We performed a comparison between Apiiro and SonarQube based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Apiiro's secrets detection feature has saved us several times, which we appreciate greatly."
"The workflow automation is likely the best aspect of the solution."
"The good thing with SonarQube is it covers a lot of issues, it's a very robust framework."
"We use this solution for qualitative coding. We make use of the SonarLint plugin as well as the dashboard."
"The solution is stable."
"The product is simple."
"We are using the Community edition. So, we don't have to incur any licensing costs. This is the best part."
"It is a very good tool for analysis and security vulnerability checking."
"The most valuable feature of this solution is that it is free."
"I follow Quality Gate's graduation model within organization, and it is extremely helpful for me to benchmark products."
"User management is a little bit clunky."
"I would like support for our self-hosted Git server, other than GitHub, just regular Git."
"The documentation is not clear and it needs to be updated."
"I find it is light on the security side."
"We have tens of millions of code to be analyzed and processed. There can be some performance degradation if we are applying Sonar Link to large code or code that is complex. When the code had to be analyzed is when we ran into the main issues. There were several routines involved to solve those performance issues but this process should be improved."
"The BPM language is important and should be considered in SonarQube."
"You may need to purchase add-ons to get the useability you desire."
"In terms of what can be improved, the areas that need more attention in the solution are its architecture and development."
"It would be a great add-on if SonarQube could update its database for vulnerabilities or plugging parts."
"There is no automation. You need to put the code there and test. You then pull the results and put them back in the development environment. There is no integration with the development environment. We would like it to be integrated with our development environment, which is basically the CI/CD pipeline or the IDE that we have."
Apiiro is ranked 21st in Application Security Testing (AST) with 2 reviews while SonarQube is ranked 1st in Application Security Testing (AST) with 110 reviews. Apiiro is rated 8.6, while SonarQube is rated 8.0. The top reviewer of Apiiro writes "A great secrets detection feature, good visibility, and integrates well". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Apiiro is most compared with Snyk, Cycode, Ox Security, Checkmarx One and Semgrep Supply Chain, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk. See our Apiiro vs. SonarQube report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.