We performed a comparison between CodeSonar and GitHub based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It has been able to scale."
"What I like best about CodeSonar is that it has fantastic speed, analysis and configuration times. Its detection of all runtime errors is also very good, though there were times it missed a few. The configuration of logs by CodeSonar is also very fantastic which I've not seen anywhere else. I also like the GUI interface of CodeSonar because it's very user friendly and the tool also shows very precise logs and results."
"The most valuable features of CodeSonar were all the categorized classes provided, and reports of future bugs which might occur in the production code. Additionally, I found the buffer overflow and underflow useful."
"CodeSonar’s most valuable feature is finding security threats."
"The most valuable feature of CodeSonar is the catching of dead code. It is helpful."
"There is nice functionality for code surfing and browsing."
"The tool is very good for detecting memory leaks."
"We can make a private repository."
"The most valuable feature is help offered by the community for open-source projects."
"Has great integration with third-party tools."
"The most valuable aspects of GitHub are version control and parallel development. I also appreciate the forking part, which allows us to release a specific set of features to the environment."
"This solution is very easy to use which I like about it. The capacity to own artifacts and share them with others is another good feature. You don't have to write all your code from scratch, you can use available templates and alter the code according to your needs."
"I have found GitHub stable."
"GitHub is the best tool for source repositories."
"The best feature is the ability to track the history of all code changes, and it's easy to use. Additionally, as it's open source, anyone can use that feature resulting in distributed development. This opens the door to collaboration with different code and developer, feature, and master branches of development."
"There could be a shared licensing model for the users."
"It was expensive."
"It would be beneficial for the solution to include code standards and additional functionality for security."
"In terms of areas for improvement, the use case for CodeSonar was good, but compared to other tools, it seems CodeSonar isn't a sound static analysis tool, and this is a major con I've seen from it. Right now, in the market, people prefer sound static analysis tools, so I would have preferred if CodeSonar was developed into a sound static analysis tool formally, in terms of its algorithms, so then you can see it extensively used in the market because at the moment, here in India, only fifty to sixty customers use CodeSonar. If the product is developed into a sound static analysis tool, it could compete with Polyspace, and from its current fifty customers, that number could go up to a hundred."
"CodeSonar could improve by having better coding rules so we did not have to use another solution, such as MISRA C."
"In a future release, the solution should upgrade itself to the current trends and differentiate between the languages. If there are any classifications that can be set for these programming languages that would be helpful rather than having everything in the generic category."
"The scanning tool for core architecture could be improved."
"The solution needs some more controls for deleting code."
"Scalability is an area with a shortcoming, because of which it has room for improvement."
"GitHub should provide more integration in their next release, including integrating with Jenkins, CI/CD and Jira."
"While using the solution when merging two code branches the code becomes a bit messy. This should be improved in the future."
"The solution can improve by adding video guides, official guides, or short courses that cater to beginners who are new to the system. These resources could offer step-by-step guidance on how to use GitHub, including common procedures such as pulling and committing. Currently, many of us have to resort to searching for information on how to do these tasks via Google. An official guide provided by GitHub itself would be a valuable asset to newcomers and would save them time and effort."
"There is a bit of a learning curve."
"The solution should have less integration with the AI part, but it needs to add features with other automation tools so that it can be easily integrated."
"The GitHub repository needs an upgraded user interface and overall UI improvements."
CodeSonar is ranked 21st in Application Security Tools with 7 reviews while GitHub is ranked 13th in Application Security Tools with 64 reviews. CodeSonar is rated 8.2, while GitHub is rated 8.6. The top reviewer of CodeSonar writes "Nice interface, quick to deploy, and easy to expand". On the other hand, the top reviewer of GitHub writes "Beneficial version control and continuous integration, but guides would be helpful". CodeSonar is most compared with SonarQube, Coverity, Klocwork, Polyspace Code Prover and Semgrep Code, whereas GitHub is most compared with Snyk, AWS CodeCommit, Bitbucket, Atlassian SourceTree and Fortify on Demand. See our CodeSonar vs. GitHub report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
