Business Software for OpenText Static Application Security Testing
View:
Top Software that integrates with OpenText Static Application Security Testing as of July 2025
Sort By:
Compare business software, products, and services to find the best solution for your business or organization. Use the filters on the left to drill down by category, pricing, features, organization size, organization type, region, user reviews, integrations, and more. View and sort the products and solutions that match your needs in the results below.
-
1
Microsoft 365
Microsoft
Introducing Microsoft 365 (formerly Microsoft Office 365). Be more creative and achieve what matters with Outlook, OneDrive, Word, Excel, PowerPoint, OneNote, SharePoint, Microsoft Teams, Yammer, and more. With a Microsoft 365 subscription, you get the latest Office apps—both the desktop and the online versions—and updates when they happen. On your desktop, on your tablet, and on your phone.* Microsoft 365 + your device + the Internet = productivity wherever you are. OneDrive makes the work you do available to you from anywhere—and to others when you collaborate or share. Help at every turn. Email, chat, or call and talk to a real live person. Get Office today—choose the option that's right for youStarting Price: $5 per user per month -
2
Slack
Salesforce
Slack is a cloud-based project collaboration and team interaction software solution specially designed to seamlessly facilitate communication across organizations. Featuring powerful tools and services integrated into a single platform, Slack provides private channels to promote interaction within smaller teams, direct channels to help send messages directly to colleagues, and public channels that enables members across organizations to start conversations. Available on Mac, Windows, Android, and iOS apps, Slack offers a plethora of features that include chat, file sharing, collaborative workspace, real-time notifications, two-way audio and video, screen sharing, document imaging, activity tracking and logging, and more.Starting Price: $6.67 per user per month -
3
Jira
Atlassian
Jira is the only project management tool you need to plan and track work across every team. Jira by Atlassian is the #1 software development tool for teams planning and building great products. Trusted by thousands of teams, Jira offers access to a wide range of tools for planning, tracking, and releasing world-class software, capturing and organizing issues, assigning work, and following team activity. It also integrates with leading developer tools for end-to-end traceability. From short projects, to large cross-functional programs, Jira helps break big ideas down into achievable steps. Organize work, create milestones, map dependencies and more. Link work to goals so everyone can see how their work contributes to company objectives and stay aligned to what’s important. Your next move, suggested by AI. Atlassian Intelligence takes your big ideas and automatically suggests the tasks to help get it done.Starting Price: Free -
4
GitHub
GitHub
GitHub is the world’s most secure, most scalable, and most loved developer platform. Join millions of developers and businesses building the software that powers the world. Build with the world’s most innovative communities, backed by our best tools, support, and services. If you manage multiple contributors , there’s a free option: GitHub Team for Open Source. We also run GitHub Sponsors, where we help fund your work. The Pack is back. We’ve partnered up to give students and teachers free access to the best developer tools—for the school year and beyond. Work for a government-recognized nonprofit, association, or 501(c)(3)? Get a discounted Organization account on us.Starting Price: $7 per month -
5
Amazon Web Services (AWS)
Amazon
Whether you're looking for compute power, database storage, content delivery, or other functionality, AWS has the services to help you build sophisticated applications with increased flexibility, scalability and reliability. Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform, offering over 175 fully featured services from data centers globally. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—are using AWS to lower costs, become more agile, and innovate faster. AWS has significantly more services, and more features within those services, than any other cloud provider–from infrastructure technologies like compute, storage, and databases–to emerging technologies, such as machine learning and artificial intelligence, data lakes and analytics, and Internet of Things. This makes it faster, easier, and more cost effective to move your existing applications to the cloud. -
6
Bitbucket
Atlassian
