Coming October 25: PeerSpot Awards will be announced! Learn more

Sonar Projects

Check out these projects from our community members.
Sonarqube integration with bank Application
Sonarqube 4.0 integration with bank Application. The project was done mainly to give an overview to senior management… more »
Security-Focused and Cost-Effective Google Cloud Infrastructure
Inventify AG is a Swiss software startup, focusing on the development of Software-as-a-Service (SaaS) and cloud… more »

Sonar Questions

Vishal-Goyal - PeerSpot reviewer
Vishal-Goyal
Chief Architect at Peristent Systems
Aug 12 2022
Dear experts, I wanted to check with those who have experience in using both SonarQube Community Edition and SonarQube Enterprise Edition. What real advantages do you see in spending money to procure an enterprise license vs using community edition which is free? I'm aware enterprise provides ...
Read More »
Julia Frohwein - PeerSpot reviewer
Julia Frohwein
Content and Social Media Manager
PeerSpot (formerly IT Central Station)
May 29 2022

If you were talking to someone whose organization is considering SonarCloud, what would you say?

How would you rate it and why? Any other tips or advice?

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot (formerly IT Central Station)
May 29 2022

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Julia Frohwein - PeerSpot reviewer
Julia Frohwein
Content and Social Media Manager
PeerSpot (formerly IT Central Station)
May 29 2022

Please share with the community what you think needs improvement with SonarCloud.

What are its weaknesses? What would you like to see changed in a future version?

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot (formerly IT Central Station)
May 29 2022

Hi,

We all know it's really hard to get good pricing and cost information.

Please share what you can so you can help your peers.

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot (formerly IT Central Station)
May 29 2022

Hi Everyone,

What do you like most about SonarCloud?

Thanks for sharing your thoughts with the community!

Julia Frohwein - PeerSpot reviewer
Julia Frohwein
Content and Social Media Manager
PeerSpot (formerly IT Central Station)
Apr 27 2022

If you were talking to someone whose organization is considering SonarQube, what would you say?

How would you rate it and why? Any other tips or advice?

Julia Frohwein - PeerSpot reviewer
Julia Frohwein
Content and Social Media Manager
PeerSpot (formerly IT Central Station)
Apr 27 2022

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Julia Frohwein - PeerSpot reviewer
Julia Frohwein
Content and Social Media Manager
PeerSpot (formerly IT Central Station)
Apr 27 2022

Please share with the community what you think needs improvement with SonarQube.

What are its weaknesses? What would you like to see changed in a future version?

reviewer1503354 - PeerSpot reviewer
reviewer1503354Normally, SonarQube gives a quick response for scanning and is easier for… more »
63 Answers
Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot (formerly IT Central Station)
Apr 27 2022

Hi Everyone,

What do you like most about SonarQube?

Thanks for sharing your thoughts with the community!

Julia Frohwein - PeerSpot reviewer
Julia Frohwein
Content and Social Media Manager
PeerSpot (formerly IT Central Station)
Apr 10 2022

Hi,

We all know it's really hard to get good pricing and cost information.

Please share what you can so you can help your peers.

Netanya Carmi - PeerSpot reviewer
Netanya Carmi
Content Manager
PeerSpot (formerly IT Central Station)

Why is one better than the other?

Vishal-Goyal - PeerSpot reviewer
Vishal-GoyalWe have used SonarQube quite a lot and this is great to check code quality… more »
6 Answers
Netanya Carmi - PeerSpot reviewer
Netanya Carmi
Content Manager
PeerSpot (formerly IT Central Station)
Netanya Carmi - PeerSpot reviewer
Netanya Carmi
Content Manager
PeerSpot (formerly IT Central Station)
Netanya Carmi - PeerSpot reviewer
Netanya Carmi
Content Manager
PeerSpot (formerly IT Central Station)
Netanya Carmi - PeerSpot reviewer
Netanya Carmi
Content Manager
PeerSpot (formerly IT Central Station)
Netanya Carmi - PeerSpot reviewer
Netanya Carmi
Content Manager
PeerSpot (formerly IT Central Station)
Manoj Kumar Kemisetty - PeerSpot reviewer
Manoj Kumar Kemisetty
Sap Advanced Business Application Programming Consultant at Accenture

Hi community members,

Is SonarQube is the best tool for static analysis? Are there any good tools that compete with SonarQube?

Peter Arvedlund - PeerSpot reviewer
Peter ArvedlundI am not very familiar with SonarQube and their solutions, so I can not answer… more »
Purushothaman K - PeerSpot reviewer
Purushothaman KThe static tool we can use is Fortify or IBM Appscan. SonarQube is widely used… more »
Rama Susarla - PeerSpot reviewer
Rama SusarlaSonarQube is one of the widely used and easy-to-use tools.  With some easy… more »
10 Answers
Kit Ted - PeerSpot reviewer
Kit Ted
User at h

I'm currently researching the following two application security tools: Coverity and SonarQube.

Can anyone point me out to main differences between these 2 products?

Thanks for your help!

Malla Reddy Bakka - PeerSpot reviewer
Malla Reddy Bakka
User at a tech services company with 10,001+ employees

I currently work for a global product engineering and lifecycle services partner. 

