SonarQube Review

Good static code analysis but it's not stable and the installation is not user-friendly


What is our primary use case?

We use it for the static analysis of the source code to find issues or vulnerabilities.

What is most valuable?

The static code analysis is very good. In the banking sector, we have found several vulnerabilities and many issues in the source code.

What needs improvement?

If you don't have any experience with the configuration or how to configure the files, it can be complicated. The installation needs to be more user-friendly, as well as the interface, which could be more user-friendly.

For how long have I used the solution?

I use the full trial version of SonarQube. I have been using the latest version of SonarQube for six months.

What do I think about the stability of the solution?

There are issues with stability. It needs improvement.

We have four members in our organization who are using this solution.

What do I think about the scalability of the solution?

I am not able to evaluate the scalability. Once we go with the Enterprise version, we will know after three months, how efficient and scalable it is with large applications.

How are customer service and technical support?

I have not contacted technical support.

How was the initial setup?

The initial setup is straightforward. This solution is easy to install. It only takes five minutes.

We require a team of five to deploy and maintain it.

What about the implementation team?

I completed the installation myself.

Which other solutions did I evaluate?

We are also evaluating Acunetix and will know what direction we want to go in the next few weeks.

Based on the testing, Acunetix offers something different. Acunetix has many features that are not found in SonarQube.

What other advice do I have?

The enterprise version comes with many features. I have not been able to test it all because I am using the evaluation version. After three months of using this solution, I will have a better understanding of it.

We plan to continue using SonarQube. Some feel that it is unfair to compare SonarQube with other solutions as it has so many features.

I would rate this solution a seven out of ten.

Which deployment model are you using for this solution?

On-premises

Which version of this solution are you currently using?

Trial
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More SonarQube reviews from users
...who work at a Computer Software Company
...who compared it with Fortify Application Defender
Learn what your peers think about SonarQube. Get advice and tips from experienced pros sharing their opinions. Updated: August 2021.
535,919 professionals have used our research since 2012.
Add a Comment
ITCS user
Guest