We performed a comparison between Digital.ai Application Security and SonarQube based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."I used the tool to prepare for the interview as a Business Developer. It helped me improve my understanding on software security."
"With SonarQube's web interface, it is easy to drill down to see the individual problems, but also to look at the project from above and get the big picture, with possible larger problem areas."
"We use this solution for qualitative coding. We make use of the SonarLint plugin as well as the dashboard."
"The customizable dashboard and ability to include results and coverage from unit test and other static analysis code tools."
"We are using the Community edition. So, we don't have to incur any licensing costs. This is the best part."
"Using SonarQube has helped us to identify areas of technical debt to work on, resulting in better code, fewer vulnerabilities, and fewer bugs."
"The static code analysis of the solution is the most important aspect for us. When it comes to security breaches within the code, we can leverage some rules to allow us to identify the repetition in our code and the possible targets that we may have. It makes it very easy to review our code for security purposes."
"Some of the most valuable features have been the latest up-to-date of the OWASP, the monitoring, the reporting, and the ease of use with the IDE plugins, in terms of integration."
"I like that it's easy to navigate not just in terms of code findings but you can actually see them in the context of your source code because it gives you a copy of your code with the items that it found and highlights them. You can see it directly in your code, so you can easily go back and make the corrections in the code. It basically finds the problems for you and tells you where they are."
"I would like the tool to integrate AI and automation that is dedicated to detecting software vulnerabilities."
"New plug-ins should be integrated into SonarCloud to give more flexibility to the product."
"There isn't a very good enterprise report."
"The product needs to integrate other security tools for security scanning."
"Ease of use/interface."
"SonarQube can improve by scanning the internal library which currently it does not do. We are looking for a solution for this."
"Technical support and the price could be better."
"The learning curve can be fairly steep at first, but then, it's not an entry-level type of application. It's not like an introduction to C programming. You should know not just C programming and how to make projects but also how to apply its findings to the bigger picture. I've had users who said that they wish it was easier to understand how to configure, but I don't know if that's doable because what it's doing is a very complicated thing. I don't know if it is possible to make a complicated thing trivially simple."
"In the next release, I would like to have notifications because now, it is a bit difficult. I think that's a feature which we could add there and it would benefit the users as well. For every full request, they should be able to see their bugs or vulnerability directly on the surface."
Digital.ai Application Security is ranked 36th in Application Security Tools with 1 review while SonarQube is ranked 1st in Application Security Tools with 110 reviews. Digital.ai Application Security is rated 6.0, while SonarQube is rated 8.0. The top reviewer of Digital.ai Application Security writes "Helps to improve knowledge on software security ". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Digital.ai Application Security is most compared with PortSwigger Burp Suite Professional and Fortify Application Defender, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.