ERPScan SMART Cybersecurity Platform vs SonarQube Comparison 2024

ERPScan SMART Cybersecurity Platform

SonarQube

ERPScan SMART Cybersecurity Platform

Read 1 ERPScan SMART Cybersecurity Platform review

143 views|60 comparisons

SonarQube

Read 110 SonarQube reviews

53,062 views|42,321 comparisons

Comparison Buyer's Guide

Download the complete report

Buyer's Guide

Application Security Tools

April 2024

Executive Summary

We performed a comparison between ERPScan SMART Cybersecurity Platform and SonarQube based on real PeerSpot user reviews.

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools.

To learn more, read our detailed Application Security Tools Report (Updated: April 2024).

Download the complete report

770,292 professionals have used our research since 2012.

Featured Review

TundeOgunkoya

Consulting Partner, Cyber Security Delivery - Africa at DeltaGRiC Consulting

Good core scanning, a helpful GDPR assessment template and very good technical support

Wang Dayong

Senior Software Engineering Manager at Hill

Easy to integrate and has a plug-in that supports both C and C++ languages

When we deliver a code, the solution scans the code and reports whether the code has bugs or any other vulnerability issues. Thus the solution... Read more →

Quotes From Members

We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:

Pros

"The core scanning, the scanning process, has got a very nice pass management module. It's fantastic."

More ERPScan SMART Cybersecurity Platform Pros →

"There is a free version.""I am only interested in the security features in SonarQube. There are plenty of features other features, such as test coverage, code anomalies, and pointer access are handled by the business logic teams. They get the reports and they have to fix them in JIRA or Bugzilla.""SonarQube is useful for controlling all of our Azure task tracking and scanning.""This solution has the capability to analyze source code in almost all the languages in the market.""The most valuable features are the wide array of languages, multiple languages per project, the breakdown of bugs, and the description of vulnerabilities and code smells (best practices).""It has very good scalability and stability.""It provides the security that is required from a solution for financial businesses.""The solution offers a very good community edition."

More SonarQube Pros →

Cons

"The anomaly detection could be improved."

More ERPScan SMART Cybersecurity Platform Cons →

"This is a well-rounded solution, however, some features could be made available on the free version. The price of the solution could be reduced.""Currently requires multiple tools, lacking one overall tool.""I would also like SonarQube to be able to write custom scanning rules. More documentation would be helpful as well because some of our guys were struggling with the customization script.""We've been using the Community Edition, which means that we get to use it at our leisure, and they're kind enough to literally give it to us. However, it takes a fair amount of effort to figure out how to get everything up and running. Since we didn't go with the professional paid version, we're not entitled to support. Of course that could be self-correcting if we were to make the step to buy into this and really use it. Then their technical support would be available to us to make strides for using it better.""The software testing tool capability could improve. It does not always integrate well. You have to use a specific plugin and the plugin does not always go in Apple's applications.""A robust credential scanner would be a huge bonus as it would remove the need for yet another niche product.""I think the code security can be improved.""From a reporting perspective, we sometimes have problems interpreting the vulnerability scan reports. For example, if it finds a possible threat, our analysts have to manually check the provided reports, and sometimes we have issues getting all the data needed to properly verify if it's accurate or not."

More SonarQube Cons →

Pricing and Cost Advice

Information Not Available

"This is open source."

"We did not purchase a license (required for C++ support), but this option was considered."

"Get the paid version which allows the customized dashboard and provides technical support."

"People can try the free licenses and later can seek buying plugins/support, etc. once they started liking it."

"This product is open source and very convenient."

"The licence is standard open source licensing"

"The price point on SonarQube is good."

"Some of the plugins that were previously free are not free now."

More SonarQube Pricing and Cost Advice →

See Which Vendors Are Best For You

Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.

See Recommendations

770,292 professionals have used our research since 2012.

Questions from the Community

What do you like most about ERPScan SMART Cybersecurity Platform?

Top Answer:I have been using ERPScan SMART Cybersecurity Platform for quite some time and I must say, the platform offers one of the best security measures across enterprise networks. The platform is completely… more »

Read all 2 answers →

Is SonarQube the best tool for static analysis?

