Try our new research platform with insights from 80,000+ expert users

GitHub vs OpenText Core Application Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 19, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

GitHub
Ranking in Application Security Tools
7th
Average Rating
8.8
Reviews Sentiment
7.2
Number of Reviews
94
Ranking in other categories
Version Control (3rd)
OpenText Core Application S...
Ranking in Application Security Tools
14th
Average Rating
8.0
Reviews Sentiment
7.8
Number of Reviews
60
Ranking in other categories
Static Application Security Testing (SAST) (12th)
 

Mindshare comparison

As of July 2025, in the Application Security Tools category, the mindshare of GitHub is 0.9%, down from 1.2% compared to the previous year. The mindshare of OpenText Core Application Security is 4.3%, down from 5.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

Pervez Roy - PeerSpot reviewer
Very good for collaboration on software projects
We use GitHub for code repository alongside Bitbucket GitHub is very good for collaboration on software projects. We prefer Bitbucket for commercial use, while GitHub is used for open source. You can get the differences, history of changes, and version control for various pull requests. You can…
Jonathan Steyn - PeerSpot reviewer
Source code analyzer, FPR file generation, reduction of false positives and generates compliance reports, for in-depth analysis
Not challenges with the product itself. The product is very reliable. It does have a steep learning curve. But, again, one thing that Fortify or OpenText does very well is training. There are a lot of free resources and training in the community forums, free training as well as commercial training where users can train on how to use the back-end systems and the scanning engines and how to use command-line arguments because some of the procedures or some of the tools do require a bit of a learning curve. That's the only challenge I've really seen for customers because you have to learn how to use the tool effectively. But Fortify has, in fact, improved its user interface and the way users engage the dashboards and the interfaces. It is intuitive. It's easy to understand. But in some regards, the cybersecurity specialist or AppSec would need a bit of training to engage the user interface and to understand how it functions. But from the point of the reliability index and how powerful the tool is, there's no challenge there. But it's just from a learning perspective; users might need a bit more skill to use the tool. The user interface isn't that tedious. It's not that difficult to understand. When I initially learned how to use the interfaces, I was able to master it within a week and was able to use it quite effectively. So training is required. All skills are needed to learn how to use the tool. I would like to see more enhancements in the dashboards. Dashboards are available. They do need some configuration and settings. But I would like to see more business intelligence capabilities within the tool. It's not particularly a cybersecurity function, but, for instance, business impact analysis or other features where you can actually use business intelligence capabilities within your security tool. That would be remarkable because not only do you have a cybersecurity tool, but you also have a tool that can give you business impact analysis and some other measurements. A bit more intelligence in terms of that from a cybersecurity perspective would be remarkable.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The flexibility of this solution has been most valuable. It operates on a pay per use basis where you can ramp up or decrease usage."
"The features that I have found most valuable are that it can support you for most of the road map and it can automate some tasks which works really well with collaboration with the teams. They are really interested in how they organize the history of the code itself which is good."
"GitHub is convenient and easy to use."
"GitHub is the best tool for source repositories."
"I appreciate saving from Visual Studio Code that implements changes directly on GitHub."
"A great feature is being able to have different repositories and different kinds of projects in a single solution at a single time. It's just a click away."
"Complication free with good ability for third-party integrations."
"GitHub has improved the productivity of my team by simplifying code merging and enabling effective branching strategies."
"The UL is easy to use compared to that of other tools, and it is highly reliable. The findings provide a lower number of false positives."
"Provides good depth of scanning and we get good results."
"While using Micro Focus Fortify on Demand we have been very happy with the results and findings."
"Each bank may have its own core banking applications with proprietary support for different programming languages. This makes Fortify particularly relevant and advantageous in those cases."
"The most valuable features are the detailed reporting and the ability to set up deep scanning of the software, both of which are in the same place."
"The source code analyzer is the most effective for identifying security vulnerabilities."
"Fortify on Demand can be scaled very easily."
"The scanning capabilities, particularly for our repositories, have been invaluable."
 

