We performed a comparison between SonarQube and Trustwave App Scanner [EOL] based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."We've configured it to run on each commit, providing feedback on our software quality. ]"
"The most valuable features are the segregation containment and the suspension of product services."
"Strong code evaluation for budget-minded clients."
"When comparing other static code analysis tools, SonarQube has fewer false-positive issues being reported. They have a lot of support for different tech stacks. It covers the entire developer community which includes Salesforce or it could be the regular Java.net project. It has actually sufficed all the needs in one tool for static code analysis."
"The most valuable features are the wide array of languages, multiple languages per project, the breakdown of bugs, and the description of vulnerabilities and code smells (best practices)."
"This solution has the capability to analyze source code in almost all the languages in the market."
"It provides the security that is required from a solution for financial businesses."
"The software quality gate streamlines the product's quality."
"The stability is great. We haven't had any issues at all with it."
"SonarQube needs to improve its support model. They do not work 24/7, and they do not provide weekend support in case things go wrong. They only have a standard 8:00 am to 5:00 pm support model in which you have to raise a support ticket and wait. The support model is not effective for premium customers."
"SonarQube could improve by adding automatic creation of tasks after scanning and more support for the Czech language."
"The BPM language is important and should be considered in SonarQube."
"I am not very pleased with the technical debt computation."
"During the setup process, we only had one issue related to the number of available files. To perform the analysis, you have quite a lot of available file handles, so we had to increase that limit."
"The solution could improve by having better-consulting services."
"I find it is light on the security side."
"You may need to purchase add-ons to get the useability you desire."
"I would like to see a little more flexibility with regards to setting up profiles for vulnerabilities."
Earn 20 points
SonarQube is ranked 1st in Application Security Tools with 110 reviews while Trustwave App Scanner [EOL] doesn't meet the minimum requirements to be ranked in Application Security Tools. SonarQube is rated 8.0, while Trustwave App Scanner [EOL] is rated 7.6. The top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". On the other hand, the top reviewer of Trustwave App Scanner [EOL] writes "It helps us troubleshoot failed scans and incomplete statuses". SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk, whereas Trustwave App Scanner [EOL] is most compared with .
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.