We performed a comparison between Acunetix and SonarQube based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The scalability is good. The scalability is more than good because it can operate both as a standalone and it can be integrated as part of applications. So that really makes it a very, very versatile solution to have."
"It comes equipped with an internal applicator, which automatically identifies and addresses vulnerabilities within the program."
"Acunetix is the best service in the world. It is easy to manage. It gives a lot of information to the users to see and identify problems in their site or applications. It works very well."
"Overall, it's a very good tool and a very good engine."
"Our developers can run the attacks directly from their environments, desktops."
"We use the solution for the scanning of vulnerabilities like SQL injections."
"The most valuable feature of the solution is the speed at which it can scan multiple domains in just a few hours."
"The most valuable feature of Acunetix is the UI and the scan results are simple."
"This solution is simple to use and can be quickly deployed."
"The good thing with SonarQube is it covers a lot of issues, it's a very robust framework."
"It is working fine. It provides a good value for money."
"It is a good deal compared to all other tools on the market."
"I like that it's easy to navigate not just in terms of code findings but you can actually see them in the context of your source code because it gives you a copy of your code with the items that it found and highlights them. You can see it directly in your code, so you can easily go back and make the corrections in the code. It basically finds the problems for you and tells you where they are."
"We consider it a handy tool that helps to resolve our issues immediately."
"We've configured it to run on each commit, providing feedback on our software quality. ]"
"Can tweak rules and feed them into our build pipelines."
"I had some issues with the JSON parameters where it found some strange vulnerabilities, but it didn't alert the person using it or me about these vulnerabilities, e.g., an error for SQL injection."
"The jargon used makes it difficult for project managers to understand the issues, and the technical explanations used make it difficult for developers to understand issues. These things should be simplified much more. That would be very helpful for us when explaining to them what needs to be fixed. The report output needs to be simplified."
"Acunetix needs to improve its cost."
"There's a clear need for a reduction in pricing to make the service more accessible."
"In terms of what needs improvement, the way the licensing model is currently is not very convenient for us because initially, when we bought it, the licensing model was very flexible, but now it restricts us."
"While we do have it integrated with other solutions, it could still offer more integrations."
"The solution's pricing could be better."
"Integration into other tools is very limited for Acunetix. While we're trying to incorporate a CI/CD process where we're integrating with JIRA and we're integrating with Jenkins and Chef, it becomes problematic. Other tools give you a high integration capability to connect into different solutions that you may already have, like JIRA."
"We had some issues where the Quality Gate check sometimes gets stuck and it is unclear."
"Expression of common vulnerabilities and exposures is not always current."
"Ease of use/interface."
"There is no automation. You need to put the code there and test. You then pull the results and put them back in the development environment. There is no integration with the development environment. We would like it to be integrated with our development environment, which is basically the CI/CD pipeline or the IDE that we have."
"A robust credential scanner would be a huge bonus as it would remove the need for yet another niche product."
"There could be better integration with other products."
"I would like to see improvements in defining the quality sets of rules and the quality to ensure code with low-performance does not end up in production."
"Lacks sufficient visibility and documentation."
Acunetix is ranked 17th in Application Security Tools with 26 reviews while SonarQube is ranked 1st in Application Security Tools with 110 reviews. Acunetix is rated 7.6, while SonarQube is rated 8.0. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, PortSwigger Burp Suite Professional, HCL AppScan and Qualys Web Application Scanning, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk. See our Acunetix vs. SonarQube report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.