Cons

"This solution could be improved if migration was fully automated to make it easy, for example, to migrate repositories into GitHub."
"GitHub could add more security features. I am not sure how secure it is. If they provide more security features, then it can be used in more official applications."
"The sign in process is a bit difficult."
"The user interface on GitLab is better."
"The query function in GitHub is a bit stiff."
"The sign in process is a bit difficult. Signing up was challenging at that time."
"The solution's cost is high and should be reduced."
"GitHub could automate the setup process more, such as creating YAML files for GitHub Actions."
"I would like to see improvement in CI integration and integration with GitLab or Jenkins. It needs to be more simple."
"There were some regulated compliances, which were not there."
"The Visual Studio plugin seems to hang when a scan is run on big projects. I would expect some improvements there."
"They have a release coming out, which is full of new features. Based on their roadmap, there's nothing that I would suggest for them to put in it that they haven't already suggested. However, I am a customer, so I always think the pricing is something that could be improved. I am working with them on that, and they're very flexible. They work with their customers and kind of tailor the product to the customer's needs. So far, I am very happy with what they're able to provide. Their subscriptions could use a little bit of a reworking, but that would be about it."
"This solution would be improved if the code-quality perspective were added to it, on top of the security aspect."
"They could provide features for artificial intelligence similar to other vendors."
"There are lots of limitations with code technology. It cannot scan .net properly either."
"Takes up a lot of resources which can slow things down."
 

Pricing and Cost Advice

"I use the free version of the tool."
"We have an enterprise licensing agreement, and I am not part of the finance department so I can't say how much it costs."
"The basic licensing model is free, and if you need to have technical support and such things, then it does cost something. You only need to pay extra if you need technical support."
"I think, in terms of price, GitHub is okay compared to other tools."
"You don't have to pay for a license if you are using the free version."
"It is open-source. There is no license for GitHub."
"We pay a subscription-based yearly licensing fee for the solution."
"Regarding pricing, I'd rate it eight out of ten. It's decent and not too expensive, and small businesses can also afford it. With AWS taking CodeCommit out of the market, I don't see many competitors for small companies in terms of GitHub."
"The pricing can be improved because it is complex when compared to the competition."
"Micro Focus Fortify on Demand licenses are managed by our IT team and the license model is user-based."
"We are still using the trial version at this point but I can already see from the trial version alone that it is a good product. For others, I would say that Fortify on Demand might look expensive at the beginning, but it is very powerful and so you shouldn't be put off by the price."
"The solution is expensive and the price could be reduced."
"The licensing was good because the licenses have the heavy centralized server."
"The subscription model, on a per-scan basis, is a bit expensive. That's another reason we are not using it for all the apps."
"The product's cost depends on the type of license."
"It is cost-effective."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
861,524 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
13%
Computer Software Company
11%
Manufacturing Company
9%
Comms Service Provider
7%
Financial Services Firm
19%
Manufacturing Company
15%
Computer Software Company
11%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about GitHub?
The control is the most valuable feature as developers can work on a single code.
What is your experience regarding pricing and costs for GitHub?
I am not aware about the pricing, so I will not be able to give feedback.
What needs improvement with GitHub?
Sometimes we do not get the exact solution, and the suggested solution does not work, so GitHub could improve in that area. We have used GitHub mainly for the code generation part. That is the only...
What do you like most about Micro Focus Fortify on Demand?
It helps deploy and track changes easily as per time-to-time market upgrades.
What is your experience regarding pricing and costs for Micro Focus Fortify on Demand?
In comparison with other tools, they're competitive. It is not more expensive than other solutions, but their pricing is competitive. The licenses for Fortify On Demand are generally bought in unit...
What needs improvement with Micro Focus Fortify on Demand?
There are frequent complaints about false positives from Fortify. One day it may pass a scan with no issues, and the next day, without any code changes, it will report vulnerabilities such as passw...
 

Also Known As

No data available
Micro Focus Fortify on Demand
 

Overview

 

Sample Customers

Dominion Enterprises, NASA, Braintree, SAP, CyberAgent
SAP, Aaron's, British Gas, FICO, Cox Automative, Callcredit Information Group, Vital and more.
Find out what your peers are saying about GitHub vs. OpenText Core Application Security and other solutions. Updated: July 2025.
861,524 professionals have used our research since 2012.