• Home
  • Semmle LGTM vs. SonarQube

Semmle LGTM vs SonarQube comparison

Cancel
You must select at least 2 products to compare!
Semmle Logo

Semmle LGTM

218 views|125 comparisons
Sonar Logo

SonarQube

Read 108 SonarQube reviews
9,293 views|7,283 comparisons
80% willing to recommend
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Semmle LGTM and SonarQube based on real PeerSpot user reviews.

Find out what your peers are saying about Sonar, Snyk, CAST and others in Software Development Analytics.
Featured Review
Use Semmle LGTM?
Anonymous User
Code quality assurance solution that supports many coding languages
This solution has helped with the integration and building of our CICD pipeline. Without any scans or assessments, the pipeline and build are not... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pricing and Cost Advice
Information Not Available
  • "This is open source."
  • "We did not purchase a license (required for C++ support), but this option was considered."
  • "Get the paid version which allows the customized dashboard and provides technical support."
  • "People can try the free licenses and later can seek buying plugins/support, etc. once they started liking it."
  • "This product is open source and very convenient."
  • "The licence is standard open source licensing"
  • "The price point on SonarQube is good."
  • "Some of the plugins that were previously free are not free now."

    • More SonarQube Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Software Development Analytics solutions are best for your needs.
    See Recommendations
    768,740 professionals have used our research since 2012.
    Questions from the Community
    Ask a question

    Earn 20 points

    Is SonarQube the best tool for static analysis?
    Top Answer:I am not very familiar with SonarQube and their solutions, so I can not answer But if you are asking me about which tools that are the best for for Static Code Analysis, I suggest you have  a look… more »
    Read all 10 answers   →
    Which gives you more for your money - SonarQube or Veracode?
    Top Answer:SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use… more »
    Read all 6 answers   →
    How would you decide between Coverity and Sonarqube?
    Top Answer:We researched Coverity, but in the end, we chose SonarQube. SonarQube is a tool for reviewing code quality and security. It helps to guide our development teams during code reviews by providing… more »
    Ranking
    5th
    out of 10 in Software Development Analytics
    Views
    218
    Comparisons
    125
    Reviews
    0
    Average Words per Review
    0
    Rating
    N/A
    1st
    out of 10 in Software Development Analytics
    Views
    9,293
    Comparisons
    7,283
    Reviews
    19
    Average Words per Review
    391
    Rating
    8.0
    Comparisons
    More Semmle LGTM Competitors   →
    Checkmarx One logo
    Checkmarx One vs. SonarQube
    Compared 21% of the time.
    SonarCloud logo
    SonarCloud vs. SonarQube
    Compared 13% of the time.
    Coverity logo
    Coverity vs. SonarQube
    Compared 11% of the time.
    Veracode logo
    Veracode vs. SonarQube
    Compared 10% of the time.
    Snyk logo
    Snyk vs. SonarQube
    Compared 7% of the time.
    More SonarQube Competitors   →
    Also Known As
    Sonar
    Learn More
    Semmle
    Video Not Available
    Sonar
    Interactive Demo
    Semmle
    Demo Not Available
    Sonar
    Watch a demo
    Overview

    LGTM Enterprise combines the trusted, tried, and tested Semmle analyses with an intuitive web application that is easy to set up and use, and includes integrations with a variety of software development tools. LGTM Enterprise provides engineering analytics to everybody involved in the software development process through a variety of interfaces: ranging from line-by-line alerts in our built-in code browser and seamless integration through automated code review for pull requests, to aggregated high-level analytics in Tableau and Qlikview workbooks for managers, directors, and executives. With LGTM Enterprise, Semmle offers a complete software engineering analytics solution in a single product that integrates seamlessly in a variety of development environments.

    SonarQube is a self-managed open-source platform that helps developers create code devoid of quality and vulnerability issues. By integrating seamlessly with the top DevOps platforms in the Continuous Integration (CI) pipeline, SonarQube continuously inspects projects across multiple programming languages, providing immediate status feedback while coding. SonarQube’s quality gates become part of your release pipeline, displaying pass/fail results for new code based on quality profiles you customize to your company standards. Following Sonar’s Clean as You Code methodology guarantees that only software of the highest quality makes it to production.

    At its core, SonarQube includes a static code analyzer that identifies bugs, security vulnerabilities, hidden secrets, and code smells. The platform guides you through issue resolution, fostering a culture of continuous improvement. SonarQube’s comprehensive reporting is a valuable tool for dev teams to monitor their codebase's overall health and quality across multiple projects in their portfolio. With SonarQube, you can achieve a state of Clean Code, leading to secure, reliable, and maintainable software.

    Sonar is the only solution combining the power of industry-leading software quality analysis with static application security testing (SAST) and real-time coding guidance in the IDE (with SonarLint) to meet the DevOps and DevSecOps demand of putting agility, automation, and security in the hands of developers. Further accelerate DevOps continuous integration by helping developers find and fix issues in code before the software testing stage, reducing the churn of finding, fixing, rebuilding, and retesting your app.

    With over 5,000 Clean Code rules, SonarQube analyzes 30+ of the most popular programming languages, including dozens of frameworks, the top DevOps platforms (GitLab, GitHub, Azure DevOps, and Bitbucket, and more), and the leading infrastructure as code (IaC) platforms.

    SonarQube is the most trusted static code analyzer used by over 7 million developers and 400,000 organizations globally to clean over half a trillion lines of code.

    Sample Customers
    Microsoft, NASA, Nasdaq, BlackLine, Murex
    Top Industries
    No Data Available
    REVIEWERS
    Computer Software Company30%
    Financial Services Firm21%
    Comms Service Provider7%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company15%
    Manufacturing Company11%
    Government6%
    Company Size
    No Data Available
    REVIEWERS
    Small Business25%
    Midsize Enterprise16%
    Large Enterprise59%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise13%
    Large Enterprise71%

    Semmle LGTM is ranked 5th in Software Development Analytics while SonarQube is ranked 1st in Software Development Analytics with 108 reviews. Semmle LGTM is rated 0.0, while SonarQube is rated 8.0. On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Semmle LGTM is most compared with , whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk.

    See our list of best Software Development Analytics vendors.

    We monitor all Software Development Analytics reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.