We are currently evaluating Checkmarx and SonarQube for our PoC. What are the biggest differences between the two? Which would you recommend?

Thanks! I appreciate the help.

Elina Petrovna - PeerSpot reviewer
Elina PetrovnaSonarQube historically was focused on Code Quality and Best Practices. Recently… more »
ManojKumar9 - PeerSpot reviewer
ManojKumar9The major difference I have seen between Checkmarx and SonarQube is… more »
Curtis Yanko - PeerSpot reviewer
Curtis YankoI’ve always viewed sonarqube as a code quality tool that compliments many code… more »
3 Answers
AshokPandey - PeerSpot reviewer
AshokPandey
User at Becton, Dickinson and Company

I work in a large enterprise Healthcare Company. 

We are thinking of buying SonarQube licensing (Developer edition) and need to understand some details of it. Is there anyone I can talk to? 

Donovan Greeff - PeerSpot reviewer
Donovan GreeffSonarQube is an open source tool. The use of the developer edition leads me to… more »
Daniel Hall - PeerSpot reviewer
Daniel HallHi, we still use the community edition and not yet matured to the point where… more »
Russell Rothstein - PeerSpot reviewer
Russell Rothstein@Steven Gomez @Phil Denomme  @Jeff Ingalls @Donovan Greeff  @Kiran Gujju @Daniel… more »
3 Answers
William Hayes - PeerSpot reviewer
William Hayes
User at Securities America
I am looking for pros and cons for the Checkmarx vs SonarQube, in particular regarding: false positives tuning Sonarqube to reduce false positives without introducing false negatives.  I am also wondering if SonarQube could allow developers to delint their code before submitting it to SAS...
Read More »
Donovan Greeff - PeerSpot reviewer
Donovan GreeffMy opinions are my own and do not represent any other entities that I may be or… more »
Durga Gudimetla - PeerSpot reviewer
Durga GudimetlaSonarQube can be used for SAST. However, based on our internal analysis, our… more »
Swapna Ragi - PeerSpot reviewer
Swapna RagiSonarQube depends on completely what you configure the Rules. You will have the… more »
3 Answers
Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot (formerly IT Central Station)
One of the most popular comparisons on IT Central Station is Coverity vs SonarQube. People like you are trying to decide which one is best for their company. Can you help them out? What is the biggest difference between Coverity and SonarQube? Which of these two solutions would you recommend to...
Read More »
HungVu - PeerSpot reviewer
HungVuBoth of them are static analytic source tools but SonarQube focus on the quality… more »
1 Answer
Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot (formerly IT Central Station)
One of the most popular comparisons on IT Central Station is Fortify on Demand vs SonarQube. People like you are trying to decide which one is best for their company. Can you help them out? What is the biggest difference between Fortify on Demand and SonarQube? Which of these two solutions woul...
Read More »
Nurit Sherman - PeerSpot reviewer
Nurit Sherman
Content Specialist
PeerSpot (formerly IT Central Station)
One of the most popular comparisons on IT Central Station is Kiuwan vs SonarQube. One user says about Kiuwan, "It is the most effective tool for IT procurement managers and directors. It includes technical debt metrics and is action plan oriented to rejected deliveries." Another user says about...
Read More »
Arthur Hicken - PeerSpot reviewer
Arthur HickenIt depends on your role and what you're trying to accomplish. If you're trying… more »
CindyBlake - PeerSpot reviewer
CindyBlakeIt's generally better to test for security early in the SDLC so my choice would… more »
4 Answers
Nurit Sherman - PeerSpot reviewer
Nurit Sherman
Content Specialist
PeerSpot (formerly IT Central Station)
One of the most popular comparisons on IT Central Station is SonarQub and Veracode. People like you are trying to decide which one is best for their company. Can you help them out? Is SonarQube better than Veracode? What is the biggest difference between these two solutions, and which would you...
Read More »
it_user659862 - PeerSpot reviewer
it_user659862Both tools are important and meant for different purpose. Sonarcube for code… more »
it_user797598 - PeerSpot reviewer
it_user797598They are used for two different purposes. If your preference is… more »
Ramesh Karanam - PeerSpot reviewer
Ramesh KaranamI didn't get an opportunity to work on Veracode. However I would like put my… more »
7 Answers
Nurit Sherman - PeerSpot reviewer
Nurit Sherman
Content Specialist
PeerSpot (formerly IT Central Station)
One of the most popular comparisons on IT Central Station is Checkmarx vs SonarQube. One user said about Checkmarx that "It pinpoints the vulnerability in the code and also presents the flow of malicious input across the application." However, a user with experience with SonarQube has said "Wit...
Read More »
it_user150342 - PeerSpot reviewer
it_user150342SonarQube is not really an AppSec tool. It is widely used by developers and has… more »
it_user236706 - PeerSpot reviewer
it_user236706Checkmarx (costly commercial license) is for application security and SonalQube… more »
reviewer557727 - PeerSpot reviewer
reviewer557727SonarQube is a hub for code quality, its own security analysis capabilities are… more »
12 Answers