No more typing reviews! Try our Samantha, our new voice AI agent.

CodeSonar vs Tenable.io Web Application Scanning comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

CodeSonar
Ranking in Application Security Tools
34th
Average Rating
8.2
Reviews Sentiment
6.9
Number of Reviews
7
Ranking in other categories
Static Code Analysis (10th)
Tenable.io Web Application ...
Ranking in Application Security Tools
22nd
Average Rating
7.8
Reviews Sentiment
5.8
Number of Reviews
18
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Application Security Tools category, the mindshare of CodeSonar is 1.1%, down from 1.5% compared to the previous year. The mindshare of Tenable.io Web Application Scanning is 1.3%, up from 1.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools Mindshare Distribution
ProductMindshare (%)
Tenable.io Web Application Scanning1.3%
CodeSonar1.1%
Other97.6%
Application Security Tools
 

Featured Reviews

Mathieu ALBRESPY - PeerSpot reviewer
Intigration Developer at ez-Wheel
Nice interface, quick to deploy, and easy to expand
This is the first time I've used this kind of software. It was the only one we could apply to analyze with MISRA rules. At my new company, I tried to use Klocwork. I tried to use it, just once so I cannot compare it exactly with CodeSonar. I also have a plugin for my Visual Studio and I try to make it work. It's not easy, however, I don't think that we have this kind of functionality with CodeSonar. It can do some incremental analysis. However, since this feature is also available on CodeSonar, it would be a good idea to have a plugin on Visual Studio just to have a quick analysis.
HL
Security Analyst at TOPNET
Web audits have identified vulnerabilities and now provide clear visibility into compliance gaps
We have experience with Tenable.io Web Application Scanning, and we use it as well; we have approximately ten licenses for web application scanning. We use it to find vulnerabilities, but Tenable.io Web Application Scanning does not include remediation; we remediate with other products. We use the…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of CodeSonar is the catching of dead code. It is helpful."
"CodeSonar’s most valuable feature is finding security threats."
"What I like best about CodeSonar is that it has fantastic speed, analysis and configuration times."
"There is nice functionality for code surfing and browsing."
"What I like best about CodeSonar is that it has fantastic speed, analysis and configuration times. Its detection of all runtime errors is also very good, though there were times it missed a few. The configuration of logs by CodeSonar is also very fantastic which I've not seen anywhere else. I also like the GUI interface of CodeSonar because it's very user friendly and the tool also shows very precise logs and results."
"CodeSonar has helped our organization because it detects dead and nonusable parts of code to create a more optimized code."
"It has been able to scale."
"The solution is very stable and we have used it for a long time with no issues."
"The most valuable features of Tenable.io Web Application Scanning are the integration into specific use cases and scanning. All of the features of the solution are useful."
"The solution is stable."
"It has good unified web application scanning and exposure management."
"The most valuable feature is the reporting, which provides a good level of detail with respect to vulnerabilities."
"Tenable.io Web Application Scanning is very easy to use, provides very reliable results, and is easily managed by someone who lacks prior knowledge, information, or experience."
"The solution's instant reports feature is the most effective for detecting threats."
"I think Tenable.io Web Application Scanning is the best option on the market at the moment."
"It is fully automated."
 

Cons

"In terms of areas for improvement, the use case for CodeSonar was good, but compared to other tools, it seems CodeSonar isn't a sound static analysis tool, and this is a major con I've seen from it. Right now, in the market, people prefer sound static analysis tools, so I would have preferred if CodeSonar was developed into a sound static analysis tool formally, in terms of its algorithms, so then you can see it extensively used in the market because at the moment, here in India, only fifty to sixty customers use CodeSonar. If the product is developed into a sound static analysis tool, it could compete with Polyspace, and from its current fifty customers, that number could go up to a hundred."
"The MISRA guidelines were not appropriately reported and there were some flags or errors."
"In a future release, the solution should upgrade itself to the current trends and differentiate between the languages. If there are any classifications that can be set for these programming languages that would be helpful rather than having everything in the generic category."
"It would be beneficial for the solution to include code standards and additional functionality for security."
"It was difficult for us to apply a rule, especially to a part of the code, and not apply it to the rest of the code."
"There could be a shared licensing model for the users."
"CodeSonar could improve by having better coding rules so we did not have to use another solution, such as MISRA C."
"It was expensive."
"I would like for them to add proxy filtering, where you can transfer and alter the package. It is fully automated. Other web application testers programs are actually proxy software, and the proxy software gives you the flexibility of modifying the outgoing package, which will actually help you in exploiting any vulnerability in detail."
"The dashboard could be more user-friendly."
"Tenable.io Web Application Scanning conducts a general scan, which wastes time. The scan needs to be specific."
"Sometimes it lags with different cloud environments."
"The technical support should be improved. Currently, some attacks are detected while others are not."
"They have a general dashboard for web application scanning, but the dashboards and reporting can be improved. They probably have some features in their roadmap."
"The cloud and the on-premises versions have their own controllers, and there is no way to centrally manage controllers."
"It isn't easy to manage vulnerabilities in Tenable."
 

Pricing and Cost Advice

"The application’s pricing is high compared to other tools."
"Our organization purchased a license to use the solution."
"The solution's price depends on the number of licenses needed and the source code for the project."
"Pricing is a bit costly."
"The application is extremely affordable. There are no additional costs involved with licensing. We switched to Tenable.io Web Application Scanning from other solutions due to pricing."
"The pricing is okay."
"I rate the product's pricing a four out of ten."
"The price of the solution is reasonable compared to the competitors. The license cost is based on the number of users and the annual usage."
"It follows the same licensing scheme as Tenable.io and Tenable. sc."
"For Tenable.io Web Application Scanning, it comes to around 6,50,000 Indian rupees, plus taxes."
"Tenable.io Web Application Scanning is expensive for small businesses."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
24%
Computer Software Company
8%
Financial Services Firm
7%
University
7%
Financial Services Firm
14%
Manufacturing Company
9%
Comms Service Provider
8%
Computer Software Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise1
Large Enterprise2
By reviewers
Company SizeCount
Small Business7
Midsize Enterprise5
Large Enterprise7
 

Questions from the Community

Ask a question
Earn 20 points
What needs improvement with Tenable.io Web Application Scanning?
If there were a solution, I would like to see automation and an integrated remediation solution for vulnerability or patch management.
What advice do you have for others considering Tenable.io Web Application Scanning?
I do not understand what API approach means; I do not understand this term. I think Tenable.io Web Application Scanning is the best option on the market at the moment. My review rating for this pro...
What is your experience regarding pricing and costs for Tenable.io Web Application Scanning?
I think the price is expensive. We do not have an idea of how much we have to pay approximately, but comparing to other products, Tenable.io Web Application Scanning is expensive.
 

Overview

 

Sample Customers

Viveris, Micrel Medical Devices, Olympus, SOFTEQ, SONY
IMDEX
Find out what your peers are saying about CodeSonar vs. Tenable.io Web Application Scanning and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.