We performed a comparison between SonarQube and Tenable.io Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The fact that the solution does security scanning is valuable."
"The most valuable feature of this solution is that it is free."
"The most valuable features are the dashboard, the ability to drill down to the code, user-friendly, and the technical debt estimation."
"There are many options and examples available in the tool that help us fix the issues it shows us."
"I like that it helps us maintain our work quality and code security."
"It is an easy tool that you can deploy and configure. After that you can measure the history of your obligation and integrate it with other tools like GitLab or GitHub or Azure DevOps to do quality code analysis."
"Issue Explanations: Documentation with detailed samples. Helps in growing technical knowledge and re-writing logic to conforming solutions."
"The static code analysis of the solution is the most important aspect for us. When it comes to security breaches within the code, we can leverage some rules to allow us to identify the repetition in our code and the possible targets that we may have. It makes it very easy to review our code for security purposes."
"All the features are valuable to us as they offer cutting-edge scanning methods and address the latest issues with a contemporary approach. Tenable.io Web Application Scanning is highly stable. I rate it a nine out ten. Since the solution works on the Cloud, it's highly scalable. I rate the scalability a nine out of ten. The setup of the solution is straightforward. The Return on Investment is substantial. I recommend the solution to all."
"Our customers adopt this solution because of the replication testing and the vulnerability assessment it can do. It is a multi-faceted product."
"The most valuable feature is the reporting, which provides a good level of detail with respect to vulnerabilities."
"Tenable.io Web Application Scanning is very easy to use."
"It collects the vulnerabilities on the hostnames and sends them to the Tenable.io cloud. Tenable has its own cloud where Tenable.io is running, but there are many connectors to other cloud solutions. Tenable can do vulnerability scanning for other cloud managers such as Azure, Amazon, and so on."
"We use the tool for our websites. We have a vulnerable subdomain. The tool helps to scan it for vulnerabilities."
"It is fully automated."
"The most valuable features of Tenable.io Web Application Scanning are the integration into specific use cases and scanning. All of the features of the solution are useful."
"Ease of use/interface."
"A better design of the interface and add some new rules."
"We had some issues where the Quality Gate check sometimes gets stuck and it is unclear."
"The product provides false reports sometimes."
"Currently requires multiple tools, lacking one overall tool."
"The BPM language is important and should be considered in SonarQube."
"Monitoring is a feature that can be improved in the next version."
"We found a solution with dynamic testing, and are looking to find a solution that can be used for both types of testing."
"The solution's dashboards could be improved and made more user-friendly."
"The platform's technical support services could be better."
"Tenable.io Web Application Scanning could improve by offering faster fuzzing."
"They have a general dashboard for web application scanning, but the dashboards and reporting can be improved. They probably have some features in their roadmap."
"Tenable.io Web Application Scanning is not very user-friendly and you need a lot of information to get proper reports. The tool's support is not very responsive."
"The dashboard could be more user-friendly."
"The technical support should be improved. Currently, some attacks are detected while others are not."
"The cloud and the on-premises versions have their own controllers, and there is no way to centrally manage controllers."
More Tenable.io Web Application Scanning Pricing and Cost Advice →
SonarQube is ranked 1st in Application Security Tools with 112 reviews while Tenable.io Web Application Scanning is ranked 24th in Application Security Tools with 14 reviews. SonarQube is rated 8.0, while Tenable.io Web Application Scanning is rated 7.6. The top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". On the other hand, the top reviewer of Tenable.io Web Application Scanning writes "Highly Recommended Solution with Latest Scanning Methods". SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and GitHub Advanced Security, whereas Tenable.io Web Application Scanning is most compared with Acunetix, Qualys Web Application Scanning, Fortify on Demand, PortSwigger Burp Suite Professional and Invicti. See our SonarQube vs. Tenable.io Web Application Scanning report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.