We performed a comparison between Check Point CloudGuard WAF and SonarQube based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It offers high performance and improved productivity for users."
"The solution offers sophisticated security techniques with unique characteristics that can be particularly valuable for the financial sector, which is where we develop apps."
"The tool helps us to block IPs and applications."
"User attitude reviews help us keep all online users compliant with company regulations and policies."
"By using a cloud application security solution, our company can save costs by reducing the need for additional security hardware and software and improving operational efficiency."
"The features I have found most valuable are the comprehensive threat prevention capabilities, automated policy management, and seamless integration with cloud environments."
"We have not had any incidents. We could realize its benefits immediately. We watched and monitored the traffic, and it was amazing to see the results."
"The solution offers continuous security monitoring and alerting, which can help organizations detect and respond to security incidents in real time."
"I like that it has a better dashboard compared to Clockwork. It's also stable."
"It's a great product. If you are in a hurry and just want to focus on the functional requirements of any kind of project, SonarQube is highly helpful. It enables the developers to code securely. SonarQube has a Community edition, which is open source and free. There are also three proprietary or paid versions: Enterprise edition, Data Center edition, and Developer edition."
"The most valuable features are the analysis and detection of issues within the application code."
"It has very good scalability and stability."
"With SonarQube's web interface, it is easy to drill down to see the individual problems, but also to look at the project from above and get the big picture, with possible larger problem areas."
"The solution can verify vulnerabilities, code smells, and hotspots. It makes the software more secure and it helps make a junior or novice developer sharper."
"Some of the most valuable features have been the latest up-to-date of the OWASP, the monitoring, the reporting, and the ease of use with the IDE plugins, in terms of integration."
"Strong code evaluation for budget-minded clients."
"For the next release, I would suggest considering features like enhanced threat intelligence integration."
"I do not know if it is already there, but I would like to have complete visibility between the posture management and firewall as a service."
"The documentation needs to be updated, more improved, and simplified... so that even a beginner can start with this application. It can make things more beginner-friendly."
"Improving the process for handling licensing renewals would be a welcome enhancement."
"We would like to have a solution of this type for the administration of applications from mobile devices."
"The documentation of each of the tools that they offer needs to be better."
"The coding configurations can be simplified to save time for IT teams and developers."
"I have encountered issues with Check Point CloudGuard Application Security's technical support. It also has missing configuration features."
"There are times that we have the database crash. However, this might be an issue with how we have configured it and not a software issue. Apart from this, I do not see any issues with the solution."
"A better design of the interface and add some new rules."
"Having performance regression would be a helpful add on or ability to be able to do during the scan."
"The implementation of the solution is straightforward. However, we did have some initial initialization issues at the of the projects. I don't think it was SonarQube's fault. It was the way it was implemented in our organization because it's mainly integrated with many software, such as Jira, Confluence, and Butler."
"It requires advanced heuristics to recognize more complex constructs that could be disregarded as issues."
"It would be a great add-on if SonarQube could update its database for vulnerabilities or plugging parts."
"If you don't have any experience with the configuration or how to configure the files, it can be complicated."
"There is no automation. You need to put the code there and test. You then pull the results and put them back in the development environment. There is no integration with the development environment. We would like it to be integrated with our development environment, which is basically the CI/CD pipeline or the IDE that we have."
Check Point CloudGuard WAF is ranked 11th in Application Security Tools with 30 reviews while SonarQube is ranked 1st in Application Security Tools with 110 reviews. Check Point CloudGuard WAF is rated 9.0, while SonarQube is rated 8.0. The top reviewer of Check Point CloudGuard WAF writes "Automation capabilities also help streamline security processes and smooths down API integration processes and detects API availability". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Check Point CloudGuard WAF is most compared with Checkmarx One, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk. See our Check Point CloudGuard WAF vs. SonarQube report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.