No more typing reviews! Try our Samantha, our new voice AI agent.

OpenText Core Application Security pros and cons

Vendor: OpenText

4.0 out of 5

64 reviews
90% willing to recommend

Pros & Cons summary

OpenText Core Application Security aids in early vulnerability detection during development, supporting various programming languages. It offers static and dynamic code analysis, detailed reports, and easy cloud-based implementation. However, it suffers from false positives, slow scanning, inadequate technical support, and limited integration with CI/CD tools like GitHub. Despite its capabilities, its high pricing makes it less appealing to tech buyers.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

OpenText Core Application Security helps identify security vulnerabilities early in the development process, allowing for fixes before product rollout.

It supports a wide range of programming languages and integrates with numerous development tools via API support.

Its reporting capabilities provide detailed insights into vulnerabilities and suggested remediation actions.

The ability to perform both static and dynamic code analysis enhances overall security by detecting significant errors.

The cloud-based nature of OpenText Core Application Security facilitates easy implementation and scalability without extensive local resources.

CONS

OpenText Core Application Security has issues with false positives, leading to unnecessary troubleshooting.

There are significant delays and inefficiencies in its scanning process, often taking several days.

Technical support from OpenText is inadequate, with slow response times and unresolved queries.

Integration with CI/CD pipelines and other software development tools like GitHub and GitLab is lacking.

The pricing of OpenText Core Application Security is considered high and not user-friendly.

OpenText Core Application Security Pros review quotes

Lead Cybersecurity at TBO

Nov 11, 2025

Fortify on Demand is a very good service which can be used by any organization when they are building a team because it identifies security vulnerabilities early in the software development life cycle and provides good visibility into issues in cloud-hosted applications.

Read full review

Co-Founder at Insecsys Technologies Private Limited

Mar 19, 2026

The biggest advantage of this tool, Fortify on Demand, is that it is very scalable; it provides all the features just in time, and you do not need to have massive deployment or a lot of compute capabilities to use the product—that's the beauty of it.

Read full review

Diego Caicedo Lescano

Chief Innovation Officer at SAGGA

Nov 10, 2025

The best features with Fortify on Demand include having analysis for any product based on analysis points.

Read full review

OpenText Core Application Security

Free Report: OpenText Core Application Security Reviews and More

Learn what your peers think about OpenText Core Application Security. Get advice and tips from experienced pros sharing their opinions. Updated: April 2026.

893,221 professionals have used our research since 2012.

Cloud Security Manager at T-Systems International GmbH

Mar 18, 2026

OpenText Core Application Security helps maintain compliance standards with a faster remediation cycle, as we know the vulnerabilities, and everybody knows that the developers can perform fixes more quickly.

Read full review

Principal Technical Consultant at EOH

Aug 12, 2024

The source code analyzer is the most effective for identifying security vulnerabilities.

Read full review

Abbasi Poonawala

Chief Enterprise Architect at Alinma Bank

Jul 6, 2023

Each bank may have its own core banking applications with proprietary support for different programming languages. This makes Fortify particularly relevant and advantageous in those cases.

Read full review

reviewer2646048

Lead Developer at a legal firm with 1,001-5,000 employees

Jan 31, 2025

It is valuable in improving our overall security posture by catching significant errors.

Read full review

MN

Manikantha Nagireddy

Security Tester at Ray Business Technologies Private Limited

May 16, 2024

The solution is user-friendly. One feature I find very effective is the tool's automatic scanning capability. It scans replicas of the code developers write and automatically detects any vulnerabilities. The integration with CI/CD tools is also useful for plugins.

Read full review

Cloud Architecture Head at PagoNxt Merchant Solutions S.L.

May 11, 2023

Provides good depth of scanning and we get good results.

Read full review

Cloud architect at Vodafone

Mar 1, 2024

The scanning capabilities, particularly for our repositories, have been invaluable.

Read full review

Show 10 more reviews (out of 63)

OpenText Core Application Security Cons review quotes

Lead Cybersecurity at TBO

Nov 11, 2025

If you have an internal team and you want your internal team to validate false positives, basically to determine whether it's a valid issue or an invalid issue, then I wouldn't recommend it much.

Read full review

Co-Founder at Insecsys Technologies Private Limited

Mar 19, 2026

I would say OpenText Core Application Security is not very user-friendly in terms of price; it is quite high.

