Try our new research platform with insights from 80,000+ expert users

CodeSonar vs Tenable.io Web Application Scanning comparison

CodeSecure and Tenable are both solutions in the Application Security Tools category. CodeSecure is ranked #34 with an average rating of 7.0, while Tenable is ranked #20 with an average rating of 7.6. CodeSecure holds a 1.5% mindshare in AS, compared to Tenable’s 1.3% mindshare. Additionally, 87% of CodeSecure users are willing to recommend the solution, compared to 93% of Tenable users who would recommend it.
CodeSonar
Read 7 CodeSonar reviews
  • 1,855 Views
  • 1,189 Comparison Views
87% willing to recommend
Tenable.io Web Application ...
Read 17 Tenable.io Web Application Scanning reviews
  • 1,948 Views
  • 1,523 Comparison Views
93% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 8, 2024

Tenable.io Web Application Scanning and CodeSonar compete in the application security tools category. Tenable.io seems to have the upper hand with pricing and support, while CodeSonar leads with advanced analysis capabilities.

Features: Tenable.io offers comprehensive vulnerability detection, integration capabilities, and user-friendly web application scanning. CodeSonar provides deep static analysis, extensive security flaw coverage, and pinpointing capabilities for complex code vulnerabilities.

Room for Improvement: Tenable.io needs to enhance reporting functionalities, improve scan speeds, and possibly broaden security flaw coverage. CodeSonar requires better integration with third-party tools, improvements in handling large codebases, and an easier deployment process.

Ease of Deployment and Customer Service: Tenable.io is praised for its straightforward deployment and responsive customer support. CodeSonar, although complex to deploy, is recognized for its dedicated support team capable of effectively resolving issues.

Pricing and ROI: Tenable.io is lauded for its competitive setup costs, appealing to budget-conscious users, and promises quick ROI. CodeSonar, while more expensive, justifies its cost with detailed insights and high long-term value.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed CodeSonar vs. Tenable.io Web Application Scanning Report (Updated: April 2025).
Buyer's Guide
CodeSonar vs. Tenable.io Web Application Scanning
April 2025
Download the complete report
Helped 850,028 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

CodeSonar
Ranking in Application Security Tools
34th
Average Rating
8.2
Reviews Sentiment
6.9
Number of Reviews
7
Ranking in other categories
Static Code Analysis (8th)
Tenable.io Web Application ...
Ranking in Application Security Tools
20th
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
17
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of May 2025, in the Application Security Tools category, the mindshare of CodeSonar is 1.5%, up from 0.9% compared to the previous year. The mindshare of Tenable.io Web Application Scanning is 1.3%, down from 1.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

Mathieu ALBRESPY - PeerSpot reviewer
Nice interface, quick to deploy, and easy to expand
This is the first time I've used this kind of software. It was the only one we could apply to analyze with MISRA rules. At my new company, I tried to use Klocwork. I tried to use it, just once so I cannot compare it exactly with CodeSonar. I also have a plugin for my Visual Studio and I try to make it work. It's not easy, however, I don't think that we have this kind of functionality with CodeSonar. It can do some incremental analysis. However, since this feature is also available on CodeSonar, it would be a good idea to have a plugin on Visual Studio just to have a quick analysis.
Read full review
Harshal Deshmukh - PeerSpot reviewer
Simple tool to use, good dashboard capabilities and offers asset criticality ratings
It has good dashboard capabilities and gives good results with priority ratings, asset criticality ratings, and exposure scores for vulnerabilities. It also provides automated web application scanning, which customers appreciate because it doesn't disturb the web application or hamper the business. While testing the web application, sometimes it happens that the website or application goes down. But with Tenable.io Web Application Scanning, it doesn't affect the business. It has good unified web application scanning and exposure management.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of CodeSonar is the catching of dead code. It is helpful."
"CodeSonar’s most valuable feature is finding security threats."
"The most valuable features of CodeSonar were all the categorized classes provided, and reports of future bugs which might occur in the production code. Additionally, I found the buffer overflow and underflow useful."
"The tool is very good for detecting memory leaks."
"There is nice functionality for code surfing and browsing."
"It has been able to scale."
"What I like best about CodeSonar is that it has fantastic speed, analysis and configuration times. Its detection of all runtime errors is also very good, though there were times it missed a few. The configuration of logs by CodeSonar is also very fantastic which I've not seen anywhere else. I also like the GUI interface of CodeSonar because it's very user friendly and the tool also shows very precise logs and results."
"We use the tool for our websites. We have a vulnerable subdomain. The tool helps to scan it for vulnerabilities."
"It collects the vulnerabilities on the hostnames and sends them to the Tenable.io cloud. Tenable has its own cloud where Tenable.io is running, but there are many connectors to other cloud solutions. Tenable can do vulnerability scanning for other cloud managers such as Azure, Amazon, and so on."
"Tenable.io Web Application Scanning is very easy to use."
"I would recommend Tenable.io Web Application Scanning to others."
"The most effective feature of the product is the ability to scan the entire environment."
"It is fully automated."
"The initial setup is straightforward."
"The solution's instant reports feature is the most effective for detecting threats."
More Tenable.io Web Application Scanning pros
 

