We performed a comparison between Check Point CloudGuard WAF and SonarQube based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The tool's most valuable feature is AI, which makes operations easier. Moreover, it is easy to deploy."
"With the solution, we managed to obtain complete comprehensive visibility of the entire environment in the cloud, thus having better control of each of the resources."
"The solution offers continuous security monitoring and alerting, which can help organizations detect and respond to security incidents in real time."
"The most effective CloudGuard feature for threat prevention is its web app protection."
"They offer free trials, which is quite appreciative and grabs more attention from new users and businesses."
"It helps us streamline our revenue streams, and we're spending less money on application security."
"The first valuable feature is that it is not a complex process to get it up and running. It was not complex at all. We were in a close relationship with the team that developed the app, and it worked in a few hours. The second valuable feature is the information that comes out of it."
"On the endpoint side, the most valuable feature is undoubtedly the cloud-based management capability, along with the ransomware protection, despite not encountering any instances so far."
"This solution is simple to use and can be quickly deployed."
"This has improved our organization because it has helped to find Security Vulnerabilities."
"We can create a Quality Gate in order to fail Jenkins jobs where the code coverage is lower than the set percentage."
"It helps our developers work more efficiently as we can identify things in a code prior to it being pushed to where it needs to go."
"The product is simple."
"The most valuable feature is the security hotspot feature that identifies where your code is prone to have security issues."
"The most valuable features are the segregation containment and the suspension of product services."
"The software quality gate streamlines the product's quality."
"A feature we'd like to see in the future is something that could protect against other attack vectors, with a focus on application protection."
"There are occasions when it interfaces with other systems, leading to a loss of visibility."
"I do not know if it is already there, but I would like to have complete visibility between the posture management and firewall as a service."
"I advise proactive threat detection intelligence offline, which can also help monitor and ensure system checks and compliances are in place."
"The documentation needs to be updated, more improved, and simplified... so that even a beginner can start with this application. It can make things more beginner-friendly."
"We would like the solution to be more economical since it is not accessible to all clients."
"I would like to be able to integrate the theme of Artificial Intelligence to help review issues and to monitor and view the security issue while also suggesting and interpreting and additionally configuring solutions - basically, acting as an interpreter."
"We would like to have a solution of this type for the administration of applications from mobile devices."
"You may need to purchase add-ons to get the useability you desire."
"If I configure a project in SonarQube, it generates a token. When we're compiling our code with SonarQube, we have to provide the token for security reasons. If IP-based connectivity is established with the solution, the project should automatically be populated without providing any additional token. It will be easy to provide just the IP address. It currently supports this functionality, but it makes a different branch in the project dashboard. From the configuration and dashboard point of view, it should have some transformations. There can be dashboard integration so that we can configure the dashboard for different purposes."
"A robust credential scanner would be a huge bonus as it would remove the need for yet another niche product."
"We could use some team support, but since we are using the community version, it's not available."
"There are limitations to the free version that limit development options as far as languages."
"Having performance regression would be a helpful add on or ability to be able to do during the scan."
"Their dashboarding is very limited. They can improve their dashboards for multiple areas, such as security review, maintainability, etc. They have all this information, so they should publish all this information on the dashboard so that the users can view the summary and then analyze it further. This is something that I would like to see in the next version."
"The implementation of the solution is straightforward. However, we did have some initial initialization issues at the of the projects. I don't think it was SonarQube's fault. It was the way it was implemented in our organization because it's mainly integrated with many software, such as Jira, Confluence, and Butler."
Check Point CloudGuard WAF is ranked 11th in Application Security Tools with 30 reviews while SonarQube is ranked 1st in Application Security Tools with 110 reviews. Check Point CloudGuard WAF is rated 9.0, while SonarQube is rated 8.0. The top reviewer of Check Point CloudGuard WAF writes "Automation capabilities also help streamline security processes and smooths down API integration processes and detects API availability". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Check Point CloudGuard WAF is most compared with Checkmarx One, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk. See our Check Point CloudGuard WAF vs. SonarQube report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.