We performed a comparison between Contrast Security Protect and SonarQube based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution has excellent real-time capabilities."
"The product gives a few false positives. We get 99 percent true positives."
"Protect provides us with more in-depth visibility into ongoing attacks."
"SonarQube is good for checking and maintaining code quality."
"We use this solution for qualitative coding. We make use of the SonarLint plugin as well as the dashboard."
"We can create a Quality Gate in order to fail Jenkins jobs where the code coverage is lower than the set percentage."
"The reporting and the results are quick. It gets integrated within the pipeline well."
"The most valuable feature of SonarQube I have found to be the configuration that has allowed us to can make adjusts to the demands of the code review. It gives a specified classification regarding the skill, prioritization, and it is easy for me to review and make my code."
"I like that it's easy to navigate not just in terms of code findings but you can actually see them in the context of your source code because it gives you a copy of your code with the items that it found and highlights them. You can see it directly in your code, so you can easily go back and make the corrections in the code. It basically finds the problems for you and tells you where they are."
"Some of the most valuable features have been the latest up-to-date of the OWASP, the monitoring, the reporting, and the ease of use with the IDE plugins, in terms of integration."
"All the features of the solution are quite good."
"Contrast Security Protect needs to improve integration."
"There's room for improvement in the initial setup."
"Protect's reporting GUI is very basic. To get all statuses from the APIs, we needed to write our own KPI dashboard to provide reports."
"A robust credential scanner would be a huge bonus as it would remove the need for yet another niche product."
"Ease of use/interface."
"It would be better if SonarQube provided a good UI for external configuration."
"SonarQube could be improved by implementing inter-procedural code analysis capabilities, allowing for a more comprehensive detection of defects and vulnerabilities across the entire codebase."
"Currently requires multiple tools, lacking one overall tool."
"The product's pricing could be lower."
"A better design of the interface and add some new rules."
"Our developers have complained about the Quality Gates and the number of false positives that this product reports."
Contrast Security Protect is ranked 32nd in Application Security Tools with 3 reviews while SonarQube is ranked 1st in Application Security Tools with 110 reviews. Contrast Security Protect is rated 8.4, while SonarQube is rated 8.0. The top reviewer of Contrast Security Protect writes "It provides us with more in-depth visibility into ongoing attacks". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Contrast Security Protect is most compared with Fortify on Demand, Snyk, Tenable.io Web Application Scanning, Sonatype Lifecycle and HCL AppScan, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk. See our Contrast Security Protect vs. SonarQube report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.