2019-06-13T12:36:00Z

What needs improvement with CodeSonar?

Julia Miller - PeerSpot reviewer
  • 0
  • 3
PeerSpot user
6

6 Answers

SA
Real User
Top 20
2023-07-07T11:30:31Z
Jul 7, 2023

Our license model allows one user per license. Currently, we have limitations for VPN profiles. We can’t share the key with other users. There could be a shared licensing model for the users. It will be very beneficial for a large company site.

Search for a product comparison
Manjunath Nada - PeerSpot reviewer
Real User
Top 10
2022-11-28T17:42:42Z
Nov 28, 2022

I am from the embedded domain, in which typically, our code works on the hardware. We follow a standard called MISRA guidelines. The MISRA guidelines were not appropriately reported. There were some flags or errors. I was working on C++ code and there were certain class categories, which were C standards, and were being reported in C++, where C++ is a higher-level language, some of those may not even be applicable in the latest C++ version that we had. The reporting could improve to make the solution better. In a future release, the solution should upgrade itself to the current trends and differentiate between the languages. If there are any classifications that can be set for these programming languages that would be helpful rather than having everything in the generic category.

KN
Real User
Top 20
2022-11-01T19:13:25Z
Nov 1, 2022

It would be beneficial for the solution to include code standards and additional functionality for security. A higher emphasis is currently placed on quality defects than on security items.

Mathieu ALBRESPY - PeerSpot reviewer
Real User
Top 10
2022-10-31T10:21:54Z
Oct 31, 2022

It was difficult for us to have a rule since we sometimes have an issue based on the rules we apply. I don't know if it's an issue with the MISRA rule or how CodeSonar applies rules. However, it was difficult for us to apply a rule, especially to a part of the code, and not apply it to the rest of the code. It's tricky to understand exactly how CodeSonar is analyzing the code. Basically, making rules not to be applied everywhere in the code is tricky. The initial setup is difficult. It was expensive.

RR
Real User
Top 5
2022-07-04T16:11:00Z
Jul 4, 2022

In terms of areas for improvement, the use case for CodeSonar was good, but compared to other tools, it seems CodeSonar isn't a sound static analysis tool, and this is a major con I've seen from it. Right now, in the market, people prefer sound static analysis tools, so I would have preferred if CodeSonar was developed into a sound static analysis tool formally, in terms of its algorithms, so then you can see it extensively used in the market because at the moment, here in India, only fifty to sixty customers use CodeSonar. If the product is developed into a sound static analysis tool, it could compete with Polyspace, and from its current fifty customers, that number could go up to a hundred.

VV
Real User
2019-06-13T12:36:00Z
Jun 13, 2019

The scanning tool for core architecture could be improved. The core complex is something that we really need to analyze, but the complex feature as a whole is not present in the tool. I would like CodeSonar to support many other programming languages, apart from C and C++. They should support things like AngularJS and Node.js, which are trending in the market right now.

Find out what your peers are saying about CodeSecure, Sonar, Perforce and others in Application Security Tools. Updated: March 2024.
765,234 professionals have used our research since 2012.
Application Security Tools
Application security is a significant challenge for software engineers, as well as for security and DevOps professionals. It comprises the measures taken to improve the security of online services and websites against malicious attacks by finding, repairing, and preventing security weaknesses and vulnerabilities.
Download Application Security Tools ReportRead more

Related Q&As