SonarQube, a core component of the Sonar solution, is an open source, self managed tool that systematically helps developers and organizations deliver Clean Code. SonarQube integrates into the developers' CI/CD pipeline and DevOps platform to detect and help fix issues in the code while performing continuous inspections of projects. Learn more:https://www.sonarsource.com/
This product is open source and very convenient.
This is open source.
This product is open source and very convenient.
This is open source.
Veracode is a leading application security platform that helps organizations to develop and deliver secure software. Veracode's solution provides comprehensive capabilities for static analysis, dynamic analysis, software composition analysis, and manual penetration testing.
Its complexity makes it quite expensive, but it’s all worth it, with all the engineering in the background.
The pricing is pretty high.
Its complexity makes it quite expensive, but it’s all worth it, with all the engineering in the background.
The pricing is pretty high.
Checkmarx is a highly accurate and flexible static code analysis product that allows organizations to automatically scan uncompiled code and identify hundreds of security vulnerabilities in all major coding languages and software frameworks. Checkmarx is available as a standalone product and can be effectively integrated into the software development lifecycle (SDLC) to streamline vulnerability detection and remediation. Checkmarx is trusted by leading organizations such as SAP, Samsung, and Salesforce.com.
The pricing is competitive and provides a lower TCO (total cost of ownership) for achieving application security.
I believe pricing is better compared to other commercial tools.
The pricing is competitive and provides a lower TCO (total cost of ownership) for achieving application security.
I believe pricing is better compared to other commercial tools.
Apigee is a platform for developing and managing APIs. Apigee offers an interface for your core services by wrapping them with a proxy layer which is then accessed by other developers. With Apigee, you can design and build APIs and then securely share their services and data without exposing any code.
As most of the customers say, the tool is a bit expensive.
Since it was acquired by Google, we can get a license based on our requirements and the cost level will depend on cloud access and support.
As most of the customers say, the tool is a bit expensive.
Since it was acquired by Google, we can get a license based on our requirements and the cost level will depend on cloud access and support.
GitLab is a complete DevOps platform that enables teams to collaborate and deliver software faster.
I think that we pay approximately $100 USD per month.
The price is okay.
I think that we pay approximately $100 USD per month.
The price is okay.
Tricentis Tosca is a continuous testing platform that uses the industry’s most innovative functional testing technologies. Unlike traditional testing technologies, which are siloed and can allow for integration risks that are likely to derail end-to-end processes, Tricentis Tosca accelerates testing across the enterprise to keep pace with Agile and DevOps and helps enterprise teams to achieve 90%+ test automation rates, thereby enabling them to deliver fast and continuous feedback.
It is an expensive tool compared to other test automation tools. It has a lot of advantages over other tools.
Expensive, but for long-term projects, it is paying back.
It is an expensive tool compared to other test automation tools. It has a lot of advantages over other tools.
Expensive, but for long-term projects, it is paying back.
Apache JMeter is an open-source Java application that tests load and functional behavior and performance in applications. Created initially to test web applications, it has expanded its functionality to test other functions. For instance, you can test a server to see how efficiently it works and how many user requests can be handled simultaneously.
Free
This is an open-source solution, and there are no fees.
Free
This is an open-source solution, and there are no fees.
Coverity gives you the speed, ease of use, accuracy, industry standards compliance, and scalability that you need to develop high-quality, secure applications. Coverity identifies critical software quality defects and security vulnerabilities in code as it’s written, early in the development process, when it’s least costly and easiest to fix. With the Code Sight integrated development environment (IDE) plugin, developers get accurate analysis in seconds in their IDE as they code. Precise actionable remediation advice and context-specific eLearning help your developers understand how to fix their prioritized issues quickly, without having to become security experts.
The price of this solution is negotiable, depending on the size of the organization.
Coverity is quite expensive.
The price of this solution is negotiable, depending on the size of the organization.
Coverity is quite expensive.
It's an expensive solution.
It took about five years to break even. UFT is costly.
It's an expensive solution.
It took about five years to break even. UFT is costly.
Fortify on Demand is a web application security testing tool that enables continuous monitoring. The solution is designed to help you with security testing, vulnerability management and tailored expertise, and is able to provide the support needed to easily create, supplement, and expand a software security assurance program without the need for additional infrastructure or resources.
We used the one-time application, Security Scan Dynamic. I believe the original fee was $8,000.
Buying a license would be feasible for regular use. For intermittent use, the cloud-based option can be used (Fortify on Demand).
We used the one-time application, Security Scan Dynamic. I believe the original fee was $8,000.
Buying a license would be feasible for regular use. For intermittent use, the cloud-based option can be used (Fortify on Demand).
Postman's Tools Support Every Stage of the API Lifecycle. Through design, testing and full production, Postman is there for faster, easier API development - without the chaos.
It is free.
We are currently using the free version, but we have plans to buy a license.
It is free.
We are currently using the free version, but we have plans to buy a license.
Katalon Studio is a regression testing tool that enables you to go low-code, boost productivity, and ease scalability. It is suitable for all platforms and operating systems, regardless of application complexity. The software is built on top of the open-source automation frameworks Selenium and Appium, with a specialized IDE interface for web, API, mobile, and desktop application testing. As a robust automation tool, Katalon Studio lets you run automated tests of UI elements, including pop-ups, iFrames, and wait time. The solution is ideal for both large and small organizations.
There is no cost for setup or licensing.
This product is freeware, so there is no charge for using it.
There is no cost for setup or licensing.
This product is freeware, so there is no charge for using it.
