We changed our name from IT Central Station: Here's why
2021-08-30T12:47:00Z

Which gives you more for your money - SonarQube or Veracode?


Why is one better than the other?

ITCS user
Guest
67 Answers

author avatar
Top 5LeaderboardReal User

We have used SonarQube quite a lot and this is great to check code quality, security hotspots much earlier in the SDLC and fix those. The community edition is free to use, can be used on-premises and is integrated seamlessly with Jenkins and others. The Enterprise and Developer commercial editions offer a lot more rules and functionalities.


Veracode is mostly in space of security testing and amongst the leader in this space. It's a commercial product and has no community edition, to the best of my knowledge. 


Depending on your use cases, you will need both of these areas to be covered through these or other tools.

2021-09-07T04:42:26Z
author avatar
Top 5Vendor

Feels like a false choice to me. They each are trying to do different things as other posters have suggested. What are the outcomes you are looking for?

2021-10-07T18:43:24Z
author avatar
Top 5LeaderboardReal User

Both products in the industry are practiced slightly for different purposes. If you are after the code then SonarQube and if you are after the security then Veracode.

2021-10-05T06:07:16Z
author avatar
Top 20Real User

They are mainly two different products. 


If your goal is to set the quality on code then SonarQube is your answer. 


On the other side, if your main goal is to set high-quality standards in terms of cybersecurity (i.e. both security and compliance with regulations), then Veracode is a better match.

2021-09-06T19:14:29Z
author avatar
User

Klocwork

2021-09-06T17:59:56Z
author avatarEvgeny Belenky
Community Manager

@Akash Singh Singh can you please explain why do you recommend a different product? What are its advantages?

Find out what your peers are saying about SonarQube vs. Veracode and other solutions. Updated: January 2022.
564,322 professionals have used our research since 2012.