Cons

"There could be a shared licensing model for the users."
"The scanning tool for core architecture could be improved."
"In a future release, the solution should upgrade itself to the current trends and differentiate between the languages. If there are any classifications that can be set for these programming languages that would be helpful rather than having everything in the generic category."
"It was expensive."
"In terms of areas for improvement, the use case for CodeSonar was good, but compared to other tools, it seems CodeSonar isn't a sound static analysis tool, and this is a major con I've seen from it. Right now, in the market, people prefer sound static analysis tools, so I would have preferred if CodeSonar was developed into a sound static analysis tool formally, in terms of its algorithms, so then you can see it extensively used in the market because at the moment, here in India, only fifty to sixty customers use CodeSonar. If the product is developed into a sound static analysis tool, it could compete with Polyspace, and from its current fifty customers, that number could go up to a hundred."
"It would be beneficial for the solution to include code standards and additional functionality for security."
"CodeSonar could improve by having better coding rules so we did not have to use another solution, such as MISRA C."
"They have a general dashboard for web application scanning, but the dashboards and reporting can be improved. They probably have some features in their roadmap."
"The technical support should be improved. Currently, some attacks are detected while others are not."
"The report customization needs to be better."
"The technical support needs improvement. Currently, it takes time, which might be due to the free version, but providing some level of support could encourage future purchase decisions."
"Tenable.io Web Application Scanning conducts a general scan, which wastes time. The scan needs to be specific."
"The market is standard for vulnerability scanning, however, the posture can be improved through Tenable's prioritization engine."
"Tenable.io Web Application Scanning could improve by offering faster fuzzing."
"Tenable.io Web Application Scanning is not very user-friendly and you need a lot of information to get proper reports. The tool's support is not very responsive."
More Tenable.io Web Application Scanning cons
 

Pricing and Cost Advice

"The solution's price depends on the number of licenses needed and the source code for the project."
"The application’s pricing is high compared to other tools."
"Pricing is a bit costly."
"Our organization purchased a license to use the solution."
"The pricing is okay."
"It follows the same licensing scheme as Tenable.io and Tenable. sc."
"Tenable.io Web Application Scanning is expensive for small businesses."
"The price of the solution is reasonable compared to the competitors. The license cost is based on the number of users and the annual usage."
"The application is extremely affordable. There are no additional costs involved with licensing. We switched to Tenable.io Web Application Scanning from other solutions due to pricing."
"For Tenable.io Web Application Scanning, it comes to around 6,50,000 Indian rupees, plus taxes."
"I rate the product's pricing a four out of ten."
report
See which vendors are best for you
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
See recommendations
850,028 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
25%
Computer Software Company
13%
University
9%
Financial Services Firm
6%
Financial Services Firm
14%
Computer Software Company
14%
Government
11%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about CodeSonar?
CodeSonar’s most valuable feature is finding security threats.
See all answers
What is your experience regarding pricing and costs for CodeSonar?
The application’s pricing is high compared to other tools. I rate its pricing a four out of ten.
See all answers
What needs improvement with CodeSonar?
Our license model allows one user per license. Currently, we have limitations for VPN profiles. We can’t share the key with other users. There could be a shared licensing model for the users. It wi...
See all answers
What do you like most about Tenable.io Web Application Scanning?
The most effective feature of the product is the ability to scan the entire environment.
See all answers
What needs improvement with Tenable.io Web Application Scanning?
Improvements could include providing coverage reports in the free version and features related to security reports. Also, enhancing technical support would be beneficial as there is room for improv...
See all answers
What advice do you have for others considering Tenable.io Web Application Scanning?
I would recommend Tenable.io Web Application Scanning as it provides us with good reports, which help improve our code base, despite the lack of financial benefits. Overall, I would rate it seven o...
See all answers
 