Burp Suite Professional, by PortSwigger, is the world’s leading toolkit for web security testing. Over 52,000 users worldwide, across all industries and organization sizes, trust Burp Suite Professional to find more vulnerabilities, faster. With expertly-engineered manual and automated tooling, you're able to test smarter - not harder.
This is a value for money product.
The cost is approximately $500 for a single license, and there are no additional costs beyond the standard licensing fees.
This is a value for money product.
The cost is approximately $500 for a single license, and there are no additional costs beyond the standard licensing fees.
What is SmartBear TestComplete?
The product is becoming more and more expensive.
My advice so far, is that while it’s not quite as powerful and easy to use as UFT, its price tag more than makes up for it.
The product is becoming more and more expensive.
My advice so far, is that while it’s not quite as powerful and easy to use as UFT, its price tag more than makes up for it.
Selenium HQ is an umbrella project that includes a number of tools and frameworks that allow for web browser automation. In particular, Selenium offers a framework for the W3C WebDriver specification, a platform- and language-neutral coding interface that works with all of the main web browsers.
Since it is an open source. It is free to use. However my company see it as the future of load testing.
It's open-source, so there's no need to pay for a license.
Since it is an open source. It is free to use. However my company see it as the future of load testing.
It's open-source, so there's no need to pay for a license.
OpenText LoadRunner Professional is a performance testing tool used for various software applications, including web-related use cases, API testing, and enterprise performance modeling. Its valuable features include quick test case creation and execution, graph monitoring, multiple protocols, scripting and executing tests, scalability, easy setup, auto-correlation, analysis and reporting capabilities, stability, reliability, and compatibility with various programming languages.
The cost depends greatly on the needs of the testing engagement.
I would still consider LoadRunner as an expensive tool and you get a LoadRunner and the Performance Center.
The cost depends greatly on the needs of the testing engagement.
I would still consider LoadRunner as an expensive tool and you get a LoadRunner and the Performance Center.
IBM Security AppScan enhances web application security and mobile application security, improves application security program management and strengthens regulatory compliance. By scanning your web and mobile applications prior to deployment, AppScan enables you to identify security vulnerabilities and generate reports and fix recommendations.
AppScan is a little bit expensive. IBM needs to work a little bit on the pricing model, decreasing the license cost.
With the features, that they offer, and the support, they offer, AppScan pricing is on a higher level.
AppScan is a little bit expensive. IBM needs to work a little bit on the pricing model, decreasing the license cost.
With the features, that they offer, and the support, they offer, AppScan pricing is on a higher level.
Sauce Labs is a functional testing tool that ensures your apps and websites work flawlessly on every browser, OS, and device. The solution allows you to automate functional testing on multiple operating systems and browsers, emulating the way that a user would use the website. With Sauce Labs, you can also run tests on various operating system and browser combinations in parallel, reducing the amount of time to get results. The Sauce Labs solution provides enterprise-grade security, scalability, and reliability.
We have an enterprise account; it has worked great for our needs.
Try the free trial and work with a Sauce Labs representative to see what package works best for your application(s).
We have an enterprise account; it has worked great for our needs.
Try the free trial and work with a Sauce Labs representative to see what package works best for your application(s).
ReadyAPI is an all-in-one automated testing platform that allows teams to create, manage, and execute automated functional, security, and performance tests in one centralized interface.
This is a cheap solution when you consider the money that will be saved in testing.
There are costs in addition to the licensing fee. For example, if you want to add the load testing you would pay more.
This is a cheap solution when you consider the money that will be saved in testing.
There are costs in addition to the licensing fee. For example, if you want to add the load testing you would pay more.
The cost is not that bad.
I think the number of users is also limited, considering how much we pay.
The cost is not that bad.
I think the number of users is also limited, considering how much we pay.
Klocwork detects security, safety, and reliability issues in real-time by using this static code analysis toolkit that works alongside developers, finding issues as early as possible, and integrates with teams, supporting continuous integration and actionable reporting.
Klocwork should not to be quite so heavy handed on the licensing for very specific programs.
Licensing fees are paid annually, but they also have a perpetual license.
Klocwork should not to be quite so heavy handed on the licensing for very specific programs.
Licensing fees are paid annually, but they also have a perpetual license.
Reliable GUI Test Automation that works.
The price could be better. I believe each developer license costs about 6000 or 7000 Euros per year.
The price could be better. I believe each developer license costs about 6000 or 7000 Euros per year.
For the cloud services option, you buy a subscription per account or per user. This costs around $52 a month per person.
I think that the pricing is quite good.
For the cloud services option, you buy a subscription per account or per user. This costs around $52 a month per person.
I think that the pricing is quite good.
Contrast Security is the world’s leading provider of security technology that enables software applications to protect themselves against cyberattacks, heralding the new era of self-protecting software. Contrast's patented deep security instrumentation is the breakthrough technology that enables highly accurate assessment and always-on protection of an entire application portfolio, without disruptive scanning or expensive security experts. Only Contrast has sensors that work actively inside applications to uncover vulnerabilities, prevent data breaches, and secure the entire enterprise from development, to operations, to production.
The solution is expensive.
The product's pricing is low. I would rate it a two out of ten.
The solution is expensive.
The product's pricing is low. I would rate it a two out of ten.
Polyspace Code Prover is a sound static analysis tool that proves the absence of overflow, divide-by-zero, out-of-bounds array access, and certain other run-time errors in C and C++ source code. It produces results without requiring program execution, code instrumentation, or test cases. Polyspace Code Prover uses semantic analysis and abstract interpretation based on formal methods to verify software interprocedural, control, and data flow behavior. You can use it on handwritten code, generated code, or a combination of the two. Each operation is color-coded to indicate whether it is free of run-time errors, proven to fail, unreachable, or unproven.
