What is the biggest difference between Checkmarx and SonarQube?

  • 3
  • 205
PeerSpot user

3 Answers

Real User
Feb 4, 2020

SonarQube historically was focused on Code Quality and Best Practices. Recently the enterprise and data center versions provide some security vulnerabilities detection with OWASP compliance. This is not enough. If you are focused on Secure Coding, Checkmarx is much better. Most of the enterprise customers use to work with CheckMarx and SonarQube (free version) together in order to detect Security and Quality/Best Practices Issues.

Product comparison that may be of interest to you
Mar 2, 2021

I’ve always viewed sonarqube as a code quality tool that compliments many code security tools like a checkmarx. 

Real User
Feb 4, 2020

The major difference I have seen between Checkmarx and SonarQube is :

CheckMarx support: Supports a large number of languages and finds a large variety of potential risks.

Apart from this, I don't see any big differences.

Find out what your peers are saying about Checkmarx vs. SonarQube and other solutions. Updated: November 2023.
746,723 professionals have used our research since 2012.
Checkmarx vs. SonarQube comparison
We performed a comparison between SonarQube and Checkmarx based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below. Ease of Deployment: SonarQube's setup is generally considered straightforward, with users finding it simple and quick. Some users said that Checkmarx is easy to set up, while others faced difficulties. Proper documentation and a dedicated team helped make the process smoother....
Download Checkmarx vs. SonarQube comparison ReportRead more

Related Q&As