OpenText Dynamic Application Security Testing vs StackHawk comparison

OpenText and StackHawk are both solutions in the Dynamic Application Security Testing (DAST) category. OpenText is ranked #3 with an average rating of 8.0, while StackHawk is ranked #8 with an average rating of 8.0. OpenText holds a 11.0% mindshare in DAST, compared to StackHawk’s 1.2% mindshare. Additionally, 83% of OpenText users are willing to recommend the solution, compared to 100% of StackHawk users who would recommend it.

OpenText Dynamic Applicatio...

Read 22 OpenText Dynamic Application Security Testing reviews

3,095 Views
1,145 Comparison Views

83% willing to recommend

StackHawk

Read 1 StackHawk review

167 Views
167 Comparison Views

100% willing to recommend

OpenText Dynamic Applicatio...

StackHawk

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Dec 28, 2025

OpenText Dynamic Application Security Testing and StackHawk are in the application security testing category. StackHawk has an edge due to its feature set and ease of adoption.

Features: OpenText Dynamic Application Security Testing provides comprehensive testing capabilities, supporting a wide range of application types, along with seamless integration into different development environments. StackHawk focuses on automated testing with a developer-friendly interface, enhancing continuous integration and continuous deployment. It stands out with speed and easy adoption.

Ease of Deployment and Customer Service: OpenText offers extensive deployment options with in-depth support beneficial for complex enterprise environments. StackHawk provides a streamlined deployment tailored for developers with responsive support, facilitating quick integration with existing workflows.

Pricing and ROI: OpenText has significant setup costs due to its extensive features, but offers a validated ROI through comprehensive coverage. StackHawk presents a lower upfront investment with pricing designed for quick returns, appealing to organizations of different sizes.

To learn more, read our detailed Dynamic Application Security Testing (DAST) Report (Updated: January 2026).

Buyer's Guide

Dynamic Application Security Testing (DAST)

January 2026

Download the complete report

Helped 881,707 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

OpenText Dynamic Applicatio...

Ranking in Dynamic Application Security Testing (DAST)

3rd

Average Rating

7.2

Reviews Sentiment

6.1

Number of Reviews

Ranking in other categories

DevSecOps (9th)

StackHawk

Ranking in Dynamic Application Security Testing (DAST)

8th

Average Rating

8.0

Reviews Sentiment

2.2

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of February 2026, in the Dynamic Application Security Testing (DAST) category, the mindshare of OpenText Dynamic Application Security Testing is 11.0%, up from 9.5% compared to the previous year. The mindshare of StackHawk is 1.2%, up from 0.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Dynamic Application Security Testing (DAST) Market Share Distribution
Product	Market Share (%)
OpenText Dynamic Application Security Testing	11.0%
StackHawk	1.2%
Other	87.8%

Dynamic Application Security Testing (DAST)

Featured Reviews

ArnabPaul

Cyber Security Consultant at a tech vendor with 10,001+ employees

Enhancements in manual testing align with reporting and integration features

WebInspect works efficiently with Java-based or .NET based applications. However, it struggles with Salesforce applications, where it requires approximately 20-24 hours to crawl and audit but produces minimal findings, necessitating manual verification. The solution offers customization features for crawling and vulnerability detection. It includes various security frameworks and allows selection of specific vulnerability types to audit, such as OWASP Top 10 or JavaScript-based vulnerabilities. When working with APIs, we can select OWASP API Top 10. The tool also supports custom audit features by combining different security frameworks. For on-premises deployment, the setup is complex, particularly regarding SQL server configuration. Unlike Burp Suite or OpenText Dynamic Application Security Testing, which have simpler setup processes, WebInspect requires SQL server setup to function.

Read full review

reviewer2795271

Manager Sec Ops at a real estate/law firm with 501-1,000 employees

Automated security checks have transformed PCI compliance and provide unified vulnerability insights

I cannot think of anything I would add to StackHawk, with the possible exception of adding any additional code bases that might be out there. I am thinking about a situation where a company might be in mergers and acquisitions mode and they onboard a company that has developed an application in a code base that is not covered by StackHawk, which would introduce some inefficiency and possible compliance difficulties. It would be great if StackHawk were continuously adding more and more languages and integrations. On a scale of one to ten, I would rate StackHawk an eight, only because I wish the product was a little less expensive. It also is running into direct competition with Snyk, as they did an acquisition of another DAST company, and they should be sensitive to that and possibly offer a discount for current users because it would be under consideration to move to Snyk and reduce complexity even if it was by a little bit.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"I've found the centralized dashboard the most valuable. For the management, it helps a lot to have abilities at the central level."

"It is scalable and very easy to use."

"The accuracy of its scans is great."

"The tool provides comprehensive vulnerability assessments which help ensure our deliverables are as free from vulnerabilities as possible. It has also streamlined our web application vulnerability assessments, assisting us in delivering secure applications to our clients."

"The solution's technical support was very helpful."

"The solution is easy to use."

"Guided Scan option allows us to easily scan and share reports."

"Technical support has been good."

More OpenText Dynamic Application Security Testing pros

"StackHawk has positively impacted my organization by introducing an automated process that did not exist previously, and it helped the company achieve PCI certification."

Cons

"We have often encountered scanning errors."

"One thing I would like to see them introduce is a cloud-based platform."

"The main area for improvement in Fortify WebInspect is the price, as it is too high compared to the market rate."

"Fortify WebInspect could improve user-friendliness. Additionally, it is very bulky to use."

"There are some file extensions, like .SER, that Fortify WebInspect doesn't scan."

