Rapid7 AppSpider vs SonarCloud comparison

Cancel
You must select at least 2 products to compare!
Rapid7 Logo
1,380 views|1,011 comparisons
Sonar Logo
9,825 views|7,160 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Rapid7 AppSpider and SonarCloud based on real PeerSpot user reviews.

Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Rapid7 AppSpider vs. SonarCloud Report (Updated: March 2024).
765,386 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"AppSpider's most valuable feature is reporting - everything is stored in the local database so it can be sent to other machines.""It is really accurate and the rate of false positives is very low.""Rapid7 AppSpider is good at managing different applications. It uses applets and generates reports to cover the PCA/GDPR compliance requirements.""It scans all the components developed within a web application.""When it is set up properly, it can do scanning on web apps with multiple engines automatically.""I like the ability the product has to detect vulnerabilities quickly, when it has been released in our environment, then displaying them to us.""What I like most about AppSpider is that it's easy to use and its automated scan gives me all the details I need to know when it comes to vulnerabilities and their solutions.""The entire solution is interactive and has a point-and-click user experience, which makes it easy to find items or drill down on information. You don't need specialized skills to use the product."

More Rapid7 AppSpider Pros →

"For what it is meant to do, it works pretty well.""The solution provides continuous code analysis which has improved the quality of our code. It can raise alarms on vulnerabilities with immediate reports on the dashboard. Few things are false positives and we can customize the rules.""The reports from SonarCloud are very good.""Recently, they introduced support for mono reports and microservices, which is a noteworthy development as it provides a more detailed view of each service.""The most valuable features of SonarCloud are the ability to discover vulnerabilities, security weak points, security hotspots, and all the feedback that comes into the feature branch. You can deploy the code with the security, you can eliminate the problem at the developer level rather than identifying the problem in the productions.""SonarCloud is overall a good tool for identifying code smells, bugs, and code duplication, but we've found that using Android Lint is more effective for our needs.""The most valuable feature of SonarCloud is its overall performance.""I'm not implementing the solutions. However, I've talked to the people who deploy the tools, and they are happy with how easy setting up SonarCloud is."

More SonarCloud Pros →

Cons
"Implementing Rapid7 AppSpider requires scanning and self-identification mechanisms. You can add different types of authentication to each scan.""The solution is too slow. It could take a full day to scan. Competitors are much faster.""One of the challenges I have with AppSpider is that it gives you a lot of false positives, especially when compared to other solutions.""The enterprise interface is too simple. It should be more customizable.""The tech support is responsive but issues remain unresolved.""AppSpider has some problems with the RAM needed while scanning.""This price of this solution is a little bit expensive.""The performance of the solution could improve. When I compare the speed it is slower than others on the market. There are some tricks we use to help speed up the solution."

More Rapid7 AppSpider Cons →

"It would be helpful if notifications could go out to an extra person.""I've been told by the developers that the solution is too limited. It's not testing enough within the containers.""CI/CD pipeline is part of a whole chain of design, development, and production, and it's becoming increasingly crucial to optimize the various tools across different stages. However, it's still a silo approach because the full integration is missing. This isn't just an issue with SonarCloud. It's a general problem with tooling.""SonarCloud can improve the false positives. Sometimes the gates sometimes act a little weird. We then need to manually go and mark the false positive.""There's room for improvement in the configuration process, particularly during the initial setup phase.""The reports could improve by providing more information. We are not able to use the reports in our operation until they are improved. Additionally, if the vendor provided more customization capabilities it would be a benefit.""SonarCloud's UI needs enhancement.""The documentation needs improvement on optimizing build time for seamless CI/CD integration with our Android apps."

More SonarCloud Cons →

Pricing and Cost Advice
  • "It is expensive if you want to buy the Enterprise version that is able to scan multiple applications at once."
  • "The price is pretty fair."
  • "The licensing cost depends on the number of users."
  • "AppSpider is closed-source software and you need to acquire a license in order to use it."
  • "The price of Rapid7 AppSpider cost 9,000 annually but there is limited usage. Large companies are able to negotiate a better price or a better deal for the usage with the vendor."
  • More Rapid7 AppSpider Pricing and Cost Advice →

