GitHub Advanced Security vs Onapsis comparison

GitHub and Onapsis are both solutions in the Application Security Tools category. GitHub is ranked #4 with an average rating of 8.7, while Onapsis is ranked #40. GitHub holds a 8.7% mindshare in AS, compared to Onapsis’s 0.2% mindshare. Additionally, 100% of GitHub users are willing to recommend the solution, compared to 100% of Onapsis users who would recommend it.

GitHub Advanced Security

Read 10 GitHub Advanced Security reviews

7,248 Views
7,248 Comparison Views

100% willing to recommend

Onapsis

Read 1 Onapsis review

349 Views
335 Comparison Views

100% willing to recommend

GitHub Advanced Security

Onapsis

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between GitHub Advanced Security and Onapsis based on real PeerSpot user reviews.

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools.

To learn more, read our detailed Application Security Tools Report (Updated: June 2025).

Buyer's Guide

Application Security Tools

June 2025

Download the complete report

Helped 861,390 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

GitHub Advanced Security

Ranking in Application Security Tools

4th

Average Rating

8.8

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

No ranking in other categories

Onapsis

Ranking in Application Security Tools

40th

Average Rating

8.0

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of July 2025, in the Application Security Tools category, the mindshare of GitHub Advanced Security is 8.7%, up from 4.5% compared to the previous year. The mindshare of Onapsis is 0.2%, up from 0.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Application Security Tools

Featured Reviews

Sabna Sainudeen

Director, Application Security at Carlsberg

Seamlessly integrates into developer environment for streamlined code scanning

GitHub Advanced Security should look into API security issues, which they currently do not. Additionally, open-source security vulnerabilities are not getting updated in a timely manner. There are features in GitHub Advanced Security that cannot be used within Microsoft, which is strange since they are the same company. It should also focus on developing a software bill of materials (SBOM) to see all open software used in one place.

Read full review

it_user19113

SAP Security Consulting Engineer at a computer software company with 10,001+ employees

It checks for and reports vulnerabilities on all SAP systems at the OS, DB and SAP levels.

I really love how Onapsis X1 is able to check SAP for threats; the reporting was something I felt could be improved. It could be a little easier to use and to publish for consumption with a larger audience. Currently, it takes some background jobs and additional work to get them published. It was difficult to get interactive reports to the different levels of the business. I would have to download them and send them out, or save them on my SharePoint site and send out a weekly link. In the version of the product I was usingת I had to log into the X1 system directly to get to the reports. Reporting would be used by several different areas of the organizationת many of whom would be at the director and executive levels. It would not make sense to have them log directly into the tool to look at these reports. Add to this that there was only one ID that could be used to log in and view the reports. To solve this problemת I had to run all of the different reports; executive summary down to detailed analysis and then export them out to my security team SharePoint site. To automate this processת a batch script was created to run after the X1 analyzed the systems. The script would pull the reports and place them in the SharePoint site automatically, but it was a bit of a hassle to get set up.

Read full review

See which vendors are best for you

Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.

See recommendations

861,390 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

14%

Computer Software Company

12%

Manufacturing Company

Government

Manufacturing Company

15%

University

14%

Energy/Utilities Company

12%

Financial Services Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What do you like most about GitHub Advanced Security?

It is a stable solution...It is a scalable solution as it can handle new applications along with the analysis part.

See all answers

What needs improvement with GitHub Advanced Security?

The reporting feature might need improvement. While it integrates seamlessly with my workflow, it doesn't provide management with oversight, such as statistics and the number of vulnerabilities. Ma...

See all answers

What is your primary use case for GitHub Advanced Security?

I use GitHub Advanced Security for conducting source code security scanning for the software that I develop.

See all answers

Ask a question

Earn 20 points

Comparisons

SonarQube Server (formerly SonarQube) vs GitHub Advanced Security

Compared 46% of the time

Snyk vs GitHub Advanced Security

Compared 21% of the time

Veracode vs GitHub Advanced Security

Compared 12% of the time

Checkmarx One vs GitHub Advanced Security

Compared 6% of the time

OpenText Core Application Security vs GitHub Advanced Security

Compared 5% of the time

More GitHub Advanced Security Competitors

SonarQube Server (formerly SonarQube) vs Onapsis

Compared 100% of the time

More Onapsis Competitors

Product Reports

Buyer's Guide

GitHub Advanced Security

June 2025

Download GitHub Advanced Security product report

Buyer's Guide

Application Security Tools

June 2025

Download Onapsis product report

Overview

GitHub Advanced Security secures data by scanning for vulnerabilities in dependencies, secret scanning, and protecting sensitive information. It integrates seamlessly, reducing reliance on multiple tools and optimizing vulnerability detection.

GitHub Advanced Security is designed to enhance security awareness by offering comprehensive tools for secret scanning, code analysis, and SCSS dependency checks. AI-driven features deliver accurate security insights while minimizing false positives. It provides valuable integration with Azure DevOps, maintaining control within dashboards and enabling external systems' support through APIs. With CodeQL, users can perform custom queries across projects. Propelled by Microsoft, the platform enhances operational frameworks with essential security features, although improvements are needed in dashboard consolidation, reporting, and integration mechanisms. Users seek better customizability, language support, and training resources to ensure smoother implementation.

What are the key features of GitHub Advanced Security?

Security and Dependency Scanning: Identifies vulnerabilities in code and dependencies.
Secret Scanning: Detects sensitive information exposure.
Cost-effectiveness: Reduces the need for multiple security tools.
Developer Experience: Integrates seamlessly with development environments.
Extensibility: Custom queries via CodeQL and integration support.

What benefits and ROI can users expect?

Improved Security Posture: Enhanced visibility reduces risk.
Operational Efficiency: Streamlines processes with fewer tools.
Actionable Insights: AI-driven analysis provides clear guidance.
Enhanced Collaboration: Facilitates team integration through shared dashboards.

Industries implement GitHub Advanced Security to maintain robust security standards. It is favored by technology sectors seeking seamless integration with Azure DevOps and looking for customizable security tools tailored to project needs. Financial institutions value its accurate threat detection and compliance support, while enterprises focus on its comprehensive dependency scanning and code analysis capabilities to safeguard critical assets. The adaptability of GitHub Advanced Security across different operational environments illustrates its practical benefits.

GitHub

Through continuous monitoring, the Onapsis Security Platform (OSP) delivers a near real-time preventative, detective and corrective approach for securing SAP systems and applications whether deployed on-premise, or in a private, public or hybrid cloud environment.

Onapsis

Sample Customers

Information Not Available

Sony, US Army, Westinghouse, AXA. Galicia, Daimler, Roche, Levi's, Siemens, ABB, KPMG, Mercardo Libre, Verizon, Bacardi, Adgas, Sicpa, Whirlpool, Leaseplan

Buyer's Guide

Application Security Tools

June 2025

Download Free Report

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools. Updated: June 2025.

DOWNLOAD NOW

861,390 professionals have used our research since 2012.

See our list of best Application Security Tools vendors.

We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.