We performed a comparison between Acunetix and SonarQube based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We are able to create a report which shows the PCI DSS scoring and share it with the application teams. Then, they can correlate and see exactly what they need to fix, and why."
"The most valuable feature of Acunetix is the UI and the scan results are simple."
"The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning time depends on the application's code."
"The solution is highly stable."
"For us, the most valuable aspect of the solution is the log-sequence feature."
"The vulnerability scanning option for analyzing the security loopholes on the websites is the most valuable feature of this solution."
"Our developers can run the attacks directly from their environments, desktops."
"Overall, it's a very good tool and a very good engine."
"We have the software metrics that SonarQube gives us, which is something we did not have before. This helps us work towards aiming coding standards to empower us to move in the direction of better code quality. SonarQube provides targets and metrics for that."
"The most valuable features are code scanning and Quality Gates."
"There are many options and examples available in the tool that help us fix the issues it shows us."
"SonarQube is one of the more popular solutions because it supports 29 languages."
"SonarQube: Recording of issues over a period of time, with an indication of the addition in the new issues or the reduction of existing issues (which were fixed)."
"I like that it has a better dashboard compared to Clockwork. It's also stable."
"SonarQube is admin friendly."
"Apart from the security point of view, I like that it makes it easy to detect code smells and other issues in terms of code quality and standards."
"When monitoring the traffic we always have issues with the bandwidth consumption and the throttling of traffic."
"I had some issues with the JSON parameters where it found some strange vulnerabilities, but it didn't alert the person using it or me about these vulnerabilities, e.g., an error for SQL injection."
"The pricing is a bit on the higher side."
"The solution can be improved by adding the ability to scan subdomains automatically, and by providing reports that can be exported to external databases to share with other solutions."
"There is room for improvement in website authentication because I've seen other products that can do it much better."
"Tools that would allow us to work more efficiently with the mobile environment, with Android and iOS."
"The solution limits the number of scans. It would be much better if we could have unlimited scans."
"We want to see how much bandwidth usage it consumes. When we monitor traffic we have issues with the consumption and throttling of the traffic."
"We did have some trouble with the LDAP integration for the console."
"If there was an official Docker image of SonarQube that could easily integrate into the pipeline would help the user to plug in and plug out and use it directly without any custom configuration. I am not sure if this is being offered already in an update but it would be very helpful."
"Having performance regression would be a helpful add on or ability to be able to do during the scan."
"I would like to see more options for security, beyond the basics like SQL injection."
"A better design of the interface and add some new rules."
"SonarQube's detail in the security could be improved. It may be helpful to have additional details, with regards to Oracle PL/SQL. For example, it's neither as built nor as thorough as Java. For now, this is the only additional feature I would like to see."
"There are limitations to the free version that limit development options as far as languages."
"The handling of the contents of Docker container images could be better."
Acunetix is ranked 17th in Application Security Tools with 26 reviews while SonarQube is ranked 1st in Application Security Tools with 112 reviews. Acunetix is rated 7.6, while SonarQube is rated 8.0. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, PortSwigger Burp Suite Professional, HCL AppScan and Tenable Nessus, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and GitHub Advanced Security. See our Acunetix vs. SonarQube report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.