We performed a comparison between ShiftLeft and SonarQube based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."When it comes to ShiftLeft, the most valuable feature is definitely its ease of use and cost-effectiveness."
"Integrate it into the developers' workbench so that they can bench check their code against what will be done in the server-based audit version."
"The customizable dashboard and ability to include results and coverage from unit test and other static analysis code tools."
"Code Convention: Using the tool to implement some sort of coding convention is really useful and ensures that the code is consistent no matter how many contributors."
"The most valuable function is its usability."
"SonarQube is useful for controlling all of our Azure task tracking and scanning."
"The software quality gate streamlines the product's quality."
"I like the by-default policies that are they, as they seem to cover most of what I need."
"It has very good scalability and stability."
"Having support from senior management is crucial in making it mandatory for teams to collaborate with the security team throughout the development process."
"I would like to see improvements in defining the quality sets of rules and the quality to ensure code with low-performance does not end up in production."
"We had some issues where the Quality Gate check sometimes gets stuck and it is unclear."
"Monitoring is a feature that can be improved in the next version."
"It does not provide deeper scanning of vulnerabilities in an application, on a live session. This is something we are not happy about. Maybe the reason for that is we are running the community edition currently, but other editions may improve on that aspect."
"I would like to see SonarQube implement a good amount of improvements to the product's security features. Another aspect of SonarQube that could be improved is the search functionality."
"For improvement, this solution could be offered on Docker and the cloud and the support for this solution could be improved. Customizing rules could also be made simpler."
"An improvement is with false positives. Sometimes the tool can say there is an issue in your code but, really, you have to do things in a certain way due to external dependencies, and I think it's very hard to indicate this is the case."
"The solution could improve by having better-consulting services."
ShiftLeft is ranked 26th in Application Security Tools with 1 review while SonarQube is ranked 1st in Application Security Tools with 112 reviews. ShiftLeft is rated 10.0, while SonarQube is rated 8.0. The top reviewer of ShiftLeft writes "Effectively in identify and fix bugs early in the development lifecycle". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". ShiftLeft is most compared with Black Duck, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and GitHub Advanced Security.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.