Bitbucket is more than just Git code management. Bitbucket gives teams one place to plan projects, collaborate on code, test, and deploy. Free for small teams under 5 and priced to scale with Standard ($3/user/mo) or Premium ($6/user/mo) plans. Keep your projects organized by creating Bitbucket branches right from Jira issues or Trello cards. Build, test and deploy with integrated CI/CD. Benefit from configuration as code and fast feedback loops. Approve code review more efficiently with pull requests. Create a merge checklist with designated approvers and hold discussions right in the source code with inline comments. Bitbucket Pipelines with Deployments lets you build, test and deploy with integrated CI/CD. Benefit from configuration as code and fast feedback loops. Know your code is secure in the Cloud with IP whitelisting and required 2-step verification. Restrict access to certain users, and control their actions with branch permissions and merge checks for quality code.Starting Price: $15 per month -
7
Snowflake
Snowflake
Snowflake is a comprehensive AI Data Cloud platform designed to eliminate data silos and simplify data architectures, enabling organizations to get more value from their data. The platform offers interoperable storage that provides near-infinite scale and access to diverse data sources, both inside and outside Snowflake. Its elastic compute engine delivers high performance for any number of users, workloads, and data volumes with seamless scalability. Snowflake’s Cortex AI accelerates enterprise AI by providing secure access to leading large language models (LLMs) and data chat services. The platform’s cloud services automate complex resource management, ensuring reliability and cost efficiency. Trusted by over 11,000 global customers across industries, Snowflake helps businesses collaborate on data, build data applications, and maintain a competitive edge.Starting Price: $2 compute/month -
8
Jenkins
Jenkins
The leading open source automation server, Jenkins provides hundreds of plugins to support building, deploying and automating any project. As an extensible automation server, Jenkins can be used as a simple CI server or turned into the continuous delivery hub for any project. Jenkins is a self-contained Java-based program, ready to run out-of-the-box, with packages for Windows, Linux, macOS and other Unix-like operating systems. Jenkins can be easily set up and configured via its web interface, which includes on-the-fly error checks and built-in help. With hundreds of plugins in the Update Center, Jenkins integrates with practically every tool in the continuous integration and continuous delivery toolchain. Jenkins can be extended via its plugin architecture, providing nearly infinite possibilities for what Jenkins can do. Jenkins can easily distribute work across multiple machines, helping drive builds, tests and deployments across multiple platforms faster. -
9
SonarQube Server
SonarSource
SonarQube Server is a self-managed solution for continuous code quality inspection that helps development teams identify and fix bugs, vulnerabilities, and code smells in real-time. It provides automated static code analysis for a variety of programming languages, ensuring the highest quality and security standards are maintained throughout the development lifecycle. SonarQube Server integrates seamlessly with existing CI/CD pipelines, offering flexibility for on-premise or cloud-based deployment. With advanced reporting features, it helps teams manage technical debt, track improvements, and enforce coding standards. SonarQube Server is ideal for organizations seeking full control over their code quality and security without compromising on performance. -
10
Selenium
Software Freedom Conservancy
Selenium automates browsers. That's it! What you do with that power is entirely up to you. Primarily it is for automating web applications for testing purposes, but is certainly not limited to just that. Boring web-based administration tasks can (and should) also be automated as well. If you want to create robust, browser-based regression automation suites and tests, scale and distribute scripts across many environments, then you want to use Selenium WebDriver, a collection of language specific bindings to drive a browser - the way it is meant to be driven. If you want to create quick bug reproduction scripts, create scripts to aid in automation-aided exploratory testing, then you want to use Selenium IDE; a Chrome and Firefox add-on that will do simple record-and-playback of interactions with the browser. If you want to scale by distributing and running tests on several machines and manage multiple environments from a central point. -
11
Snyk
Snyk
Snyk is the leader in developer security. We empower the world’s developers to build secure applications and equip security teams to meet the demands of the digital world. Our developer-first approach ensures organizations can secure all of the critical components of their applications from code to cloud, leading to increased developer productivity, revenue growth, customer satisfaction, cost savings and an overall improved security posture. Snyk’s Developer Security Platform automatically integrates with a developer’s workflow and is purpose-built for security teams to collaborate with their development teams. Snyk is used by 1,200 customers worldwide today, including industry leaders such as Asurion, Google, Intuit, MongoDB, New Relic, Revolut and Salesforce. Snyk is recognized on the Forbes Cloud 100 2021, the 2021 CNBC Disruptor 50 and was named a Visionary in the 2021 Gartner Magic Quadrant for AST.Starting Price: $0 -
12
Oobeya
Oobeya
