We performed a comparison between Acunetix and SonarQube based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."For us, the most valuable aspect of the solution is the log-sequence feature."
"The solution is highly stable."
"Their technical support has been very active. If I have an issue, I can reach out to them and get an answer pretty quick."
"One of the features that I feel is groundbreaking, that I would like to see expanded on, is the IAS feature: The Interactive Application Security Testing module that gets loaded onto an application on a server, for more in-depth, granular findings. I think that is really neat. I haven't seen a lot of competitors doing that."
"We use the solution for the scanning of vulnerabilities like SQL injections."
"Overall, it's a very good tool and a very good engine."
"The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning time depends on the application's code."
"The most valuable feature of Acunetix is the UI and the scan results are simple."
"Strong code evaluation for budget-minded clients."
"The most valuable features are code scanning and Quality Gates."
"The solution has a plug-in that supports both C and C++ languages."
"The most valuable features are the analysis and detection of issues within the application code."
"With SonarQube's web interface, it is easy to drill down to see the individual problems, but also to look at the project from above and get the big picture, with possible larger problem areas."
"Apart from the security point of view, I like that it makes it easy to detect code smells and other issues in terms of code quality and standards."
"This solution has helped with the integration and building of our CICD pipeline."
"Integrate it into the developers' workbench so that they can bench check their code against what will be done in the server-based audit version."
"Acunetix needs to improve its cost."
"Acunetix needs to be dynamic with JavaScript code, unlike Netsparker which can scan complex agents."
"Acunetix needs to include agent analysis."
"We want to see how much bandwidth usage it consumes. When we monitor traffic we have issues with the consumption and throttling of the traffic."
"The solution can be improved by adding the ability to scan subdomains automatically, and by providing reports that can be exported to external databases to share with other solutions."
"We have had issues during upgrades where their scans worked on some apps better with previous versions. Then, we had to work with their tech support, who were great, to get it fixed for the next version."
"The solution's pricing could be better."
"The jargon used makes it difficult for project managers to understand the issues, and the technical explanations used make it difficult for developers to understand issues. These things should be simplified much more. That would be very helpful for us when explaining to them what needs to be fixed. The report output needs to be simplified."
"SonarQube is not development-centric like Snyk."
"I find it is light on the security side."
"The interface could be a little better and should be enhanced."
"The product needs to integrate other security tools for security scanning."
"In terms of what can be improved, the areas that need more attention in the solution are its architecture and development."
"The solution could improve the management reports by making them easier to understand for the technical team that needs to review them."
"It would be a great add-on if SonarQube could update its database for vulnerabilities or plugging parts."
"I think the code security can be improved."
Acunetix is ranked 16th in Application Security Tools with 26 reviews while SonarQube is ranked 1st in Application Security Tools with 108 reviews. Acunetix is rated 7.6, while SonarQube is rated 8.0. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, PortSwigger Burp Suite Professional, HCL AppScan and Tenable Nessus, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk. See our Acunetix vs. SonarQube report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.