No more typing reviews! Try our Samantha, our new voice AI agent.

OpenText Core Application Security vs ReversingLabs comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 29, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

OpenText Core Application S...
Ranking in Application Security Tools
10th
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
64
Ranking in other categories
Static Application Security Testing (SAST) (9th)
ReversingLabs
Ranking in Application Security Tools
40th
Average Rating
9.2
Reviews Sentiment
7.0
Number of Reviews
4
Ranking in other categories
Anti-Malware Tools (42nd), Container Security (52nd), Software Composition Analysis (SCA) (25th), Threat Intelligence Platforms (TIP) (28th), Software Supply Chain Security (18th)
 

Mindshare comparison

As of July 2026, in the Application Security Tools category, the mindshare of OpenText Core Application Security is 3.3%, down from 4.3% compared to the previous year. The mindshare of ReversingLabs is 0.9%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools Mindshare Distribution
ProductMindshare (%)
OpenText Core Application Security3.3%
ReversingLabs0.9%
Other95.8%
Application Security Tools
 

Featured Reviews

Himanshu_Tyagi - PeerSpot reviewer
Lead Cybersecurity at TBO
Supports secure development pipelines and improves issue detection but limits internal visibility and needs broader dashboard integration
If you have an internal team and you want your internal team to validate false positives, basically to determine whether it's a valid issue or an invalid issue, then I wouldn't recommend it much. That was the only reason we migrated from Fortify on Demand to another solution. Fortify has another tool which is Fortify WebInspect. On Demand is the outsourcing solution, and WebInspect you can use with your in-house team, which is basically the product developed by the Fortify team. For automated scanning, Fortify helps a lot. Regarding the visibility for the internal team, everyone is moving toward the DevSecOps side, and Fortify team has made good progress that you can integrate into your CICD pipeline. One thing I would highlight is if Fortify can focus more on the centralized dashboard of the tools because nowadays, tools such as SentinelOne also exist for identifying security issues, but they have a centralized dashboard that merges their cloud solution and application security side solution together. If you have one tool that works for different solutions, it helps a lot. They are doing good, but they should invest more on the AI side as well because AI security is evolving these days. On the cloud side, they have already made good progress, but I believe they should explore the new area related to AI security as well.
TC
Forensic Lead, Global Security Fusion Center at a insurance company with 10,001+ employees
Very good malware and goodware repository and enables us to look more deeply at indicators of compromise
The automated static analysis of malware is the most valuable feature. Its detection abilities are very good. It hits all of the different platforms out there, platforms that see the items in the wild. Also, the solution’s object and file analysis provide us with actionable insights. Its malware and goodware repository is very good. It's very robust. It gets all of the different repositories that are out there that do analysis and brings them under one roof where we can statically analyze for those indicators of compromise and look at them more deeply. If we need to go deeper into things, we can do that.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It improves future security scans."
"I would definitely recommend Micro Focus Fortify any day for clients who are looking for a good security solution."
"t's a cloud-based solution, so there was no installation involved."
"The vulnerability detection and scanning are awesome features."
"The implementation of Micro Focus Fortify on Demand was simple, since it is on the cloud everything is automatic."
"What stands out to me is the user-friendliness of each feature."
"The solution scans our code and provides us with a dashboard of all the vulnerabilities and the criticality of the vulnerabilities, and it is very useful that they provide right then and there all the information about the vulnerability, including possible fixes, as well as some additional documentation and links to the authoritative sources of why this is an issue and what's the correct way to deal with it."
"One of the valuable features is the ability to submit your code and have it run in the background. Then, if something comes up that is more specific, you have the security analyst who can jump in and help, if needed."
"As far as static analysis information is concerned, we use most of the information that is available in order to determine whether or not we might be dealing with a malware variant. This includes information that is related to Java rules. This is also related to malware families indicated or specific malicious software variants that are labeled by name."
"As far as the malware repository is concerned, it's extensive. It's a good source for finding samples, where we are unable to find them on other channels or by leveraging other sources."
"It offers reports on a great many more file types than the other analysis solutions we have. It can give us a more in-depth analysis and better reporting on a larger number of file types. It also gives us a more comprehensive score on a number of things as well, and that's why we're using it as a front-end filter. It gives us more information... It's valuable because of its depth of information, as well as the breadth it gives us. There aren't a lot of tools that cover all of the different file types."
"ReversingLabs has a large sample size."
"We had nothing in the environment to do such analysis, so it's been a savior in many ways."
"As far as the availability of the content is generally concerned and the number of malicious programs that can be looked up in the repository, these are very extensive."
"We have complete faith that it can do that for us, and can do it at scale."
"The automated static analysis of malware is the most valuable feature. Its detection abilities are very good. It hits all of the different platforms out there, platforms that see the items in the wild."
 

