2020-05-21 20:10:00 UTC

Checkmarx vs SonarQube; SonarQube interoperability with Checkmarx or Veracode

I am looking for pros and cons for the Checkmarx vs SonarQube, in particular regarding:

  • false positives
  • tuning Sonarqube to reduce false positives without introducing false negatives. 

I am also wondering if SonarQube could allow developers to delint their code before submitting it to SAST with either Checkmarx or Veracode. 

Find out what your peers are saying about SonarQube, Veracode, Sonatype and others in Application Security. Updated: June 2020.
425,604 professionals have used our research since 2012.