Try our new research platform with insights from 80,000+ expert users

GitLab vs OpenText Static Application Security Testing comparison

The compared GitLab and OpenText solutions aren't in the same category. GitLab is ranked #9 in AS , with an average rating of 8.6, and holds a 2.8% mindshare in the category. OpenText is ranked #2 in SCAS , with an average rating of 8.2, and holds a 11.7% mindshare. Additionally, 97% of GitLab users are willing to recommend the solution, compared to 89% of OpenText users who would recommend it.
GitLab
Read 84 GitLab reviews
  • 3,342 Views
  • 2,379 Comparison Views
97% willing to recommend
OpenText Static Application...
Read 19 OpenText Static Application Security Testing reviews
  • 1,641 Views
  • 118 Comparison Views
89% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between GitLab and OpenText Static Application Security Testing based on real PeerSpot user reviews.

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Application Security Tools Report (Updated: June 2025).
Buyer's Guide
Application Security Tools
June 2025
Download the complete report
Helped 857,688 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.6
GitLab improves ROI by increasing efficiency, reducing deployment time, and enhancing DevOps through cost-saving, automation, and vulnerability management.
Sentiment score
6.8
OpenText Static Application Security Testing received mixed reviews, praising cost savings and partnerships, but highlighting challenges in quantifying ROI.
Migrating to GitLab is bringing time-saving benefits, and everything is easier to automate.
We have saved time significantly, reducing deployment time from four hours to five minutes per deployment.
For more quotes and insights, download the GitLab report
No quotes available
For more quotes and insights, download the OpenText Static Application Security Testing report
 

Customer Service

Sentiment score
6.8
GitLab's support varies by license; paid users praise responsiveness, while free version users rely on community forums and documentation.
Sentiment score
6.7
Generally positive with dedicated teams, though some seek improvements in ticket system and responsiveness for OpenText support.
We have rarely needed to escalate issues to technical support since GitLab usually runs seamlessly.
I have interacted with architects for some advice during the implementation, and they were prompt in their response.
I have had meetings where they taught me, explained things, and provided guidance for starting from scratch.
For more quotes and insights, download the GitLab report
The customer service and support for Fortify Static Code Analyzer are better than those for LoadRunner.
The technical support has been good because we always received answers to our questions.
For more quotes and insights, download the OpenText Static Application Security Testing report
Gaurav Chandel - PeerSpot reviewerMikhael Ibrahim - PeerSpot reviewerreviewer2603940 - PeerSpot reviewerAphiwat Leetavorn. - PeerSpot reviewer
EG
 

Scalability Issues

Sentiment score
7.4
GitLab's scalable container architecture supports diverse environments, flexible deployment, and smooth integration, despite some configuration and scaling challenges.
Sentiment score
7.8
OpenText SAST is scalable for various project sizes but needs improvement in speed and infrastructure management.
It has all the features required for our coding and deployment needs, which makes it scalable to our changing requirements.
We're transitioning to OpenShift for future scalability with increased user numbers.
For scaling, other deployment options from GitLab's side need to be adopted.
For more quotes and insights, download the GitLab report
Fortify Static Code Analyzer integrates well and is scalable.
For more quotes and insights, download the OpenText Static Application Security Testing report
Sarfaraz Khan - PeerSpot reviewerMikhael Ibrahim - PeerSpot reviewerRohit Kesharwani - PeerSpot reviewerAphiwat Leetavorn. - PeerSpot reviewer
 

Stability Issues

Sentiment score
8.2
GitLab is highly stable and reliable, with minor issues mainly under heavy load or during updates.
Sentiment score
7.5
OpenText Static Application Security Testing is reliable and stable, with improvements since version 19.10, and benefits from proper training.
I have not encountered any performance or stability issues with GitLab so far.
The updates are frequent and demanding, happening at least once a week due to security reasons.
For more quotes and insights, download the GitLab report
The stability of Fortify Static Code Analyzer is generally good.
I would rate the product stability as an eight.
For more quotes and insights, download the OpenText Static Application Security Testing report
Gaurav Chandel - PeerSpot reviewer
AS
Aphiwat Leetavorn. - PeerSpot reviewer
DK
 

Room For Improvement

GitLab users seek improved CI/CD automation, integrations, user interface, project management, security, pricing, and support for enhanced usability.
OpenText SAST faces high costs, complex use, false positives, and needs better integration, language support, and feature enhancements.
It would be beneficial to have a user-friendly interface for setting up these configurations, instead of just writing YAML files.
It is essential to conduct proper testing, such as unit tests and code coverage, within the SDLC pipelines.
GitLab can improve its user interface to make conflict resolution more user-friendly.
For more quotes and insights, download the GitLab report
We would appreciate if the AI could give us more information about improvements and reduce the number of false positives, but this solution doesn't have this function yet.
It should be easier to install, perhaps through a container-based approach where everything is combined into one image or pack of containers.
It would be really helpful to include trending vulnerabilities and how to manage them.
For more quotes and insights, download the OpenText Static Application Security Testing report
reviewer2603940 - PeerSpot reviewerRohit Kesharwani - PeerSpot reviewerSarfaraz Khan - PeerSpot reviewer
EG
Aphiwat Leetavorn. - PeerSpot reviewer
DK
 

