CodeSonar Overview

CodeSonar is the #18 ranked solution in our list of application security tools. It is most often compared to SonarQube: CodeSonar vs SonarQube

What is CodeSonar?

GrammaTech enables organizations to develop software applications more efficiently, on-budget, and on-schedule by helping to eliminate harmful defects that can cause system failures, enable data breaches, and ultimately increase corporate liabilities in today’s connected world. GrammaTech is the developer of CodeSonar, the most powerful source and binary code analysis solution available today. Extraordinarily precise, CodeSonar finds, on average, 2 times more serious defects in software than other static analysis solutions. Designed for organizations with zero tolerance for defects and vulnerabilities in their applications, CodeSonar provides static analysis for applications where reliability and security are paramount - widely used by software developers in avionics, medical, automotive, industrial control, and other mission-critical applications. Some of GrammaTech's customers include Toyota, GE, Hyundai, Kawasaki, LG, Lockheed Martin, NASA, Northrop Grumman, Panasonic, and Samsung.

CodeSonar Buyer's Guide

Download the CodeSonar Buyer's Guide including reviews and more. Updated: February 2021

CodeSonar Customers
Viveris, Micrel Medical Devices, Olympus, SOFTEQ, SONY
CodeSonar Video

Pricing Advice

What users are saying about CodeSonar pricing:
  • "Pricing is a bit costly."

CodeSonar Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
CodeSonar677
Senior Solutions Architect at a tech vendor with 1-10 employees
Real User
Jun 16, 2019
Catches critical code defects at the source code level

What is our primary use case?

We use this for catching some of the critical defects at the source code level for C and C++ code.

Pros and Cons

  • "The tool is very good for detecting memory leaks."
  • "The scanning tool for core architecture could be improved."

What other advice do I have?

I would suggest trying out automated tools along with CodeSonar on your project, and you will find out that CodeSonar reports many more defects compared to other static analysis tools, so this is a very important tool. I would rate CodeSonar as nine out of ten.