Cons

"We typically do our bulk uploads of our scans with some automation at the end of the development cycle but the scanning can take a lot of time. If you were doing all of it at regular intervals it would still consume a lot of time. This could procedure could improve."
"Micro Focus support is slow, and they should improve that."
"The solution has some issues with latency. Sometimes it takes a while to respond. This issue should be addressed."
"The product has a lot of false positives."
"It's still a little bit too complex for regular developers. It takes a little bit more time than usual. I know static code scan is not the main focus of the tool, but the overall time span to scan the code, and even to set up the code scanning, is a bit overwhelming for regular developers."
"If you have an internal team and you want your internal team to validate false positives, basically to determine whether it's a valid issue or an invalid issue, then I wouldn't recommend it much."
"I find that while it does find a lot of legitimate threats, it tends to have a lot of false positives, and there are more false positives than I would like to see."
"We would like a reduction in the time frame of scans. It takes us three to five days to run a scan now. We would like that reduced to under three days."
"The solution needs to improve integrations."
"While the company is very helpful, it would be very much appreciated to have extensive proof of concept scripts for the different APIs available, though not for all the APIs that we have purchased. Respective scripts are available, but those scripts which are available are typically not of very high quality."
"We would really like further integration with our threat intelligence platform, which is called ThreatConnect. We would also really like further integrations with an endpoint protection product we use called Tanium. The reason I mentioned both of these is that ReversingLabs claims to have extensive integrations with both of them, but they did not work for us."
"The product support could be better at times. Sometimes, the resources that they provide could be of higher quality."
"I would like to see if we could do a little bit more of bulk uploading of hash sets. Right now, I can only do them individually."
 

Pricing and Cost Advice

"We are still using the trial version at this point but I can already see from the trial version alone that it is a good product. For others, I would say that Fortify on Demand might look expensive at the beginning, but it is very powerful and so you shouldn't be put off by the price."
"We used the one-time application, Security Scan Dynamic. I believe the original fee was $8,000."
"It is quite expensive. Pricing and the licensing model could be improved."
"The pricing model it's based on how many applications you wish to scan."
"If I exceed one million lines of code, there might be an extra cost or a change in the pricing bracket."
"The subscription model, on a per-scan basis, is a bit expensive. That's another reason we are not using it for all the apps."
"I believe the rental license is not too expensive, but it provides a lot of information about the vulnerabilities."
"Buying a license would be feasible for regular use. For intermittent use, the cloud-based option can be used (Fortify on Demand)."
"Currently, the license number of lookups that we purchased has not been reached yet, because the integration has only recently been completed. However, our usage is expected and planned to increase over the next couple of months."
"We have a yearly contract based on the number of queries and malicious programs which can be processed."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
14%
Manufacturing Company
12%
Construction Company
7%
Government
7%
Construction Company
16%
Financial Services Firm
12%
Computer Software Company
8%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business18
Midsize Enterprise8
Large Enterprise46
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Micro Focus Fortify on Demand?
In comparison with other tools, they're competitive. It is not more expensive than other solutions, but their pricing is competitive. The licenses for Fortify On Demand are generally bought in unit...
What needs improvement with Micro Focus Fortify on Demand?
Areas for improvement should be contextualized post the OpenText acquisition, but back when I was working with Micro Focus, they focused heavily on enterprise-centric solutions. Now, after the acqu...
What is your primary use case for Micro Focus Fortify on Demand?
For OpenText Core Application Security, I currently support a couple of my clients who are using Fortify on Demand for their web application, CRM, and sales platform. Many good features of Fortify ...
Ask a question
Earn 20 points
 

Also Known As

Micro Focus Fortify on Demand
ReversingLabs Titanium, ReversingLabs secure.software
 

Overview

 

Sample Customers

SAP, Aaron's, British Gas, FICO, Cox Automative, Callcredit Information Group, Vital and more.
Financial services, healthcare, government, manufacturing, oil & gas, telecommunications, information technology
Find out what your peers are saying about OpenText Core Application Security vs. ReversingLabs and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.