Setup Cost

GitLab provides flexible pricing with open-source access and paid tiers, catering to different enterprise needs and budgets.
Enterprise users find OpenText Static Application Security Testing's pricing high but consider it economical compared to other major solutions.
Even when working in other small organizations, we opted for GitLab as it was cost-efficient.
The pricing of GitLab is reasonable, aligning with what I consider to be average compared to competitors.
The price is high, and it limits user accessibility.
For more quotes and insights, download the GitLab report
The pricing of Fortify Static Code Analyzer is good, with a flexible model that allows customers to choose a setup that suits their needs.
My experience with the pricing, setup costs, and licensing has been good.
For more quotes and insights, download the OpenText Static Application Security Testing report
Sarfaraz Khan - PeerSpot reviewerreviewer2603940 - PeerSpot reviewerAndrea PICCININI - PeerSpot reviewerAphiwat Leetavorn. - PeerSpot reviewer
DK
 

Valuable Features

GitLab excels in UI, CI/CD, code management, and integration, offering user-friendly, efficient, and scalable development and deployment features.
OpenText SAST enhances security by automating vulnerability detection, integrating across tools, and providing detailed remediation and compliance guidance.
As we implement automated testing and DevSecOps, it speeds up the process by forty to sixty percent.
The Ultimate version offers enhanced features for security scanning through DAST and SAST analysis, which have greatly benefitted our project workflow.
By integrating GitLab as a DevOps platform, we have enhanced agility, improved our time to market, and different teams can work collaboratively on various projects.
For more quotes and insights, download the GitLab report
Fortify Static Code Analyzer has the capability of giving fewer false positives compared to other tools.
The most valuable feature of Fortify Static Code Analyzer is its extensive language support, covering many languages from legacy ones to the newest.
The most impactful feature of Fortify Static Code Analyzer in identifying vulnerabilities is the ratio of total number of vulnerabilities to false positives.
For more quotes and insights, download the OpenText Static Application Security Testing report
Mikhael Ibrahim - PeerSpot reviewerAndrea PICCININI - PeerSpot reviewerRohit Kesharwani - PeerSpot reviewer
DK
Aphiwat Leetavorn. - PeerSpot reviewer
EG
 

Categories and Ranking

GitLab
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
84
Ranking in other categories
Application Security Tools (9th), Build Automation (1st), Release Automation (2nd), Static Application Security Testing (SAST) (6th), Rapid Application Development Software (11th), Software Composition Analysis (SCA) (5th), Enterprise Agile Planning Tools (2nd), Fuzz Testing Tools (3rd), DevSecOps (1st)
OpenText Static Application...
Average Rating
8.2
Reviews Sentiment
6.9
Number of Reviews
19
Ranking in other categories
Static Code Analysis (2nd)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. GitLab is designed for Application Security Tools and holds a mindshare of 2.8%, up 2.8% compared to last year.
OpenText Static Application Security Testing, on the other hand, focuses on Static Code Analysis, holds 11.7% mindshare, up 10.0% since last year.
Application Security Tools
Static Code Analysis
 

Featured Reviews

Rohit Kesharwani - PeerSpot reviewer
Improved agility and time to market with CI/CD enhancements
The CI/CD pipelines in GitLab ( /products/gitlab-reviews ) are highly valuable. Another important feature is the single source of repository, allowing efficient repository management and source code management. GitLab provides manageability by allowing us to manage source code effectively through separate repositories. Additionally, GitLab enables the creation of individual CI/CD pipelines for each repository, making software more agile. By integrating GitLab as a DevOps platform, we have enhanced agility, improved our time to market, and different teams can work collaboratively on various projects.
Read full review
Aphiwat Leetavorn. - PeerSpot reviewer
Provides extensive language support and enhances secure coding practices
The deployment of Fortify Static Code Analyzer needs to be simplified. It should be easier to install, perhaps through a container-based approach where everything is combined into one image or pack of containers. This change would facilitate easier installations and ensure all necessary components are connected and ready to use.
Read full review
report
See which vendors are best for you
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
See recommendations
857,688 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
15%
Financial Services Firm
13%
Computer Software Company
13%
Government
9%
Financial Services Firm
29%
Computer Software Company
13%
Manufacturing Company
10%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about GitLab?
I find the features and version control history to be most valuable for our development workflow. These aspects provide us with a clear view of changes and help us manage requests efficiently.
See all answers
What is your experience regarding pricing and costs for GitLab?
The pricing and cost are on par with other tools and are neither too expensive nor cheap.
See all answers
What needs improvement with GitLab?
One significant feature we lack is the configuration that enforces code reviews, which simplifies the development life cycle. Unfortunately, this is available only at a higher license level than we...
See all answers
What do you like most about Fortify Static Code Analyzer?
Integrating the Fortify Static Code Analyzer into our software development lifecycle was straightforward. It highlights important information beyond just syntax errors. It identifies issues like pa...
See all answers
What is your experience regarding pricing and costs for Fortify Static Code Analyzer?
My experience with the pricing, setup costs, and licensing has been good. We have the scan machines, and we are planning to request more from Micro Focus now. We have calls every month or every oth...
See all answers
What needs improvement with Fortify Static Code Analyzer?
I think Fortify Static Code Analyzer could be improved by updating the number of rule packs according to the latest vulnerabilities we find each year. We have updated to a version that is one less ...
See all answers
 

