• Home
  • Apiiro vs. SonarCloud

Apiiro vs SonarCloud comparison

Cancel
You must select at least 2 products to compare!
Apiiro Logo
Apiiro
Read 2 Apiiro reviews
321 views|184 comparisons
100% willing to recommend
Sonar Logo
SonarCloud
Read 10 SonarCloud reviews
10,251 views|7,640 comparisons
100% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Apiiro vs. SonarCloud
May 2024
Executive Summary

We performed a comparison between Apiiro and SonarCloud based on real PeerSpot user reviews.

Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Apiiro vs. SonarCloud Report (Updated: May 2024).
Download the complete report
770,616 professionals have used our research since 2012.
Featured Review
Ryan-Murphy
A great secrets detection feature, good visibility, and integrates well
The biggest benefit of Apiiro for us was the visibility it gave us into our GitHub organization, which we didn't have much of before. The benefit... Read more →
Huzaifa Asif
A comprehensive code quality management offering all-in-one functionality, including static code analysis, security...
Through SonarCloud, we gain insights, especially in a microservices environment with product-based products. It provides valuable guidance in... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Apiiro's secrets detection feature has saved us several times, which we appreciate greatly.""The workflow automation is likely the best aspect of the solution."

More Apiiro Pros →

"I'm not implementing the solutions. However, I've talked to the people who deploy the tools, and they are happy with how easy setting up SonarCloud is.""Recently, they introduced support for mono reports and microservices, which is a noteworthy development as it provides a more detailed view of each service.""The solution provides continuous code analysis which has improved the quality of our code. It can raise alarms on vulnerabilities with immediate reports on the dashboard. Few things are false positives and we can customize the rules.""The most valuable feature of SonarCloud is its overall performance.""SonarCloud is overall a good tool for identifying code smells, bugs, and code duplication, but we've found that using Android Lint is more effective for our needs.""The reports from SonarCloud are very good.""The solution can be installed locally.""For what it is meant to do, it works pretty well."

More SonarCloud Pros →

Cons
"I would like support for our self-hosted Git server, other than GitHub, just regular Git.""User management is a little bit clunky."

More Apiiro Cons →

"I've been told by the developers that the solution is too limited. It's not testing enough within the containers.""SonarCloud's UI needs enhancement.""The reports could improve by providing more information. We are not able to use the reports in our operation until they are improved. Additionally, if the vendor provided more customization capabilities it would be a benefit.""We had some issues with the scanner.""There's room for improvement in the configuration process, particularly during the initial setup phase.""SonarCloud can improve the false positives. Sometimes the gates sometimes act a little weird. We then need to manually go and mark the false positive.""The documentation needs improvement on optimizing build time for seamless CI/CD integration with our Android apps.""The solution needs to improve its customization and flexibility."

More SonarCloud Cons →

Pricing and Cost Advice
Information Not Available
  • "The price of SonarCloud could be less expensive. We are using the community version and the price should be more reasonable."
  • "The price of SonarCloud is not expensive, it goes by the lines of code. 1 million lines per code are approximately 4,000 USD per year. If you need 2 million lines of code you would double the annual cost."
  • "I am using the free version of the solution."
  • "I rate the pricing a five out of ten."
  • "While not extremely cheap, it aligns well with market standards and offers good value."
  • "The current pricing is quite cheap."

    • More SonarCloud Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Application Security Testing (AST) solutions are best for your needs.
    See Recommendations
    770,616 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Apiiro?
    Top Answer:Apiiro's secrets detection feature has saved us several times, which we appreciate greatly.
    Read all 2 answers   →
    What is your experience regarding pricing and costs for Apiiro?
    Top Answer:My understanding is the pricing is pretty competitive.
    What needs improvement with Apiiro?
    Top Answer:Apiiro recently integrated SaaS, and we would love to see them expand on that. They provide many integrations to different products, including SaaS products such as Snyk. Ideally, Apiiro would include… more »
    Read all 2 answers   →
    What do you like most about SonarCloud?
    Top Answer:Recently, they introduced support for mono reports and microservices, which is a noteworthy development as it provides a more detailed view of each service.
    Read all 9 answers   →
    What is your experience regarding pricing and costs for SonarCloud?
    Top Answer:I would rate the price an eight out of ten because it's reasonable. While not extremely cheap, it aligns well with market standards and offers good value. It's an all-inclusive package where you pay a… more »
    Read all 7 answers   →
    What needs improvement with SonarCloud?
    Top Answer:There's room for improvement in the configuration process, particularly during the initial setup phase. Setting up features like mono reports can be challenging, and the existing documentation could… more »
    Read all 9 answers   →
    Ranking
    21st
    out of 67 in Application Security Testing (AST)
    Views
    321
    Comparisons
    184
    Reviews
    2
    Average Words per Review
    1,148
    Rating
    8.5
    10th
    out of 67 in Application Security Testing (AST)
    Views
    10,251
    Comparisons
    7,640
    Reviews
    7
    Average Words per Review
    523
    Rating
    8.4
    Comparisons
    Snyk logo
    Snyk vs. Apiiro
    Compared 50% of the time.
    Cycode logo
    Cycode vs. Apiiro
    Compared 14% of the time.
    Ox Security logo
    Ox Security vs. Apiiro
    Compared 14% of the time.
    SonarQube logo
    SonarQube vs. Apiiro
    Compared 11% of the time.
    Semgrep Supply Chain logo
    Semgrep Supply Chain vs. Apiiro
    Compared 5% of the time.
    More Apiiro Competitors   →
    SonarQube logo
    SonarQube vs. SonarCloud
    Compared 77% of the time.
    Veracode logo
    Veracode vs. SonarCloud
    Compared 7% of the time.
    Checkmarx One logo
    Checkmarx One vs. SonarCloud
    Compared 5% of the time.
    GitLab logo
    GitLab vs. SonarCloud
    Compared 3% of the time.
    OWASP Zap logo
    OWASP Zap vs. SonarCloud
    Compared 3% of the time.
    More SonarCloud Competitors   →
    Also Known As
    Apiiro Control Plane (ASOC), Apiiro API Security (SAST), Apiiro Open Source (SCA)
    Learn More
    Apiiro
    Sonar
    Interactive Demo
    Apiiro
    Demo Not Available
    Sonar
    Watch a demo
    Overview

