How does OpenText SAST 26.2 improve CI/CD security?

OpenText SAST 26.2 improves CI/CD security by aligning static analysis with current build tools such as MSBuild and xcodebuild. This allows development teams to keep security gates active during platform upgrades. Merito helps enterprises integrate OpenText SAST into Jenkins, Azure DevOps, GitHub, and other enterprise CI/CD environments with policy automation and centralized governance.

What languages are supported in OpenText SAST 26.2?

OpenText SAST 26.2 supports updated versions of C++, Kotlin, Swift, and PHP. It also expands AI-powered support for COBOL and Fortran. This broadens coverage across modern and legacy applications. Merito helps enterprises assess language compatibility, design rollout plans, and optimize scanning policies across mixed technology portfolios.

How does OpenText SAST help with software supply chain security?

OpenText SAST helps software supply chain security by identifying vulnerabilities in source code before software reaches release stages. Consistent static analysis reduces exposure to exploitable flaws across internal and customer-facing applications. Merito helps organizations integrate SAST into broader DevSecOps programs alongside SCA, DAST, and policy-driven release governance.

Who can help buy, implement, and renew OpenText SAST?

Merito is a value-added partner that helps enterprises evaluate, buy, implement, optimize, and renew OpenText SAST. Merito combines licensing expertise with deep technical services across DevSecOps, application security, and enterprise SDLC transformation. This helps customers move from tool purchase to measurable business outcomes.

OpenText Fortify SAST 26.2 features and enterprise impact

OpenText

OpenText SAST 26.2: Enterprise AppSec Updates That Improve Scan Coverage And Release Control

OpenText SAST 26.2 adds support for modern languages, AI-powered static analysis, and updated enterprise build environments.

April 21, 2026By Chris Carpenter

Back to product release updates

OpenText SAST 26.2: Why this release matters for enterprise AppSec and software delivery

OpenText SAST 26.2 focuses on a practical requirement for large software organizations: security tools must keep pace with the platforms and languages development teams already use. When security scanners fall behind engineering standards, release pipelines slow down, governance gaps appear, and risk reporting loses credibility.

This release is important because it strengthens three enterprise priorities:

Coverage across modern and legacy technology stacks
Consistent policy enforcement in CI/CD
Better evidence for audits and security reviews

For engineering leaders, these updates affect more than AppSec. They influence delivery velocity, platform modernization, and board-level software supply chain risk reporting.

Why platform compatibility matters to enterprise teams

Enterprise application portfolios rarely run on a single stack. Most organizations operate a mix of cloud-native applications, mobile platforms, and legacy systems. Security tools need to support all of them without forcing exceptions.

OpenText SAST 26.2 adds support for newer operating systems and build environments. This includes support for current Windows Server and macOS environments used in enterprise build farms.

This matters because:

Security teams can standardize secure build runners
Platform teams can retire unsupported analysis hosts
Audit teams can validate that security controls run on approved infrastructure

For regulated industries, unsupported security infrastructure creates governance exposure. A scanner that only runs on older nodes often becomes an audit exception.

Frequently Asked Questions

OpenText SAST 26.2 includes updated support for modern operating systems, newer programming languages, expanded AI-powered static analysis, and improved scan policy filtering. These updates help enterprises maintain application security coverage across modern software delivery environments. Merito helps organizations implement OpenText SAST upgrades with CI/CD integration, governance workflows, and validation plans that reduce operational disruption during rollout.

OpenText SAST 26.2 supports current build tools, modern programming languages, and improved analysis accuracy. Enterprises benefit from stronger release governance, improved security scan consistency, and reduced toolchain compatibility issues. Merito supports upgrade planning, implementation, and renewal services for OpenText SAST so security teams can adopt new capabilities without affecting delivery timelines or compliance controls.

OpenText SAST 26.2 expands AI-powered static analysis and supports GPT-5 compatible models through Azure and OpenAI environments. This allows enterprises to extend static analysis across more languages while applying enterprise-approved AI controls. Merito helps organizations implement AI-powered SAST with governance frameworks, audit evidence, and policy controls suited for regulated software delivery.

The best implementation approach includes pipeline integration, policy standardization, and phased onboarding across application portfolios. Enterprises often start with high-risk applications and expand to broader business units. Merito acts as the value-added partner of choice for OpenText SAST procurement, implementation, optimization, and renewal across complex software delivery organizations.

OpenText SAST is widely used in regulated industries including banking, healthcare, government, and manufacturing because it supports audit-ready evidence and policy enforcement. Security findings can be tied to release records and compliance workflows. Merito helps regulated enterprises design AppSec operating models that align OpenText SAST with compliance frameworks, audit expectations, and executive reporting.

OpenText SAST 26.2: Enterprise AppSec Updates That Improve Scan Coverage And Release Control

Related Product Release Updates

Checkmarx One 3.54 Update: Stronger Application Security Governance And CI/CD Integration

Semgrep February 2026 Update: Improving Enterprise Application Security Operations

OpenText AQM Octane 26.1: Enterprise Test Management With Governance And Speed

Previous and Next Product Release Updates

Black Duck Coverity 2026.3.0: Better Automation, Stronger Governance, And Smarter AppSec Operations

Sonatype IQ Server 202 and 202.1: What Enterprise DevSecOps Teams Should Know About Container Governance