SonarQube Competitors and Alternatives

Get our free report covering Veracode, Checkmarx, Micro Focus, and other competitors of SonarQube. Updated: October 2019.
372,374 professionals have used our research since 2012.

Read reviews of SonarQube competitors and alternatives

Ernst Marais
Real User
Software Architect at Digital Solution Foundry (Pty) Ltd
Sep 05 2019

What is most valuable?

The most valuable feature is the time to resolution, where it tells you how long it is going to take to get to a zero-base or a five-star security rating. The interface is usable and friendly.

How has it helped my organization?

This solution has improved the quality of the process, in general. This solution helps us to catch issues early on, and find problems that we never knew we had. This results in things being more secure.

What needs improvement?

The rate of false positives, where it reports issues that are not really issues, can be improved. Scanning of vulnerabilities on open-source projects is not particularly useful as it is. I would like to see better integration with Azure… more»

If you previously used a different solution, which one did you use and why did you switch?

We are also using SonarQube in parallel with this solution. SonarQube is a good product, but I prefer Kiuwan from a functional perspective.

What other advice do I have?

This is a solution that I recommend. The biggest lesson that I have learned from using this software is that we weren't as secure as we had thought. You think that you have pretty decent security until you get the tool and see where you are… more»
Bus432Anly
Real User
Business Analyst at a tech services company with 201-500 employees
Nov 01 2018

What do you think of Checkmarx?

What is our primary use case?

Our primary use case solution is for code scanning.

How has it helped my organization?

It has made our organization more efficient with our whole code scan/deployment process for our software applications.

What is most valuable?

The most valuable features are: Ease of use Dashboard Interface Report

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

I have not had an issue with stability of the product.

What do I think about the scalability of the solution?

There have been no issues with scalability that I am aware of.

How is customer service and technical support?

I have not needed the use of technical support.

Which solutions did we use previously?

Previously, we…
MahendraAitha
Real User
Lead Security Engineer at a tech vendor with 201-500 employees
May 24 2018

What is most valuable?

Scanning of .war and .jar.

How has it helped my organization?

It helps in achieving secure programming. Veracode provides us with industry best practices according to OWASP, CERT, and SANS. Our customers get the security of bug-free… more»

What needs improvement?

Raw file scans and dynamic scans would be an improvement, instead of dealing with code binaries.

What's my experience with pricing, setup cost, and licensing?

The pricing is good for static code analysis.

If you previously used a different solution, which one did you use and why did you switch?

We used SonarQube but to improve security in SAST we choose this.

What other advice do I have?

Implement this solution if you see WAF and SOC in your future.

Which other solutions did I evaluate?

Checkmarx, SonarQube.
Get our free report covering Veracode, Checkmarx, Micro Focus, and other competitors of SonarQube. Updated: October 2019.
372,374 professionals have used our research since 2012.
Sign Up with Email