Oobeya is an engineering intelligence platform that helps software development teams accelerate their value delivery performance. Oobeya works with code repositories, issue tracking, testing, application performance monitoring (APM), and incident management tools to measure engineering metrics, like cycle time, lead time, sprint planning accuracy, pull request metrics, and value stream metrics (VSM), and DevOps DORA metrics. Oobeya's goal is to help software engineering teams to make a shift from an intuition-driven approach to a data-driven approach by plugging into the SDLC toolset. Oobeya connects to Git repositories like GitHub, GitLab, Bitbucket, Azure DevOps, issue tracking systems like Jira and Azure Boards, and CI/CD platforms like Github Actions, GitLab CI, Azure Pipelines, and Jenkins.Starting Price: $12 per dev / month -
13
Visual Studio
Microsoft
Visual Studio is Microsoft’s comprehensive integrated development environment (IDE) for .NET and C++ developers on Windows. It offers a rich set of tools including code editing, debugging, compiling, and graphical designers to enhance every stage of software development. With powerful AI-powered features like GitHub Copilot, it assists developers in generating, refactoring, and debugging code faster and more accurately. Visual Studio supports building applications for any platform or device, streamlining collaboration with real-time teamwork tools. It integrates advanced debugging tools such as memory analysis and root cause insights to catch issues early. Trusted by millions, Visual Studio accelerates productivity by combining developer control with intelligent assistance.Starting Price: $45/user/month -
14
Nucleus
Nucleus
Nucleus is redefining the vulnerability management software category as the single source of record for all assets, vulnerabilities, and associated data. We unlock the value you’re not getting from existing tools and place you squarely on the path to program maturity by unifying the people, processes, and technology involved in vulnerability management. With Nucleus, you receive unmatched visibility into your program and a suite of tools with functionality that simply can’t be replicated in any other way. Nucleus is the single shift-left tool that unifies development and security operations. It unlocks the value you’re not getting out of your existing tools and puts you on the path to unifying the people, processes, and technology involved in addressing vulnerabilities and code weaknesses. With Nucleus, you’ll get unmatched pipeline integration, tracking, triage, automation and reporting capabilities and a suite of tools with functionality.Starting Price: $10 per user per year -
15
Mend.io
Mend.io
Trusted by the world's leading companies, including IBM, Google, and Capital One, Mend.io's enterprise suite of application security tools is designed to help you build and manage a mature, proactive AppSec program. Mend.io understands the different AppSec requirements of developers and security teams. Unlike other AppSec solutions that force everyone to use a single tool, Mend.io helps them work in harmony by giving each team different, but complementary, tools - enabling them to stop chasing vulnerabilities and start proactively managing application risk.Starting Price: $1,000 per developer, per year -
16
Bugzilla
Bugzilla
Bugzilla is server software designed to help you manage software development. Optimized database structure for increased performance and scalability. Excellent security to protect confidentiality. Advanced query tool that can remember your searches. Integrated email capabilities. Editable user profiles and comprehensive email preferences. Comprehensive permissions system. Proven under fire as Mozilla's bug tracking system. A large number of companies, organizations, and projects use Bugzilla. This page showcases a few particularly high-profile or otherwise interesting installations, and also contains a list of public Bugzillas. Includes bug fixes and performance improvements only. No new features or large scale performance improvements. No database schema changes. May contain documentation changes. No changes to templates that aren't part of bug fix, other than typos or grammatical fixes. -
17
Azure DevOps Server
Microsoft
Share code, track work, and ship software using integrated software delivery tools, hosted on premisis. Use all the Azure DevOps services or just the ones you need to complement your existing workflows. Previously known as Team Foundation Server (TFS), Azure DevOps Server is a set of collaborative software development tools, hosted on-premises. Azure DevOps Server integrates with your existing IDE or editor, enabling your cross-functional team to work effectively on projects of all sizes. Azure DevOps Server is source code management software, and includes features such as access Controls/Permissions, bug tracking, build automation, change management, code review, collaboration, continuous integration, and version control.Starting Price: $6 per user per month -
18
Bamboo
Atlassian
Bamboo offers first-class support for the "delivery" aspect of continuous delivery. Deployment projects automate the tedium right out of releasing into each environment, while letting you control the flow with per-environment permissions.Starting Price: $10 for up to 10 jobs -
