We performed a comparison between Seeker and SonarQube based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST)."A significant advantage of Seeker is that it is an interactive scanner, and we have found it to be much more effective in reducing the amount of false positives than dynamic scanners such as AppScan, Micro Focus Fortify, etc. Furthermore, with Seeker, we are finding more and more valid (i.e. "true") positives over time compared with the dynamic scanners."
"We consider it a handy tool that helps to resolve our issues immediately."
"If code coverage is a low number then that's of great value to me."
"It helps our developers work more efficiently as we can identify things in a code prior to it being pushed to where it needs to go."
"SonarQube: Recording of issues over a period of time, with an indication of the addition in the new issues or the reduction of existing issues (which were fixed)."
"The product is simple."
"Can tweak rules and feed them into our build pipelines."
"It provides the security that is required from a solution for financial businesses."
"SonarQube is good for checking and maintaining code quality."
"One area that Seeker can improve is to make it more customizable. All security scanning tools have a defined set of rules that are based on certain criteria which they will use to detect issues. However, the criteria that you set initially is not something that all applications are going to need."
"The product provides false reports sometimes."
"The implementation of the solution is straightforward. However, we did have some initial initialization issues at the of the projects. I don't think it was SonarQube's fault. It was the way it was implemented in our organization because it's mainly integrated with many software, such as Jira, Confluence, and Butler."
"I would like to see dynamic code analysis in the next version of the software."
"Although it has Sonar built into it, it is still lacking. Customization features of identifying a particular attack still need to be worked on. To give you an example: if we want to scan and do a false positive analysis, those types of features are missing. If we want to rescan something from a particular point that is a feature that is also missing. It’s in our queue. That will hopefully save a lot of time."
"We had some issues where the Quality Gate check sometimes gets stuck and it is unclear."
"In terms of what can be improved, the areas that need more attention in the solution are its architecture and development."
"After scanning our code and generating a report, it would be helpful if SonarQube could also generate a solution to fix vulnerabilities in the report."
"I am not very pleased with the technical debt computation."
Seeker is ranked 25th in Static Application Security Testing (SAST) with 1 review while SonarQube is ranked 1st in Static Application Security Testing (SAST) with 112 reviews. Seeker is rated 7.0, while SonarQube is rated 8.0. The top reviewer of Seeker writes "More effective than dynamic scanners, but is missing useful learning capabilities". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Seeker is most compared with Synopsys API Security Testing, Coverity, Contrast Security Assess, Polaris Software Integrity Platform and Checkmarx One, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and GitHub Advanced Security.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.