Top Answer:I am not very familiar with SonarQube and their solutions, so I can not answer But if you are asking me about which tools that are the best for for Static Code Analysis, I suggest you have a look… more »

Read all 10 answers →

Which gives you more for your money - SonarQube or Veracode?

Top Answer:SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use… more »

Read all 6 answers →

How would you decide between Coverity and Sonarqube?

Top Answer:We researched Coverity, but in the end, we chose SonarQube. SonarQube is a tool for reviewing code quality and security. It helps to guide our development teams during code reviews by providing… more »

Ranking

55th

out of 74 in Application Security Tools

Views

143

Comparisons

Reviews

Average Words per Review

Rating

N/A

1st

out of 74 in Application Security Tools

Views

53,062

Comparisons

42,321

Reviews

Average Words per Review

358

Rating

8.1

Comparisons

Onapsis vs. ERPScan SMART Cybersecurity Platform

Compared 100% of the time.

More ERPScan SMART Cybersecurity Platform Competitors →

Checkmarx One vs. SonarQube

Compared 21% of the time.

SonarCloud vs. SonarQube

Compared 12% of the time.

Coverity vs. SonarQube

Compared 11% of the time.

Veracode vs. SonarQube

Compared 10% of the time.

Snyk vs. SonarQube

Compared 6% of the time.

More SonarQube Competitors →

Also Known As

Sonar

Learn More

Video Not Available

Interactive Demo

Demo Not Available

Overview

ERPScan’s primary mission is to bridge the gap between technical and business security, and provide solutions to evaluate and secure SAP and Oracle ERP systems and business-critical applications from both, cyber-attacks as well as internal fraud.

SonarQube is a self-managed open-source platform that helps developers create code devoid of quality and vulnerability issues. By integrating seamlessly with the top DevOps platforms in the Continuous Integration (CI) pipeline, SonarQube continuously inspects projects across multiple programming languages, providing immediate status feedback while coding. SonarQube’s quality gates become part of your release pipeline, displaying pass/fail results for new code based on quality profiles you customize to your company standards. Following Sonar’s Clean as You Code methodology guarantees that only software of the highest quality makes it to production.

At its core, SonarQube includes a static code analyzer that identifies bugs, security vulnerabilities, hidden secrets, and code smells. The platform guides you through issue resolution, fostering a culture of continuous improvement. SonarQube’s comprehensive reporting is a valuable tool for dev teams to monitor their codebase's overall health and quality across multiple projects in their portfolio. With SonarQube, you can achieve a state of Clean Code, leading to secure, reliable, and maintainable software.

Sonar is the only solution combining the power of industry-leading software quality analysis with static application security testing (SAST) and real-time coding guidance in the IDE (with SonarLint) to meet the DevOps and DevSecOps demand of putting agility, automation, and security in the hands of developers. Further accelerate DevOps continuous integration by helping developers find and fix issues in code before the software testing stage, reducing the churn of finding, fixing, rebuilding, and retesting your app.

With over 5,000 Clean Code rules, SonarQube analyzes 30+ of the most popular programming languages, including dozens of frameworks, the top DevOps platforms (GitLab, GitHub, Azure DevOps, and Bitbucket, and more), and the leading infrastructure as code (IaC) platforms.

SonarQube is the most trusted static code analyzer used by over 7 million developers and 400,000 organizations globally to clean over half a trillion lines of code.

Sample Customers

Wired

Top Industries

No Data Available

REVIEWERS

Computer Software Company30%

Financial Services Firm21%

Comms Service Provider7%

Manufacturing Company7%

VISITORS READING REVIEWS

Financial Services Firm17%

Computer Software Company15%

Manufacturing Company11%

Government6%

Company Size

No Data Available

REVIEWERS

Small Business25%

Midsize Enterprise16%

Large Enterprise59%

VISITORS READING REVIEWS

Small Business17%

Midsize Enterprise13%

Large Enterprise70%

ERPScan SMART Cybersecurity Platform vs SonarQube comparison