  • "The price of SonarCloud could be less expensive. We are using the community version and the price should be more reasonable."
  • "The price of SonarCloud is not expensive, it goes by the lines of code. 1 million lines per code are approximately 4,000 USD per year. If you need 2 million lines of code you would double the annual cost."
  • "I am using the free version of the solution."
  • "I rate the pricing a five out of ten."
  • "While not extremely cheap, it aligns well with market standards and offers good value."
  • "The current pricing is quite cheap."
  • More SonarCloud Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Application Security Testing (AST) solutions are best for your needs.
    765,386 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:The most valuable feature of Rapid7 AppSpider is the vulnerability reporting data. Additionally, the data is reported in a convenient way rather than seeing them as a PDF. We are able to generate all… more »
    Top Answer:The price of Rapid7 AppSpider cost 9,000 annually but there is limited usage. Large companies are able to negotiate a better price or a better deal for the usage with the vendor. The price of the… more »
    Top Answer:The performance of the solution could improve. When I compare the speed it is slower than others on the market. There are some tricks we use to help speed up the solution.
    Top Answer:Recently, they introduced support for mono reports and microservices, which is a noteworthy development as it provides a more detailed view of each service.
    Top Answer:I would rate the price an eight out of ten because it's reasonable. While not extremely cheap, it aligns well with market standards and offers good value. It's an all-inclusive package where you pay a… more »
    Top Answer:There's room for improvement in the configuration process, particularly during the initial setup phase. Setting up features like mono reports can be challenging, and the existing documentation could… more »
    Ranking
    Views
    1,380
    Comparisons
    1,011
    Reviews
    3
    Average Words per Review
    429
    Rating
    7.3
    Views
    9,825
    Comparisons
    7,160
    Reviews
    8
    Average Words per Review
    524
    Rating
    8.4
    Comparisons
    Also Known As
    AppSpider
    Learn More
    Interactive Demo
    Rapid7
    Demo Not Available
    Overview

    SPAs, APIs, mobile—the evolution of application technology is measured in months, not years. Is your web application security testing tool designed to keep up? AppSpider lets you collect all the information needed to test all the apps so that you aren’t left with gaping application risks.

    Our dynamic application security testing (DAST) solution crawls to the deepest, darkest corners of even the most modern and complex apps to effectively test for risk and get you the insight you need to remediate faster. With AppSpider on your side (or, rather, all of your sides), you’ll be able to scan all the apps today and always be ready for whatever comes next.

    SonarCloud is a cloud-based alternative of the SonarQube platform, offering continuous code quality and security analysis as a service. SonarCloud integrates seamlessly with popular version control and CI/CD platforms such as GitHub, Bitbucket, and Azure DevOps. It provides static code analysis to identify and help remediate issues such as bugs and security vulnerabilities. SonarCloud enables developers to receive immediate feedback on their code within their development environment, facilitating the maintenance of high-quality code standards, and promoting a culture of continuous improvement in software development projects. It helps produce software that is secure, reliable, and maintainable. SonarCloud is free for open-source projects and is offered as a paid subscription for private projects, priced per lines of code.

    Sample Customers
    Microsoft
    Top Industries
    REVIEWERS
    Financial Services Firm33%
    University33%
    Comms Service Provider33%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Financial Services Firm15%
    Government8%
    Healthcare Company6%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Financial Services Firm9%
    Manufacturing Company8%
    Healthcare Company5%
    Company Size
    REVIEWERS
    Small Business54%
    Midsize Enterprise15%
    Large Enterprise31%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise15%
    Large Enterprise66%
    REVIEWERS
    Small Business56%
    Midsize Enterprise33%
    Large Enterprise11%
    VISITORS READING REVIEWS
    Small Business23%
    Midsize Enterprise19%
    Large Enterprise58%
    Buyer's Guide
    Rapid7 AppSpider vs. SonarCloud
    March 2024
    Find out what your peers are saying about Rapid7 AppSpider vs. SonarCloud and other solutions. Updated: March 2024.
    765,386 professionals have used our research since 2012.

    Rapid7 AppSpider is ranked 25th in Application Security Testing (AST) with 13 reviews while SonarCloud is ranked 10th in Application Security Testing (AST) with 10 reviews. Rapid7 AppSpider is rated 7.8, while SonarCloud is rated 8.4. The top reviewer of Rapid7 AppSpider writes "Useful vulnerability reporting data, flexible, and simple implementation". On the other hand, the top reviewer of SonarCloud writes "Beneficial vulnerability discovery, simple to maintain, and proactive support". Rapid7 AppSpider is most compared with Rapid7 InsightAppSec, OWASP Zap, Acunetix, Tenable.io Web Application Scanning and Invicti, whereas SonarCloud is most compared with SonarQube, Veracode, Checkmarx, OWASP Zap and GitLab. See our Rapid7 AppSpider vs. SonarCloud report.

    See our list of best Application Security Testing (AST) vendors.

    We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.