We performed a comparison between Polyspace Code Prover and SonarQube based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The outputs are very reliable."
"Polyspace Code Prover has made me realize it differs from other static code analysis tools because it runs the code. So it's quite distinct in that aspect."
"The product detects memory corruptions."
"When we work on safety modules, it is mandatory to fulfill ISO 26262 compliance. Using Prover helps fulfill the standard on top of many other quality checks, like division by zero, data type casts, and null pointer dereferences."
"Polyspace Code Prover is a very user-friendly tool."
"Any developer can easily identify issues using the process flow or steps provided by SonarQube. In terms of integration, SonarQube makes it quite easy, simplifying the steps for users."
"It's enabled us to improve software quality and help us to disseminate best practices."
"If you want to have your code scanned and timed then this is a good tool."
"Strong code evaluation for budget-minded clients."
"It assists during the development with SonarLint and helps the developer to change his approach or rather improve his coding pattern or style. That's one advantage I've seen. Another advantage is that we can customize the rules."
"It provides the security that is required from a solution for financial businesses."
"There's plenty of documentation available to users."
"With SonarQube's web interface, it is easy to drill down to see the individual problems, but also to look at the project from above and get the big picture, with possible larger problem areas."
"Using Code Prover on large applications crashes sometimes."
"Automation could be a challenge."
"The tool has some stability issues."
"I'd like the data to be taken from any format."
"One of the main disadvantages is the time it takes to initiate the first run."
"We had some issues where the Quality Gate check sometimes gets stuck and it is unclear."
"I am not very pleased with the technical debt computation."
"After scanning our code and generating a report, it would be helpful if SonarQube could also generate a solution to fix vulnerabilities in the report."
"I would like to see dynamic code analysis in the next version of the software."
"In terms of analysis and findings, other tools provide more in-depth insights and detailed steps to mitigate or handle issues."
"The solution could improve by having better-consulting services."
"When we have a thousand products published over it, we expect it to be more efficient in terms of serving requests from the browser."
"Dynamic scanning is missing and there are some issues with security scanning."
Polyspace Code Prover is ranked 23rd in Application Security Tools with 5 reviews while SonarQube is ranked 1st in Application Security Tools with 112 reviews. Polyspace Code Prover is rated 7.6, while SonarQube is rated 8.0. The top reviewer of Polyspace Code Prover writes "A stable solution for developing software components". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Polyspace Code Prover is most compared with Coverity, Klocwork, CodeSonar, Parasoft SOAtest and GitLab, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk. See our Polyspace Code Prover vs. SonarQube report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.