We performed a comparison between ShiftLeft and SonarQube based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."When it comes to ShiftLeft, the most valuable feature is definitely its ease of use and cost-effectiveness."
"This solution has the capability to analyze source code in almost all the languages in the market."
"The most valuable features are that it is user-friendly, easy to access, and they provide good training files."
"We consider it a handy tool that helps to resolve our issues immediately."
"I like that it covers most programming languages for source code review."
"The fact that the solution does security scanning is valuable."
"The most valuable features are the wide array of languages, multiple languages per project, the breakdown of bugs, and the description of vulnerabilities and code smells (best practices)."
"All the features of the solution are quite good."
"Before you even compile, it can catch known vulnerability issues or patterns."
"Having support from senior management is crucial in making it mandatory for teams to collaborate with the security team throughout the development process."
"If you don't have any experience with the configuration or how to configure the files, it can be complicated."
"Dynamic scanning is missing and there are some issues with security scanning."
"A better design of the interface and add some new rules."
"The solution is a bit lacking on the security side, in terms of finding and identifying vulnerabilities."
"The handling of the contents of Docker container images could be better."
"The security in SonarQube could be better."
"Lacks sufficient visibility and documentation."
"I would like to see more options for security, beyond the basics like SQL injection."
ShiftLeft is ranked 26th in Application Security Tools with 1 review while SonarQube is ranked 1st in Application Security Tools with 110 reviews. ShiftLeft is rated 10.0, while SonarQube is rated 8.0. The top reviewer of ShiftLeft writes "Effectively in identify and fix bugs early in the development lifecycle". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". ShiftLeft is most compared with Black Duck and Semgrep Supply Chain, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.