We performed a comparison between Contrast Security Protect and SonarQube based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product gives a few false positives. We get 99 percent true positives."
"The solution has excellent real-time capabilities."
"Protect provides us with more in-depth visibility into ongoing attacks."
"The good thing with SonarQube is it covers a lot of issues, it's a very robust framework."
"My focus is mainly on the DevOps pipeline side of things, and from my perspective, the ease of use and configuration is valuable. It is pretty straightforward to take a deployment pipeline or CI/CD pipeline and integrate SonarQube into it."
"It easily ties into our continuous integration pipeline."
"There's plenty of documentation available to users."
"The most valuable function is its usability."
"The solution offers a very good community edition."
"The solution has a plug-in that supports both C and C++ languages."
"I like that it helps us maintain our work quality and code security."
"Contrast Security Protect needs to improve integration."
"There's room for improvement in the initial setup."
"Protect's reporting GUI is very basic. To get all statuses from the APIs, we needed to write our own KPI dashboard to provide reports."
"Expression of common vulnerabilities and exposures is not always current."
"SonarQube could improve its static application security testing as per the industry standard."
"We could use some team support, but since we are using the community version, it's not available."
"We called support and complained but have not received any information as we use the free version. We had to fix it on our own and could not escalate it to the tool's developer."
"This is a well-rounded solution, however, some features could be made available on the free version. The price of the solution could be reduced."
"When we have a thousand products published over it, we expect it to be more efficient in terms of serving requests from the browser."
"You may need to purchase add-ons to get the useability you desire."
"It requires advanced heuristics to recognize more complex constructs that could be disregarded as issues."
Contrast Security Protect is ranked 32nd in Application Security Tools with 3 reviews while SonarQube is ranked 1st in Application Security Tools with 108 reviews. Contrast Security Protect is rated 8.4, while SonarQube is rated 8.0. The top reviewer of Contrast Security Protect writes "It provides us with more in-depth visibility into ongoing attacks". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Contrast Security Protect is most compared with Fortify on Demand, Snyk, Tenable.io Web Application Scanning, Sonatype Lifecycle and HCL AppScan, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk. See our Contrast Security Protect vs. SonarQube report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.