We use SonarQube to check for vulnerabilities and quality.
The easiest route - we'll conduct a 15 minute phone interview and write up the review for you.
Use our online form to submit your review. It's quick and you can post anonymously.
We use SonarQube to check for vulnerabilities and quality.
The solution has helped us to find flaws in the Syntax and comply with requirements.
I have found the most valuable features to be scanning for bugs or fixing the hotspot. These features have helped to improve the code quality.
I think the code security can be improved. Code security should comply with the standard security list.
I would like to see the feature of Compliance Reporting added to the solution.
I have been using this solution for two years.
I would rate the stability a ten out of ten.
About ten people in my company are using this solution. On average, we use this solution once in a week.
We chose SonarQube due to its free community edition. After a while, when we will need more features, we will probably purchase the solution next year.
I would rate the initial setup a ten out of ten. The solution is easy to install and use. It took us only a day to deploy SonarQube. We downloaded the solution and followed the setup process. We simply integrated this solution with Azure DevOps. The maintenance of this solution is handled by one person from the database team.
We implemented the solution through an in-house application developer.
This solution is simple to use and can be quickly deployed. I would rate the solution an eight out of ten.
CAST AIP is a valuable solution for quality metrics and application security. It is beneficial for software architecture detection.
CAST's risk and security flow detection capabilities are highly effective, particularly in identifying security vulnerabilities. It is one of the most important and valuable features of the platform.
Areas for improvement in CAST AIP include enhancing support for implementation in complex environments and improving technical support to address organizational challenges alongside engineering issues.
I have been working with CAST AIP for almost three years.
I would rate the stability of CAST AIP as a ten out of ten. It is very stable.
I would rate the scalability of CAST AIP as an eight out of ten. My clients for CAST AIP are usually enterprise businesses.
I would rate the technical support as a six out of ten. It could be improved.
Neutral
Implementing CAST AIP can be challenging in complex customer environments, but it is easier for software vendors and system integrators. I would rate the easiness of the initial setup as a five out of ten.
Deployment of CAST AIP typically takes at least a few weeks, sometimes even longer, but it's not a quick process.
CAST AIP is very expensive.
CAST AIP supports software process improvement by providing insights into code quality, security, and architecture, aiding in the enhancement of development processes.
CAST AIP helps identify and correct software flaws and it is one of the main strengths of the solution.
The automated code review process in CAST AIP is beneficial and can contribute to the digital transformation of IT shops.
Integrating AIP with existing development tools and ecosystems is challenging but beneficial. With proper support and technical assistance, the process becomes smoother.
I would recommend CAST AIP for organizations with well-established and clear software processes. However, for organizations with complex or less-defined processes, it may not be the best fit.
Overall, I would rate CAST AIP as a seven out of ten.