We performed a comparison between Digital.ai Application Security and SonarQube based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."I used the tool to prepare for the interview as a Business Developer. It helped me improve my understanding on software security."
"We have the software metrics that SonarQube gives us, which is something we did not have before. This helps us work towards aiming coding standards to empower us to move in the direction of better code quality. SonarQube provides targets and metrics for that."
"The reporting and the results are quick. It gets integrated within the pipeline well."
"The tool helps us to monitor and manage violations. It manages the bugs and security violations."
"Offers multi-programming language support"
"It's a great product. If you are in a hurry and just want to focus on the functional requirements of any kind of project, SonarQube is highly helpful. It enables the developers to code securely. SonarQube has a Community edition, which is open source and free. There are also three proprietary or paid versions: Enterprise edition, Data Center edition, and Developer edition."
"It is an easy tool that you can deploy and configure. After that you can measure the history of your obligation and integrate it with other tools like GitLab or GitHub or Azure DevOps to do quality code analysis."
"We can create a Quality Gate in order to fail Jenkins jobs where the code coverage is lower than the set percentage."
"It has very good scalability and stability."
"I would like the tool to integrate AI and automation that is dedicated to detecting software vulnerabilities."
"SonarQube is not development-centric like Snyk."
"We had some issues scanning the master branch but when we upgraded to version 7.9 we noticed it does scan the master branch but we had to do a workaround for it to happen. This process could be improved in a future release."
"Lacks sufficient visibility and documentation."
"The solution is a bit lacking on the security side, in terms of finding and identifying vulnerabilities."
"Code security could be better. They are already focusing on it, but I see a lot of improvement opportunities over there. I can see a lot of false positives in terms of security. They need to make the tests more accurate so that the false positives are not detected so frequently. It would also help if they provided us with an installer."
"The interface could be a little better and should be enhanced."
"We could use some team support, but since we are using the community version, it's not available."
"It does not provide deeper scanning of vulnerabilities in an application, on a live session. This is something we are not happy about. Maybe the reason for that is we are running the community edition currently, but other editions may improve on that aspect."
Digital.ai Application Security is ranked 37th in Application Security Tools with 1 review while SonarQube is ranked 1st in Application Security Tools with 112 reviews. Digital.ai Application Security is rated 6.0, while SonarQube is rated 8.0. The top reviewer of Digital.ai Application Security writes "Helps to improve knowledge on software security ". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Digital.ai Application Security is most compared with PortSwigger Burp Suite Professional, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and GitHub Advanced Security.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
