We performed a comparison between Apiiro and SonarQube based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The workflow automation is likely the best aspect of the solution."
"Apiiro's secrets detection feature has saved us several times, which we appreciate greatly."
"The solution's user interface is very user-friendly."
"All the features of the solution are quite good."
"It easily ties into our continuous integration pipeline."
"It automatically scans for code, detects vulnerabilities, and generates daily reports."
"The most valuable features are the dashboard, the ability to drill down to the code, user-friendly, and the technical debt estimation."
"The integrations SonarQube provides with our software delivery pipeline are very seamless."
"Provides local scanning for developers."
"Improve the code coverage and evaluates the technical steps and percentage of code being resolved."
"I would like support for our self-hosted Git server, other than GitHub, just regular Git."
"User management is a little bit clunky."
"The scanning part could be improved in SonarQube. We have used Coverity for scanning, and we have the critical issues reported by Coverity. When we used SonarQube for scanning and looked at the results, it seems that some of them have incorrect input. This part can be improved for C and C++ languages."
"SonarQube could improve by adding automatic creation of tasks after scanning and more support for the Czech language."
"We could use some team support, but since we are using the community version, it's not available."
"SonarQube's detail in the security could be improved. It may be helpful to have additional details, with regards to Oracle PL/SQL. For example, it's neither as built nor as thorough as Java. For now, this is the only additional feature I would like to see."
"The product's user documentation can be vastly improved."
"This is a well-rounded solution, however, some features could be made available on the free version. The price of the solution could be reduced."
"The time it took for me to do the whole process was approximately two hours because I had to download, read the documentation, and do the configurations."
"I think the code security can be improved."
Apiiro is ranked 21st in Static Application Security Testing (SAST) with 2 reviews while SonarQube is ranked 1st in Static Application Security Testing (SAST) with 110 reviews. Apiiro is rated 8.6, while SonarQube is rated 8.0. The top reviewer of Apiiro writes "A great secrets detection feature, good visibility, and integrates well". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Apiiro is most compared with Snyk, Ox Security, Cycode, Semgrep Supply Chain and Checkmarx One, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk. See our Apiiro vs. SonarQube report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.