We performed a comparison between GitGuardian Public Monitoring and SonarQube based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."One thing I really like about it is the fact that we can add search words or specific payloads inside the tool, and GitGuardian will look into GitHub and alert us if any of these words is found in a repository... With this capability in the tool, we have good surveillance over our potential blind spots."
"The Explore function is valuable for finding specific things I'm looking for."
"The SonarQube dashboard looks great."
"The solution can verify vulnerabilities, code smells, and hotspots. It makes the software more secure and it helps make a junior or novice developer sharper."
"It is a good deal compared to all other tools on the market."
"The solution has a wide variety of features and an open-source community that you are able to learn Java, JavaScript, or any other programing language."
"I like the by-default policies that are they, as they seem to cover most of what I need."
"I follow Quality Gate's graduation model within organization, and it is extremely helpful for me to benchmark products."
"All the features of the solution are quite good."
"There is a free version."
"I would like to see improvement in some of the user interface features... When one secret is leaked in multiple files or multiple repositories, it will appear on the dashboard. But when you click on that secret, all the occurrences will appear on the page. It would be better to have one secret per occurrence, directly, so that we don't have to click to get to the list of all the occurrences."
"I'm excited about the possibility of Public Postman scanning being integrated with GitGuardian in the future. Additionally, I'm interested in exploring the potential use of honeytokens, which seems like a compelling approach to lure and identify attackers."
"I would like to see dynamic code analysis in the next version of the software."
"During the setup process, we only had one issue related to the number of available files. To perform the analysis, you have quite a lot of available file handles, so we had to increase that limit."
"Technical support and the price could be better."
"It would be better if SonarQube provided a good UI for external configuration."
"The solution could improve by having better-consulting services."
"There is no automation. You need to put the code there and test. You then pull the results and put them back in the development environment. There is no integration with the development environment. We would like it to be integrated with our development environment, which is basically the CI/CD pipeline or the IDE that we have."
"I don't believe you can have metrics of code quality based upon code analysis. I don't think it's possible for a computer to do it."
"Their dashboarding is very limited. They can improve their dashboards for multiple areas, such as security review, maintainability, etc. They have all this information, so they should publish all this information on the dashboard so that the users can view the summary and then analyze it further. This is something that I would like to see in the next version."
More GitGuardian Public Monitoring Pricing and Cost Advice →
GitGuardian Public Monitoring is ranked 27th in Application Security Tools with 2 reviews while SonarQube is ranked 1st in Application Security Tools with 110 reviews. GitGuardian Public Monitoring is rated 9.0, while SonarQube is rated 8.0. The top reviewer of GitGuardian Public Monitoring writes "Helps us prioritize remediation tasks efficiently, improves our overall security visibility, and is effective in detecting and alerting us to security leaks quickly". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". GitGuardian Public Monitoring is most compared with Snyk, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.