SonarQube Review

Free, scalable, but documentation needs improvement

What is our primary use case?

I use this solution for our staging environment to review the security issues before going live or into production.

What needs improvement?

I have found this solution creates more noise than competitors. 

The documentation and reporting extract can improve because other solutions are far more advanced.

For how long have I used the solution?

I have been using this solution for approximately two years.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

The solution is scalable. However, we do not use it as a SaaS solution, we use it for our staging environment at a minimum scale. 

We have approximately 10 people using this solution in my organization.

Which solution did I use previously and why did I switch?

Previously I worked with Fortify and Veracode and I have found those tools provided much better because they are from a commercial solution.

What about the implementation team?

Our development team did the implementation of this solution.

What's my experience with pricing, setup cost, and licensing?

This solution is free.

What other advice do I have?

My advice to others is this solution is one of the best in the free market in the industry and it is a good one to use.

I rate SonarQube a seven out of ten.

Which deployment model are you using for this solution?

Public Cloud

Which version of this solution are you currently using?

Latest version
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More SonarQube reviews from users
...who work at a Financial Services Firm
...who compared it with Veracode
Learn what your peers think about SonarQube. Get advice and tips from experienced pros sharing their opinions. Updated: May 2021.
511,521 professionals have used our research since 2012.
Add a Comment
ITCS user