Comparisons

SonarQube Server (formerly SonarQube) vs CodeSonar Logo
SonarQube Server (formerly SonarQube) vs CodeSonar
Compared 60% of the time
Coverity vs CodeSonar Logo
Coverity vs CodeSonar
Compared 21% of the time
Polyspace Code Prover vs CodeSonar Logo
Polyspace Code Prover vs CodeSonar
Compared 8% of the time
Klocwork vs CodeSonar Logo
Klocwork vs CodeSonar
Compared 3% of the time
Understand vs CodeSonar Logo
Understand vs CodeSonar
Compared 3% of the time
More CodeSonar Competitors
Acunetix vs Tenable.io Web Application Scanning Logo
Acunetix vs Tenable.io Web Application Scanning
Compared 25% of the time
Qualys Web Application Scanning vs Tenable.io Web Application Scanning Logo
Qualys Web Application Scanning vs Tenable.io Web Application Scanning
Compared 13% of the time
PortSwigger Burp Suite Professional vs Tenable.io Web Application Scanning Logo
PortSwigger Burp Suite Professional vs Tenable.io Web Application Scanning
Compared 12% of the time
Fortify on Demand vs Tenable.io Web Application Scanning Logo
Fortify on Demand vs Tenable.io Web Application Scanning
Compared 10% of the time
HCL AppScan vs Tenable.io Web Application Scanning Logo
HCL AppScan vs Tenable.io Web Application Scanning
Compared 7% of the time
More Tenable.io Web Application Scanning Competitors
 

Product Reports

Buyer's Guide
Application Security Tools
April 2025
CodeSonar reportDownload CodeSonar product report
Buyer's Guide
Application Security Tools
April 2025
Tenable.io Web Application Scanning reportDownload Tenable.io Web Application Scanning product report
 

Overview

GrammaTech enables organizations to develop software applications more efficiently, on-budget, and on-schedule by helping to eliminate harmful defects that can cause system failures, enable data breaches, and ultimately increase corporate liabilities in today’s connected world. GrammaTech is the developer of CodeSonar, the most powerful source and binary code analysis solution available today. Extraordinarily precise, CodeSonar finds, on average, 2 times more serious defects in software than other static analysis solutions. Designed for organizations with zero tolerance for defects and vulnerabilities in their applications, CodeSonar provides static analysis for applications where reliability and security are paramount - widely used by software developers in avionics, medical, automotive, industrial control, and other mission-critical applications. Some of GrammaTech's customers include Toyota, GE, Hyundai, Kawasaki, LG, Lockheed Martin, NASA, Northrop Grumman, Panasonic, and Samsung.

CodeSecure

Tenable.io Web Application Scanning safely, accurately and automatically scans your web applications, providing deep visibility into vulnerabilities and valuable context to prioritize remediation.

Tenable
 

Sample Customers

Viveris, Micrel Medical Devices, Olympus, SOFTEQ, SONY
IMDEX
Buyer's Guide
CodeSonar vs. Tenable.io Web Application Scanning
April 2025
Free Report: CodeSonar vs. Tenable.io Web Application Scanning
Find out what your peers are saying about CodeSonar vs. Tenable.io Web Application Scanning and other solutions. Updated: April 2025.
DOWNLOAD NOW
850,028 professionals have used our research since 2012.
See our CodeSonar vs. Tenable.io Web Application Scanning report.
See our list of best Application Security Tools vendors.

We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.