We performed a comparison between Digital.ai Application Security and SonarQube based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."I used the tool to prepare for the interview as a Business Developer. It helped me improve my understanding on software security."
"SonarQube: Recording of issues over a period of time, with an indication of the addition in the new issues or the reduction of existing issues (which were fixed)."
"The software quality gate streamlines the product's quality."
"The depth features I have found most valuable. You receive a quick comprehensive comparison overview regarding the current release and the last release and what type of depths dependency or duplication should be used. This is going to help you to make a more readable code and have more flexibility for the engineers to understand how things should work when they do not know."
"I like the by-default policies that are they, as they seem to cover most of what I need."
"Issue Explanations: Documentation with detailed samples. Helps in growing technical knowledge and re-writing logic to conforming solutions."
"This solution is simple to use and can be quickly deployed."
"Integrate it into the developers' workbench so that they can bench check their code against what will be done in the server-based audit version."
"I follow Quality Gate's graduation model within organization, and it is extremely helpful for me to benchmark products."
"I would like the tool to integrate AI and automation that is dedicated to detecting software vulnerabilities."
"The time it took for me to do the whole process was approximately two hours because I had to download, read the documentation, and do the configurations."
"The product's pricing could be lower."
"SonarQube could be improved with more dynamic testing—basically, now, it's a static code analysis scan. For example, when the developer writes the code and does the corresponding unit test, he can cover functional and non-functional. So the SonarQube could be improved by helping to execute unit tests and test dynamically, using various parameters, and to help detect any vulnerabilities. Currently, it'll just give the test case and say whether it passes or fails—it won't give you any other input or dynamic testing. They could use artificial intelligence to build a feature that would help developers identify and fix issues in the early stages, which would help us deliver the product and reduce costs. Another area with room for improvement is in regard to automating things, since the process currently needs to be done manually."
"SonarQube's detail in the security could be improved. It may be helpful to have additional details, with regards to Oracle PL/SQL. For example, it's neither as built nor as thorough as Java. For now, this is the only additional feature I would like to see."
"An improvement is with false positives. Sometimes the tool can say there is an issue in your code but, really, you have to do things in a certain way due to external dependencies, and I think it's very hard to indicate this is the case."
"The implementation of the solution is straightforward. However, we did have some initial initialization issues at the of the projects. I don't think it was SonarQube's fault. It was the way it was implemented in our organization because it's mainly integrated with many software, such as Jira, Confluence, and Butler."
"There isn't a very good enterprise report."
"I would like to see dynamic code analysis in the next version of the software."
Digital.ai Application Security is ranked 36th in Application Security Tools with 1 review while SonarQube is ranked 1st in Application Security Tools with 108 reviews. Digital.ai Application Security is rated 6.0, while SonarQube is rated 8.0. The top reviewer of Digital.ai Application Security writes "Helps to improve knowledge on software security ". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Digital.ai Application Security is most compared with PortSwigger Burp Suite Professional and Fortify Application Defender, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.