We performed a comparison between Digital.ai Application Security and SonarQube based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."I used the tool to prepare for the interview as a Business Developer. It helped me improve my understanding on software security."
"This has improved our organization because it has helped to find Security Vulnerabilities."
"The solution offers a very good community edition."
"SonarQube: Recording of issues over a period of time, with an indication of the addition in the new issues or the reduction of existing issues (which were fixed)."
"We are using the Community edition. So, we don't have to incur any licensing costs. This is the best part."
"The good thing with SonarQube is it covers a lot of issues, it's a very robust framework."
"We have worked with the support from SonarQube and we have had good experiences."
"Can tweak rules and feed them into our build pipelines."
"The most valuable features are that it is user-friendly, easy to access, and they provide good training files."
"I would like the tool to integrate AI and automation that is dedicated to detecting software vulnerabilities."
"We had some issues scanning the master branch but when we upgraded to version 7.9 we noticed it does scan the master branch but we had to do a workaround for it to happen. This process could be improved in a future release."
"For improvement, this solution could be offered on Docker and the cloud and the support for this solution could be improved. Customizing rules could also be made simpler."
"SonarQube could improve its static application security testing as per the industry standard."
"The solution could improve by providing more advanced technologies."
"This solution finds issues that are similar to what is found by Checkmarx, and it would be nice if the overlap could be eliminated."
"The product's pricing could be lower."
"The reporting is good, but I am not able to download a specific report as a PDF, so downloading reports is something that should be looked at."
"We also use Fortify, which is another tool to find security errors. Fortify is a better security tool. It is better than SonarQube in finding errors. Sometimes, SonarQube doesn't find some of the errors that Fortify is able to find. Fortify also has a community, which SonarQube doesn't have. Its installation is a little bit complex. We need to install a database, install the product, and specify the version of the database and the product. They can simplify the installation and make it easier. We use docker for the installation because it is easier to use. Its dashboard needs to be improved. It is not intuitive. It is hard to understand the interface, and it can be improved to provide a better user experience."
Digital.ai Application Security is ranked 36th in Application Security Tools with 1 review while SonarQube is ranked 1st in Application Security Tools with 108 reviews. Digital.ai Application Security is rated 6.0, while SonarQube is rated 8.0. The top reviewer of Digital.ai Application Security writes "Helps to improve knowledge on software security ". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Digital.ai Application Security is most compared with PortSwigger Burp Suite Professional and Fortify Application Defender, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.