We performed a comparison between Acunetix and SonarQube based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We use the solution for the scanning of vulnerabilities like SQL injections."
"The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning time depends on the application's code."
"We are able to create a report which shows the PCI DSS scoring and share it with the application teams. Then, they can correlate and see exactly what they need to fix, and why."
"For us, the most valuable aspect of the solution is the log-sequence feature."
"The most valuable feature of Acunetix is the UI and the scan results are simple."
"Their technical support has been very active. If I have an issue, I can reach out to them and get an answer pretty quick."
"The most valuable feature of the solution is the speed at which it can scan multiple domains in just a few hours."
"Picks up weaknesses in our app setups."
"SonarQube is one of the more popular solutions because it supports 29 languages."
"There is a free version."
"My focus is mainly on the DevOps pipeline side of things, and from my perspective, the ease of use and configuration is valuable. It is pretty straightforward to take a deployment pipeline or CI/CD pipeline and integrate SonarQube into it."
"The most valuable features are that it is user-friendly, easy to access, and they provide good training files."
"The solution has a plug-in that supports both C and C++ languages."
"This solution has helped with the integration and building of our CICD pipeline."
"If you want to have your code scanned and timed then this is a good tool."
"SonarQube is scalable. My company has 50 users."
"It should be easier to recreate something manually, with the manual tool, because Acunetix is an automatic tool. If it finds something, it should be easier to manually replicate it. Sometimes you don't get the raw data from the input and output, so that could be improved."
"The only problem that they have is the price. It is a bit expensive, and you cannot change the number of applications for the whole year."
"We have had issues during upgrades where their scans worked on some apps better with previous versions. Then, we had to work with their tech support, who were great, to get it fixed for the next version."
"The pricing is a bit on the higher side."
"When monitoring the traffic we always have issues with the bandwidth consumption and the throttling of traffic."
"There is room for improvement in website authentication because I've seen other products that can do it much better."
"The solution's pricing could be better."
"While we do have it integrated with other solutions, it could still offer more integrations."
"This solution finds issues that are similar to what is found by Checkmarx, and it would be nice if the overlap could be eliminated."
"The product must improve security analysis."
"In terms of what can be improved, the areas that need more attention in the solution are its architecture and development."
"It should be user-friendly."
"If I configure a project in SonarQube, it generates a token. When we're compiling our code with SonarQube, we have to provide the token for security reasons. If IP-based connectivity is established with the solution, the project should automatically be populated without providing any additional token. It will be easy to provide just the IP address. It currently supports this functionality, but it makes a different branch in the project dashboard. From the configuration and dashboard point of view, it should have some transformations. There can be dashboard integration so that we can configure the dashboard for different purposes."
"Code security scanning could be improved."
"The solution could improve by providing more advanced technologies."
"There is need for support for the additional languages and ease of use in adding new rules for detecting issues."
Acunetix is ranked 16th in Application Security Tools with 26 reviews while SonarQube is ranked 1st in Application Security Tools with 108 reviews. Acunetix is rated 7.6, while SonarQube is rated 8.0. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, PortSwigger Burp Suite Professional, HCL AppScan and Tenable Nessus, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk. See our Acunetix vs. SonarQube report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.