"Fortify WebInspect's shortcoming stems from the fact that it is a very expensive product in Korea, which makes it difficult for its potential customers to introduce the product in their IT environment."

"Creating reports is very slow and it is something that should be improved."

"I want to enhance automation. Currently, Fortify WebInspect can scan and find vulnerabilities, but users with specific skills need to interpret the results and understand how to address them."

More OpenText Dynamic Application Security Testing cons

"On a scale of one to ten, I would rate StackHawk an eight, only because I wish the product was a little less expensive."

Pricing and Cost Advice

"The pricing is not clear and while it is not high, it is difficult to understand."

"Fortify WebInspect is a very expensive product."

"It’s a fair price for the solution."

"This solution is very expensive."

"Its price is almost similar to the price of AppScan. Both of them are very costly. Its price could be reduced because it can be very costly for unlimited IT scans, etc. I'm not sure, but it can go up to $40,000 to $50,000 or more than that."

"The price is okay."

"Our licensing is such that you can only run one scan at a time, which is inconvenient."

Information not available

See which vendors are best for you

Use our free recommendation engine to learn which Dynamic Application Security Testing (DAST) solutions are best for your needs.

See recommendations

881,707 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Government

15%

Financial Services Firm

14%

Manufacturing Company

10%

Computer Software Company

No data available

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	7
Midsize Enterprise	1
Large Enterprise	15

No data available

Questions from the Community

What is your experience regarding pricing and costs for Fortify WebInspect?

While I am not directly involved with licensing, I can share that our project's license for 1-9 applications costs between $15,000 to $19,000. In comparison, Burp Suite costs approximately $500 to ...

See all answers

What needs improvement with Fortify WebInspect?

See all answers

What is your primary use case for Fortify WebInspect?

I am currently working with several tools. For Fortify, I use SCA and WebInspect. Apart from that, I use Burp Suite from PortSwigger. For API testing, I use Postman with Burp Suite or WebInspect fo...

See all answers

What needs improvement with StackHawk?

See all answers

What is your primary use case for StackHawk?

My main use case for StackHawk is primarily as a PCI requirement for DAST. As a quick specific example of how I use StackHawk for that PCI requirement, it is one of the controls that sits alongside...

See all answers

What advice do you have for others considering StackHawk?

StackHawk is deployed in my organization in the public cloud using the configuration on their site. I use AWS as my cloud provider. I rate this product an eight out of ten.

See all answers

Comparisons

PortSwigger Burp Suite Professional vs OpenText Dynamic Application Security Testing

Compared 21% of the time

Checkmarx One vs OpenText Dynamic Application Security Testing

Compared 7% of the time

OWASP Zap vs OpenText Dynamic Application Security Testing

Compared 5% of the time

Veracode vs OpenText Dynamic Application Security Testing

Compared 5% of the time

Acunetix vs OpenText Dynamic Application Security Testing

Compared 5% of the time

More OpenText Dynamic Application Security Testing Competitors

Rapid7 InsightAppSec vs StackHawk

Compared 41% of the time

More StackHawk Competitors

Product Reports

Buyer's Guide

OpenText Dynamic Application Security Testing

January 2026

OpenText Dynamic Application Security Testing report

Download OpenText Dynamic Application Security Testing product report

Buyer's Guide

Dynamic Application Security Testing (DAST)

January 2026

Download StackHawk product report

Also Known As

Micro Focus WebInspect, WebInspect

No data available

Overview

OpenText Dynamic Application Security Testing offers robust scalability, ease of use, and high accuracy in scanning, making it a valuable tool for enterprises.

This security testing platform is known for its centralized dashboard, guided scans, and comprehensive reporting. It integrates seamlessly with tools like Fortify code scanner and supports extensive vulnerability detection and analysis, enhancing efficiency in security management. Despite its strengths, users suggest improvements in cloud integration, cost-effectiveness, and installation processes. Faster scans, reduced false positives, and improved mobile testing features are also desired.

What are the key features of OpenText Dynamic Application Security Testing?

Scalability: Easily adapts to changing enterprise needs.
Ease of Use: User-friendly interface with guided scans.
Comprehensive Reporting: Detailed vulnerability analysis and reporting.
Integration Capabilities: Works with Fortify code scanner and user authentication scanning.
Wide Vulnerability Detection: Identifies extensive security vulnerabilities.

What benefits should users expect from reviews?

Efficient Vulnerability Management: Streamlines security management in development environments.
Detailed Analysis: Provides in-depth insights into security issues.
Quick Setup: Easy to deploy within existing systems.
Enterprise Preference: Supports enterprise environments efficiently.

In industries like BFSI, OpenText Dynamic Application Security Testing is employed for performance network application testing, dynamic and static application security testing, and code checks. Security and QA teams use it in development processes to ensure application security prior to release, proving integral in both enterprise and testing environments.

OpenText

Rolling out DevSecOps within an organization requires security tools that fit into existing engineering workflows. From scan kickoffs to findings alerts to backlog prioritization, your DAST tooling should tie in with your engineering stack. StackHawk is built for modern delivery teams and their tools.

StackHawk

Sample Customers

Aaron's

Information Not Available

Buyer's Guide

Dynamic Application Security Testing (DAST)

January 2026

Download Free Report

Find out what your peers are saying about Veracode, Checkmarx, OpenText and others in Dynamic Application Security Testing (DAST). Updated: January 2026.

DOWNLOAD NOW

881,707 professionals have used our research since 2012.

See our list of best Dynamic Application Security Testing (DAST) vendors.

We monitor all Dynamic Application Security Testing (DAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.