution."
"Micro Focus Fortify on Demand licenses are managed by our IT team and the license model is user-based."
"The product's cost depends on the type of license."
"We are still using the trial version at this point but I can already see from the trial version alone that it is a good product. For others, I would say that Fortify on Demand might look expensive at the beginning, but it is very powerful and so you shouldn't be put off by the price."
"Fortify on Demand is affordable, and its licensing comes with a year of support."
More OpenText Core Application Security pricing and cost advice
"We use the paid version."
report
See which vendors are best for you
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
See recommendations
884,797 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Manufacturing Company
14%
Government
8%
Computer Software Company
7%
Manufacturing Company
37%
Computer Software Company
8%
Aerospace/Defense Firm
6%
Healthcare Company
4%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business18
Midsize Enterprise8
Large Enterprise45
By reviewers
Company SizeCount
Midsize Enterprise1
Large Enterprise6
 

Questions from the Community

What do you like most about Micro Focus Fortify on Demand?
It helps deploy and track changes easily as per time-to-time market upgrades.
See all answers
What is your experience regarding pricing and costs for Micro Focus Fortify on Demand?
In comparison with other tools, they're competitive. It is not more expensive than other solutions, but their pricing is competitive. The licenses for Fortify On Demand are generally bought in unit...
See all answers
What needs improvement with Micro Focus Fortify on Demand?
If you have an internal team and you want your internal team to validate false positives, basically to determine whether it's a valid issue or an invalid issue, then I wouldn't recommend it much. T...
See all answers
What needs improvement with Polyspace Code Prover?
Execution speed of the tests and generally the integration into AWS-driven CI work chains or workflows represent how it can be improved in my opinion. Performance issues plus license costs are two ...
See all answers
What is your primary use case for Polyspace Code Prover?
It is validation for Functional Safety applications in automotive.
See all answers
What advice do you have for others considering Polyspace Code Prover?
We are actually trying to consolidate everything into one solution. To reduce, that might also be a new solution, but we're not currently actively looking for that. It's just that we'd prefer to fi...
See all answers
 

Comparisons

SonarQube vs OpenText Core Application Security Logo
SonarQube vs OpenText Core Application Security
Compared 20% of the time
Checkmarx One vs OpenText Core Application Security Logo
Checkmarx One vs OpenText Core Application Security
Compared 10% of the time
Veracode vs OpenText Core Application Security Logo
Veracode vs OpenText Core Application Security
Compared 5% of the time
Coverity Static vs OpenText Core Application Security Logo
Coverity Static vs OpenText Core Application Security
Compared 5% of the time
More OpenText Core Application Security Competitors
Coverity Static vs Polyspace Code Prover Logo
Coverity Static vs Polyspace Code Prover
Compared 19% of the time
SonarQube vs Polyspace Code Prover Logo
SonarQube vs Polyspace Code Prover
Compared 14% of the time
Klocwork vs Polyspace Code Prover Logo
Klocwork vs Polyspace Code Prover
Compared 11% of the time
CodeSonar vs Polyspace Code Prover Logo
CodeSonar vs Polyspace Code Prover
Compared 7% of the time
Veracode vs Polyspace Code Prover Logo
Veracode vs Polyspace Code Prover
Compared 5% of the time
More Polyspace Code Prover Competitors
 

Product Reports

Buyer's Guide
OpenText Core Application Security
March 2026
OpenText Core Application Security reportDownload OpenText Core Application Security product report
Buyer's Guide
Polyspace Code Prover
March 2026
Polyspace Code Prover reportDownload Polyspace Code Prover product report
 

Also Known As

Micro Focus Fortify on Demand
No data available
 

Overview

OpenText Core Application Security offers robust features like static and dynamic scanning, real-time vulnerability tracking, and seamless integration with development platforms, designed to enhance code security and reduce operational costs.

OpenText Core Application Security is a cloud-based, on-demand service providing accurate and deep scanning capabilities with detailed reporting. Its integrations with development platforms ensure an enhanced security layer in the development lifecycle, benefiting users by lowering operational costs and facilitating efficient remediation. The platform addresses needs for intuitive interfaces, API support, and comprehensive vulnerability assessments, helping improve code security and accelerate time-to-market. Despite its strengths, challenges exist around false positives, report clarity, and language support, alongside confusing pricing and package options. Enhancements are sought in areas like CI/CD pipeline configuration, report visualization, scan times, and integration with third-party tools such as GitLab, container scanning, and software composition analysis.

What features define OpenText Core Application Security?
  • Static and Dynamic Scanning: Offers thorough analysis to identify vulnerabilities during development.
  • Real-time Vulnerability Tracking: Continuously updates and monitors potential security threats.
  • Seamless Development Platform Integration: Enhances security processes without disrupting workflows.
  • Cloud-Based Service: Provides flexible, on-demand security capabilities with accurate results.
  • API Support: Allows smooth integration and automation within existing systems.
What benefits should users look for in reviews?
  • Reduced Operational Costs: Optimizes resources by lowering costs associated with security management.
  • Efficient Remediation: Speeds up the process of identifying and resolving vulnerabilities.
  • Enhanced Code Security: Strengthens overall application security during the development lifecycle.
  • Accelerated Time-to-Market: Streamlines development stages by integrating essential security tools.

Industries like mobile applications, e-commerce, and banking leverage OpenText Core Application Security for its ability to identify vulnerabilities such as SQL injections. Integrating seamlessly with DevSecOps and security auditing processes, this tool supports developers in writing safer code, ensuring secure application deployment and enhancing software assurance.

OpenText

Polyspace Code Prover is a sound static analysis tool that proves the absence of overflow, divide-by-zero, out-of-bounds array access, and certain other run-time errors in C and C++ source code. It produces results without requiring program execution, code instrumentation, or test cases. Polyspace Code Prover uses semantic analysis and abstract interpretation based on formal methods to verify software interprocedural, control, and data flow behavior. You can use it on handwritten code, generated code, or a combination of the two. Each operation is color-coded to indicate whether it is free of run-time errors, proven to fail, unreachable, or unproven.

MathWorks
 

Sample Customers

SAP, Aaron's, British Gas, FICO, Cox Automative, Callcredit Information Group, Vital and more.
Alenia Aermacchi, CSEE Transport, Delphi Diesel Systems, EADS, Institute for Radiological Protection and Nuclear Safety, Korean Air, KOSTAL, Miracor, NASA Ames Research Center
Buyer's Guide
OpenText Core Application Security vs. Polyspace Code Prover
March 2026
Free Report: OpenText Core Application Security vs. Polyspace Code Prover
Find out what your peers are saying about OpenText Core Application Security vs. Polyspace Code Prover and other solutions. Updated: March 2026.
DOWNLOAD NOW
884,797 professionals have used our research since 2012.
See our OpenText Core Application Security vs. Polyspace Code Prover report.
See our list of best Application Security Tools vendors.

We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.