We performed a comparison between Polyspace Code Prover and SonarQube based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The outputs are very reliable."
"When we work on safety modules, it is mandatory to fulfill ISO 26262 compliance. Using Prover helps fulfill the standard on top of many other quality checks, like division by zero, data type casts, and null pointer dereferences."
"The product detects memory corruptions."
"Polyspace Code Prover has made me realize it differs from other static code analysis tools because it runs the code. So it's quite distinct in that aspect."
"Polyspace Code Prover is a very user-friendly tool."
"Engineers have also learned from the results and have improved themselves as engineers. This will help them with their careers."
"The SonarQube dashboard looks great."
"SonarQube is good for checking and maintaining code quality."
"The code coverage feature is very good."
"Issue Explanations: Documentation with detailed samples. Helps in growing technical knowledge and re-writing logic to conforming solutions."
"This solution is simple to use and can be quickly deployed."
"The overall quality of the indicator is good."
"The most valuable feature is the security hotspot feature that identifies where your code is prone to have security issues."
"The tool has some stability issues."
"Automation could be a challenge."
"Using Code Prover on large applications crashes sometimes."
"One of the main disadvantages is the time it takes to initiate the first run."
"I'd like the data to be taken from any format."
"I think the code security can be improved."
"It does not provide deeper scanning of vulnerabilities in an application, on a live session. This is something we are not happy about. Maybe the reason for that is we are running the community edition currently, but other editions may improve on that aspect."
"One thing to improve would be the integration. There is a steep learning curve to get it integrated."
"A better design of the interface and add some new rules."
"A robust credential scanner would be a huge bonus as it would remove the need for yet another niche product."
"Technical support and the price could be better."
"If you don't have any experience with the configuration or how to configure the files, it can be complicated."
"We had some issues where the Quality Gate check sometimes gets stuck and it is unclear."
Polyspace Code Prover is ranked 23rd in Application Security Tools with 5 reviews while SonarQube is ranked 1st in Application Security Tools with 108 reviews. Polyspace Code Prover is rated 7.6, while SonarQube is rated 8.0. The top reviewer of Polyspace Code Prover writes "A stable solution for developing software components". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Polyspace Code Prover is most compared with Coverity, Klocwork, CodeSonar, Parasoft SOAtest and Veracode, whereas SonarQube is most compared with Checkmarx, SonarCloud, Coverity, Veracode and Snyk. See our Polyspace Code Prover vs. SonarQube report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.