Comparisons

Microsoft Azure DevOps vs GitLab Logo
Microsoft Azure DevOps vs GitLab
Compared 24% of the time
GitHub CoPilot vs GitLab Logo
GitHub CoPilot vs GitLab
Compared 15% of the time
SonarQube Server (formerly SonarQube) vs GitLab Logo
SonarQube Server (formerly SonarQube) vs GitLab
Compared 7% of the time
Tekton vs GitLab Logo
Tekton vs GitLab
Compared 5% of the time
Veracode vs GitLab Logo
Veracode vs GitLab
Compared 2% of the time
More GitLab Competitors
Black Duck vs OpenText Static Application Security Testing Logo
Black Duck vs OpenText Static Application Security Testing
Compared 34% of the time
Snyk vs OpenText Static Application Security Testing Logo
Snyk vs OpenText Static Application Security Testing
Compared 18% of the time
Veracode vs OpenText Static Application Security Testing Logo
Veracode vs OpenText Static Application Security Testing
Compared 13% of the time
Sonatype Lifecycle vs OpenText Static Application Security Testing Logo
Sonatype Lifecycle vs OpenText Static Application Security Testing
Compared 7% of the time
JFrog Xray vs OpenText Static Application Security Testing Logo
JFrog Xray vs OpenText Static Application Security Testing
Compared 6% of the time
More OpenText Static Application Security Testing Competitors
 

Product Reports

Buyer's Guide
GitLab
June 2025
GitLab reportDownload GitLab product report
Buyer's Guide
OpenText Static Application Security Testing
June 2025
OpenText Static Application Security Testing reportDownload OpenText Static Application Security Testing product report
 

Also Known As

Fuzzit
Fortify Static Code Analysis SAST
 

Overview

GitLab is a complete DevOps platform that enables teams to collaborate and deliver software faster. 

It provides a single application for the entire DevOps lifecycle, from planning and development to testing, deployment, and monitoring. 

With GitLab, teams can streamline their workflows, automate processes, and improve productivity.

GitLab

OpenText Static Application Security Testing empowers teams with efficient vulnerability detection and streamlined secure coding practices, offering comprehensive language support and seamless integration with development tools.

OpenText Static Application Security Testing enhances software security during development by accurately identifying vulnerabilities with minimal false positives. It integrates seamlessly with IDEs and CI/CD pipelines, making it highly efficient for early detection of security issues. Users benefit from its easy setup, clear documentation, and centralized portal for managing security findings. Despite facing challenges like high costs and complex configurations for certain languages, its role in facilitating compliance and streamlining secure coding processes is indispensable. Improvements are needed in areas such as outdated design, language support, and integration capabilities to meet evolving user expectations.

What features does OpenText Static Application Security Testing offer?
  • Seamless IDE Integration: Integrates effortlessly with development environments for real-time feedback.
  • Comprehensive Language Support: Covers a wide range of programming languages, enhancing detection accuracy.
  • Centralized Security Portal: Provides a streamlined interface for managing vulnerabilities.
What benefits and ROI should users consider?
  • Enhanced Security: Identifies vulnerabilities early, preventing potential breaches.
  • Time Efficiency: Automates processes and speeds up remediation efforts.
  • Compliance Facilitation: Assists in adhering to security standards and regulations.

Organizations across diverse sectors implement OpenText Static Application Security Testing primarily to secure applications during development phases. Its integration with tools like GitLab, Jenkins, and Azure DevOps ensures a robust security pipeline. By combining with Sonatype Nexus, secure code, and library management is achieved effectively.

OpenText
 

Sample Customers

1. NASA  2. IBM  3. Sony  4. Alibaba  5. CERN  6. Siemens  7. Volkswagen  8. ING  9. Ticketmaster  10. SpaceX  11. Adobe  12. Intuit  13. Autodesk  14. Rakuten  15. Unity Technologies  16. Pandora  17. Electronic Arts  18. Nordstrom  19. Verizon  20. Comcast  21. Philips  22. Deutsche Telekom  23. Orange  24. Fujitsu  25. Ericsson  26. Nokia  27. General Electric  28. Cisco  29. Accenture  30. Deloitte  31. PwC  32. KPMG
Information Not Available
Buyer's Guide
Application Security Tools
June 2025
Download Free Report
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools. Updated: June 2025.
DOWNLOAD NOW
857,688 professionals have used our research since 2012.

We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.