SonarQube Review

A stable solution for analysis and security vulnerability checking


What is our primary use case?

We use SonarQube to scan our security protection.

What is most valuable?

It is a very good tool for analysis and security vulnerability checking.

What needs improvement?

The scanning part could be improved in SonarQube. We have used Coverity for scanning, and we have the critical issues reported by Coverity. When we used SonarQube for scanning and looked at the results, it seems that some of them have incorrect input. This part can be improved for C and C++ languages.

For how long have I used the solution?

I have been using this solution for a couple of weeks.

What do I think about the stability of the solution?

It is stable.

What do I think about the scalability of the solution?

We haven't evaluated its scalability.

How are customer service and technical support?

I just use our internal IT to get support for SonarQube. That is enough for me.

Which solution did I use previously and why did I switch?

We were previously using Coverity. We used it for three years or so.

How was the initial setup?

We just use the Enterprise SonarQube instance provided by our company.

What other advice do I have?

I would recommend this solution. I would rate SonarQube an eight out of ten.

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More SonarQube reviews from users
...who work at a Computer Software Company
...who compared it with Fortify Application Defender
Learn what your peers think about SonarQube. Get advice and tips from experienced pros sharing their opinions. Updated: August 2021.
535,919 professionals have used our research since 2012.
Add a Comment
ITCS user
Guest