We performed a comparison between Seeker and SonarQube based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST)."A significant advantage of Seeker is that it is an interactive scanner, and we have found it to be much more effective in reducing the amount of false positives than dynamic scanners such as AppScan, Micro Focus Fortify, etc. Furthermore, with Seeker, we are finding more and more valid (i.e. "true") positives over time compared with the dynamic scanners."
"SonarQube is good in terms of code review and to report on basic vulnerabilities in your applications."
"The most valuable features are the dashboard reports and the ease of integrating it with Jenkins."
"Engineers have also learned from the results and have improved themselves as engineers. This will help them with their careers."
"We consider it a handy tool that helps to resolve our issues immediately."
"It is working fine. It provides a good value for money."
"The product itself has a friendly UI."
"Any developer can easily identify issues using the process flow or steps provided by SonarQube. In terms of integration, SonarQube makes it quite easy, simplifying the steps for users."
"SonarQube is a fantastic tool which saves us precious time."
"One area that Seeker can improve is to make it more customizable. All security scanning tools have a defined set of rules that are based on certain criteria which they will use to detect issues. However, the criteria that you set initially is not something that all applications are going to need."
"The solution could improve by having better-consulting services."
"One thing to improve would be the integration. There is a steep learning curve to get it integrated."
"There isn't a very good enterprise report."
"There are sometimes security breaches in our code, which aren't be caught by SonarQube. In the security area, SonarCube has to improve. It needs to better compete with other products."
"I am not very pleased with the technical debt computation."
"It should be user-friendly."
"During the setup process, we only had one issue related to the number of available files. To perform the analysis, you have quite a lot of available file handles, so we had to increase that limit."
"If there was an official Docker image of SonarQube that could easily integrate into the pipeline would help the user to plug in and plug out and use it directly without any custom configuration. I am not sure if this is being offered already in an update but it would be very helpful."
Seeker is ranked 24th in Static Application Security Testing (SAST) with 1 review while SonarQube is ranked 1st in Static Application Security Testing (SAST) with 112 reviews. Seeker is rated 7.0, while SonarQube is rated 8.0. The top reviewer of Seeker writes "More effective than dynamic scanners, but is missing useful learning capabilities". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Seeker is most compared with Synopsys API Security Testing, Coverity, Contrast Security Assess, Polaris Software Integrity Platform and Checkmarx One, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