19
ThreadFix
Denim Group
ThreadFix 3.0 provides a comprehensive view of your risk from applications and their supporting infrastructure. Skip the spreadsheets and PDFs forever. From Application Security Managers to CISOs, ThreadFix helps increase efficiency across teams and provides powerful reporting to upper management. Explore the powerful benefits of ThreadFix, the industry leading application vulnerability management platform. Automatically consolidate, de-duplicate, and correlate vulnerabilities in applications to the infrastructure assets that support them using results from commercial and open source application and network scanning tools. Knowing which vulnerabilities exist is important, but it’s just a start. With ThreadFix, you will quickly spot vulnerability trends and make smart remediation decisions based on data in a centralized view. When vulnerabilities are discovered, it can be tough to go back and fix them.Starting Price: $2000 per month -
20
Phoenix Security
Phoenix Security
Phoenix Security enables security, developers, and businesses to all talk the same language. We help security professionals focus on the vulnerabilities that matter most across cloud, infrastructure, and application security. Laser focuses on the 10% of vulnerabilities that matter today, and reduces risk faster with prioritized contextualized vulnerabilities. Threat intelligence automatically in the risk improves efficiency enabling fast reaction. Threat intelligence automatically in the risk improves efficiency enabling fast reaction. Aggregate, correlate and contextualize multiple security tools and data sources, providing your business with unprecedented visibility. Break down the silos between application security, operational security, and the business.Starting Price: $3,782.98 per month -
21
Black Duck
Black Duck
Black Duck, part of the Synopsys Software Integrity Group, is a leading provider of application security testing (AST) solutions. Their comprehensive portfolio includes tools for static analysis, software composition analysis (SCA), dynamic analysis, and interactive analysis, enabling organizations to identify and mitigate security vulnerabilities throughout the software development life cycle. By automating the discovery and management of open-source software, Black Duck ensures compliance with security and licensing standards. Their solutions are designed to help organizations build trust in their software by managing application security, quality, and compliance risks at the speed their business demands. Black Duck empowers businesses to innovate securely and deliver software with confidence. -
22
Gradle
Gradle
Gradle Inc. is the company behind the leading software solution for improving developer productivity and happiness called Develocity (formerly Gradle Enterprise) and the popular open-source Gradle Build Tool, which is downloaded over 30 million times a month. Gradle is also pioneering the emerging practice of Developer Productivity Engineering (DPE). Elite development teams from companies like Airbnb, LinkedIn, Microsoft, Nasdaq, and Netflix, practice DPE to deliver quality software more rapidly at scale. They achieve this by leveraging Develocity’s innovative build and test performance acceleration technologies and analytics to proactively improve the reliability of the developer toolchain and make failure troubleshooting more efficient. -
23
Harness
Harness
Harness is an AI-native software delivery platform that helps engineering teams achieve excellence by automating and streamlining the entire software delivery lifecycle. It enables continuous integration, continuous delivery, and GitOps for multi-cloud, multi-region deployments with increased speed and reliability. Harness simplifies infrastructure as code, database DevOps, and artifact management to improve collaboration and reduce errors. The platform offers AI-powered testing, incident response, chaos engineering, and feature management to enhance quality and resilience. Harness also provides cloud cost management, security testing orchestration, and developer insights to optimize performance and governance. Trusted by leading enterprises, Harness accelerates innovation while reducing manual effort and risk. -
24
SQUAD1
Talakunchi Networks
SQUAD1 VM is a Risk-Based Vulnerability Management and Orchestration Platform. Aggregates the Vulnerability data from various technology solutions, vulnerability scanners, and manual penetration testing assessments. Squad1 performs cyber risk quantification for all the vulnerability feed and these vulnerability insights with supporting risk scoring make the security team's life easier for quick actions. These insights are built with contextual information relating to the mitigation patterns from peer departments and past vulnerability identification trends supported by guided workflows to achieve a better security posture. Modules: 1. Audit Management 2. On-Demand Scanning 3. Asset Management 4. User/ Vendor Management 5. Report Management 6. Ticketing System The benefit of SQUAD1: 1. Automate Risk Identification 2. Faster Mitigation with Prioritization 3. Custom Enterprise Workflow 4. Visibility to Insightful Vulnerability Tracking -