    Apiiro is the leader in application security posture management (ASPM), unifying risk visibility, prioritization, and remediation with deep code analysis and runtime context.

    Companies like Morgan Stanley, SoFi, Rakuten, and Navan leverage Apiiro's ASPM to...

    Get complete application and risk visibility: Apiiro takes a deep, code-based approach to ASPM. Its Cloud Application Security Platform analyzes source code and pulls in runtime context to build a continuous, graph-based inventory of application and software supply chain components.

    Prioritize risks with code-to-runtime context: With its proprietary Risk Graph™️, Apiiro contextualizes security alerts from third-party tools and native security solutions based on the likelihood and impact of risk to uniquely minimize alert backlogs and triage time by 95%.

    Fix and prevent risks that matter—faster: By tying risks to code owners, providing LLM-enriched remediation guidance, and embedding risk-based guardrails directly into developer tools and workflows, Apiiro improves remediation times (MTTR) by up to 85%.

    Apiiro's native security solutions include API security testing in code, secrets detection and validation, software bill of materials (SBOM) generation, sensitive data exposure prevention, software composition analysis (SCA), and CI/CD and SCM security.



    SonarCloud is a cloud-based alternative of the SonarQube platform, offering continuous code quality and security analysis as a service. SonarCloud integrates seamlessly with popular version control and CI/CD platforms such as GitHub, Bitbucket, and Azure DevOps. It provides static code analysis to identify and help remediate issues such as bugs and security vulnerabilities. SonarCloud enables developers to receive immediate feedback on their code within their development environment, facilitating the maintenance of high-quality code standards, and promoting a culture of continuous improvement in software development projects. It helps produce software that is secure, reliable, and maintainable. SonarCloud is free for open-source projects and is offered as a paid subscription for private projects, priced per lines of code.

    Sample Customers
    Morgan Stanley, Rakuten, Jack Henry, SoFi, Colgate, Navan
    Top Industries
    VISITORS READING REVIEWS
    Computer Software Company24%
    Comms Service Provider10%
    Outsourcing Company8%
    Financial Services Firm8%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Financial Services Firm10%
    Manufacturing Company9%
    Healthcare Company5%
    Company Size
    VISITORS READING REVIEWS
    Small Business39%
    Midsize Enterprise21%
    Large Enterprise40%
    REVIEWERS
    Small Business56%
    Midsize Enterprise33%
    Large Enterprise11%
    VISITORS READING REVIEWS
    Small Business23%
    Midsize Enterprise19%
    Large Enterprise58%
    Buyer's Guide
    Apiiro vs. SonarCloud
    May 2024
    Free Report: Apiiro vs. SonarCloud
    Find out what your peers are saying about Apiiro vs. SonarCloud and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    770,616 professionals have used our research since 2012.

    Apiiro is ranked 21st in Application Security Testing (AST) with 2 reviews while SonarCloud is ranked 10th in Application Security Testing (AST) with 10 reviews. Apiiro is rated 8.6, while SonarCloud is rated 8.4. The top reviewer of Apiiro writes "A great secrets detection feature, good visibility, and integrates well". On the other hand, the top reviewer of SonarCloud writes "Beneficial vulnerability discovery, simple to maintain, and proactive support". Apiiro is most compared with Snyk, Cycode, Ox Security, SonarQube and Semgrep Supply Chain, whereas SonarCloud is most compared with SonarQube, Veracode, Checkmarx One, GitLab and OWASP Zap. See our Apiiro vs. SonarCloud report.

    See our list of best Application Security Testing (AST) vendors.

    We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.