OpenText Core Application Security (Fortify) is a cloud-based application security testing service that provides multiple security testing methodologies without requiring on-premises infrastructure. The platform offers static application security testing (SAST), dynamic application security testing (DAST), mobile application security testing (MAST), software composition analysis (SCA), and interactive application security testing (IAST) capabilities. The service integrates into DevOps pipelines and development tool chains to enable continuous security testing throughout the software development lifecycle. It supports automated scanning of web applications, mobile apps, and APIs, generating detailed vulnerability reports categorized by criticality to help prioritize remediation efforts. The platform includes application security posture management features for tracking and managing security across multiple applications. It provides continuous monitoring capabilities that automatically scan codebases as they evolve to identify new vulnerabilities. The service includes training and educational resources for development and security teams. OpenText Core Application Security is delivered as a managed service with 24/7 support and includes security expert assessments for vulnerability remediation. The platform maintains FedRAMP certification for government use and regularly updates its rule packs to detect the latest vulnerabilities, including risks from AI-generated code.