25
HivePro Uni5
HivePro
The Uni5 platform elevates traditional vulnerability management to holistic threat exposure management by identifying your enterprises' likely cyber threats, fortifying your weakest controls, and eliminating the vulnerabilities that matter most to reduce your enterprise risks. Minimizing your threat exposure and outmaneuvering cybercriminals requires enterprises to know their terrain, and the attacker’s perspective well. HiveUni5 platform provides wide asset visibility, actionable threat, and vulnerability intelligence, security controls testing, patch management, and in-platform, cross-functional collaboration. Close the loop on risk management with auto-generated strategic, operational, and tactical reports. HivePro Uni5 supports over 27 well-known asset management, ITSM, vulnerability scanners, and patch management tools out of the box, allowing organizations to utilize their existing investments. -
26
Sonatype Nexus Repository
Sonatype
Sonatype Nexus Repository is a robust binary repository manager designed to store, manage, and distribute open-source components, dependencies, and artifacts across the software development lifecycle (SDLC). It supports over 20 formats, including Maven, npm, PyPI, and Docker, allowing for seamless integration with build tools and CI/CD pipelines. With advanced features like high availability, disaster recovery, and scalability across cloud platforms, Nexus Repository ensures secure and efficient management of your software artifacts. The platform enhances collaboration, automates workflows, and improves visibility into your software supply chain, helping teams manage dependencies and improve software quality. -
27
OpenText Software Delivery Management is a comprehensive platform designed to enhance the DevOps pipeline with integrated planning, continuous integration, test management, and release management capabilities. It enables Agile teams and DevOps toolchains to deliver high-quality software with end-to-end visibility, traceability, and actionable insights. The platform helps embed quality throughout the software delivery lifecycle, from ideation to release, aligning goals with key milestones. It supports transformation from traditional waterfall to scaled Agile and hybrid methodologies, allowing teams to evolve at their own pace. Automation at scale is achieved by managing thousands of continuous integration-driven tests and measuring automation effectiveness. This tool is ideal for organizations aiming to ensure continuous quality and streamline their software delivery process.
-
28
Swagger
SmartBear
Simplify API development for users, teams, and enterprises with the Swagger open source and professional toolset. Find out how Swagger can help you design and document your APIs at scale. The power of Swagger tools starts with the OpenAPI Specification — the industry standard for RESTful API design. Individual tools to create, update and share OpenAPI definitions with consumers. SwaggerHub is the platform solution to support OpenAPI workflows at scale. Swagger open source and pro tools have helped millions of API developers, teams, and organizations deliver great APIs. Swagger offers the most powerful and easiest to use tools to take full advantage of the OpenAPI Specification. -
29
CrowdStrike Container Security
CrowdStrike
Protect cloud-native applications and reduce the attack surface by detecting vulnerabilities, hidden malware, secrets/keys, compliance violations and more — from build to runtime — ensuring only compliant containers run in production.Integrate frictionless security early into the continuous integration/continuous delivery (CI/CD) pipeline, and automate protection that empowers DevSecOps to deliver production-ready applications without impacting build cycles.Build and run applications knowing they are protected. Get access to automated discovery, runtime protection, continuous threat detection and response for cloud workloads and containers, and managed cloud threat hunting in a single platform. Find hidden malware, embedded secrets, configuration issues and more in your images to help reduce the attack surface. -
30
Tromzo
Tromzo
Tromzo builds deep environmental and organizational context from code to cloud so you can accelerate the remediation of critical risks across the software supply chain. Tromzo accelerates the remediation of risks at every layer from code to cloud. We do this by building a prioritized risk view of the entire software supply chain with context from code to cloud. This context helps our users understand which few assets are critical to the business, prevent risks from being introduced to those critical assets, and automate the remediation lifecycle of the few issues that truly matter. Contextual software asset inventory (code repos, software dependencies, SBOMs, containers, microservices, etc.), so you know what you have, who owns them, and which ones are important to the business. Understand the security posture for every team with SLA compliance, MTTR, and other custom KPIs, so you can drive risk remediation and accountability across the organization.