Read full review

Diego Caicedo Lescano

Chief Innovation Officer at SAGGA

Nov 10, 2025

I would rate the support for OpenText at no more than three out of ten; it is really bad, and we encounter a lot of problems when getting support.

Read full review

OpenText Core Application Security

Free Report: OpenText Core Application Security Reviews and More

Learn what your peers think about OpenText Core Application Security. Get advice and tips from experienced pros sharing their opinions. Updated: April 2026.

893,221 professionals have used our research since 2012.

Cloud Security Manager at T-Systems International GmbH

Mar 18, 2026

I know OpenText is developing Aviator, similar to ChatGPT, with LLM inside the OpenText Core Application Security environment. However, I understand they do not have it for the on-premises environment.

Read full review

Principal Technical Consultant at EOH

Aug 12, 2024

The cybersecurity specialist or AppSec would need a bit of training to engage the user interface and to understand how it functions.

Read full review

Abbasi Poonawala

Chief Enterprise Architect at Alinma Bank

Jul 6, 2023

Temenos's (T-24) info basic is a separate programming interface, and such proprietary platforms and programming interfaces were not easily supported by the out-of-the-box versions of Fortify.

Read full review

reviewer2646048

Lead Developer at a legal firm with 1,001-5,000 employees

Jan 31, 2025

There are frequent complaints about false positives from Fortify.

Read full review

MN

Manikantha Nagireddy

Security Tester at Ray Business Technologies Private Limited

May 16, 2024

Fortify on Demand needs to improve its pricing.

Read full review

Cloud Architecture Head at PagoNxt Merchant Solutions S.L.

May 11, 2023

Not fully integrated with CIT processes.

Read full review

Cloud architect at Vodafone

Mar 1, 2024

There is room for improvement in the integration process.

Read full review

Show 10 more reviews (out of 63)

Product Categories

Product Categories

Application Security Tools

Static Application Security Testing (SAST)

Popular Comparisons

Popular Comparisons

SonarQube vs OpenText Core Application Security

Snyk vs OpenText Core Application Security

Checkmarx One vs OpenText Core Application Security

GitLab vs OpenText Core Application Security

Veracode vs OpenText Core Application Security

Coverity Static vs OpenText Core Application Security

Acunetix vs OpenText Core Application Security

PortSwigger Burp Suite Professional vs OpenText Core Application Security

Mend.io vs OpenText Core Application Security

Sonatype Lifecycle vs OpenText Core Application Security

GitHub Advanced Security vs OpenText Core Application Security

OWASP Zap vs OpenText Core Application Security

GitGuardian Platform vs OpenText Core Application Security

HCL AppScan vs OpenText Core Application Security

GitHub vs OpenText Core Application Security

See all alternatives

Product Categories

Product Categories

Application Security Tools

Static Application Security Testing (SAST)

Popular Comparisons

Popular Comparisons

SonarQube vs OpenText Core Application Security

Snyk vs OpenText Core Application Security

Checkmarx One vs OpenText Core Application Security

GitLab vs OpenText Core Application Security

Veracode vs OpenText Core Application Security

Coverity Static vs OpenText Core Application Security

Acunetix vs OpenText Core Application Security

PortSwigger Burp Suite Professional vs OpenText Core Application Security

Mend.io vs OpenText Core Application Security

Sonatype Lifecycle vs OpenText Core Application Security

GitHub Advanced Security vs OpenText Core Application Security

OWASP Zap vs OpenText Core Application Security

GitGuardian Platform vs OpenText Core Application Security

HCL AppScan vs OpenText Core Application Security

GitHub vs OpenText Core Application Security

See all alternatives

Related questions

51

What Is The Biggest Difference Between Fortify on Demand And SonarQube?

37

What are the costs for Micro Focus Fortify on Demand?

228

If you had to both encrypt and compress data during transmission, which would you do first and why?

154

When evaluating Application Security, what aspect do you think is the most important to look for?

276

What are the threats associated with using ‘bogus’ cybersecurity tools?

243

What are the Top 5 cybersecurity trends in 2022?

142

Which application security solutions include both vulnerability scans and quality checks?

157

We're evaluating Tripwire, what else should we consider?

355

Is SonarQube the best tool for static analysis?

127

Why Do I Need Application Security Software?