Try our new research platform with insights from 80,000+ expert users

Acunetix vs SonarQube Server (formerly SonarQube) comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 30, 2024
 

Categories and Ranking

Acunetix
Ranking in Application Security Tools
18th
Ranking in Static Application Security Testing (SAST)
14th
Average Rating
7.6
Reviews Sentiment
7.3
Number of Reviews
30
Ranking in other categories
Vulnerability Management (20th), DevSecOps (6th)
SonarQube Server (formerly ...
Ranking in Application Security Tools
1st
Ranking in Static Application Security Testing (SAST)
1st
Average Rating
8.0
Number of Reviews
113
Ranking in other categories
Software Development Analytics (1st)
 

Mindshare comparison

As of November 2024, in the Application Security Tools category, the mindshare of Acunetix is 2.5%, up from 2.3% compared to the previous year. The mindshare of SonarQube Server (formerly SonarQube) is 26.7%, down from 27.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

AnubhavGoswami - PeerSpot reviewer
Oct 7, 2024
Attractive automated reports with boost user productivity and an easy setup
The primary use is mainly related to vulnerability assessment, including both public and internal IP addresses By using this tool, we have reduced the workload and increased the productivity of users. It generates automated reports. This feature is beneficial when sharing reports with clients as…
Wang Dayong - PeerSpot reviewer
May 10, 2023
Easy to integrate and has a plug-in that supports both C and C++ languages
We use the product to review our software codes. We have integrated the product to review our new delivery code When we deliver a code, the solution scans the code and reports whether the code has bugs or any other vulnerability issues. Thus the solution helps us identify issues and improve the…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"By integrating with CI/CD tools, it enables a shift-left approach in the development process."
"The vulnerability scanning option for analyzing the security loopholes on the websites is the most valuable feature of this solution."
"For us, the most valuable aspect of the solution is the log-sequence feature."
"The automated approach to these repetitive discovery attempts would take days to do manually and therefore it helps reduce the time needed to do an assessment."
"We are able to create a report which shows the PCI DSS scoring and share it with the application teams. Then, they can correlate and see exactly what they need to fix, and why."
"Acunetix is the best service in the world. It is easy to manage. It gives a lot of information to the users to see and identify problems in their site or applications. It works very well."
"The most valuable feature of Acunetix is the UI and the scan results are simple."
"It's very user-friendly for the testing teams. It's very easy for them to understand things and to fix vulnerabilities."
"The solution offers a very good community edition."
"The software quality gate streamlines the product's quality."
"The solution has a wide variety of features and an open-source community that you are able to learn Java, JavaScript, or any other programing language."
"The solution is stable."
"When comparing other static code analysis tools, SonarQube has fewer false-positive issues being reported. They have a lot of support for different tech stacks. It covers the entire developer community which includes Salesforce or it could be the regular Java.net project. It has actually sufficed all the needs in one tool for static code analysis."
"We can create a Quality Gate in order to fail Jenkins jobs where the code coverage is lower than the set percentage."
"The solution has a plug-in that supports both C and C++ languages."
"Using SonarQube has helped us to identify areas of technical debt to work on, resulting in better code, fewer vulnerabilities, and fewer bugs."
 

Cons

"While we do have it integrated with other solutions, it could still offer more integrations."
"Acunetix needs to improve its cost."
"It is difficult to create a proxy connection."
"It would be nice to have a feature to "retest" only a single vulnerability that the customer reports as patched, and delete it from the next scans since it has already been patched."
"There's a clear need for a reduction in pricing to make the service more accessible."
"The solution limits the number of scans. It would be much better if we could have unlimited scans."
"The jargon used makes it difficult for project managers to understand the issues, and the technical explanations used make it difficult for developers to understand issues. These things should be simplified much more. That would be very helpful for us when explaining to them what needs to be fixed. The report output needs to be simplified."
"The pricing is a bit on the higher side."
"The learning curve can be fairly steep at first, but then, it's not an entry-level type of application. It's not like an introduction to C programming. You should know not just C programming and how to make projects but also how to apply its findings to the bigger picture. I've had users who said that they wish it was easier to understand how to configure, but I don't know if that's doable because what it's doing is a very complicated thing. I don't know if it is possible to make a complicated thing trivially simple."
"The BPM language is important and should be considered in SonarQube."
"We could use some team support, but since we are using the community version, it's not available."
"One thing to improve would be the integration. There is a steep learning curve to get it integrated."
"The product must improve security analysis."
"The product provides false reports sometimes."
"The product's pricing could be lower."
"During the setup process, we only had one issue related to the number of available files. To perform the analysis, you have quite a lot of available file handles, so we had to increase that limit."
 

Pricing and Cost Advice

"I would say that Acunetix is expensive because there are products on the market with similar features that are equally or better-priced."
"Implementing Acunetix needs a medium or larger business agency, because you need some money to get Acunetix. It is costly, but if you care about your agency's security, then maybe it's a cost that might help you in the future."
"It is a bit expensive. If you need to check five applications, you have to pay almost 14,000. It is an agreement for two years at 7,000 per year for only five applications. You cannot change the applications in the license. So, you are stuck with the same license for the five applications for one full year."
"All things considered, I think it has a good price/value ratio."
"When we looked at all other vendors and what they were asking for, to provide a third of what Acunetix was capable of doing, it was an easy decision... But now that it's coming to a cost where it's line with market value, it becomes more of a competition... Acunetix is raising the cost of licensing. It's 3.5 times what we were initially quoted."
"The solution is expensive."
"When compared with other products, the pricing is a little bit high. But it gives value for the price. It serves the purpose and is worthwhile for the price we pay."
"The cost is based on two types of licenses, ConsultLite, and ConsultPlus, as well as the number of domains that are scanned."
"I requested this license for one million lines of code and they accepted this."
"We are using the Community edition of SonarQube."
"I was using the Community Edition, which is available free of charge."
"I am satisfied with the pricing."
"We use the solution free of cost."
"SonarQube is a fairly affordable solution for a larger scale if you have a specific role or specific department for secure code."
"On the pricing side, it's 3,000 Euros for 1 million lines of code."
"SonarQube price is a little bit higher than Kiuwan's. Kiuwan also gives a little bit of flexibility in terms of pricing."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
814,528 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
18%
Financial Services Firm
13%
Government
9%
Manufacturing Company
8%
Financial Services Firm
17%
Computer Software Company
15%
Manufacturing Company
13%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Acunetix Vulnerability Scanner?
The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning time depends on the application's code.
What is your primary use case for Acunetix Vulnerability Scanner?
The primary use is mainly related to vulnerability assessment, including both public and internal IP addresses.
What advice do you have for others considering Acunetix Vulnerability Scanner?
I would generally recommend Acunetix to any organization in the IT-enabled sector. However, I have not worked for a non-IT organization, so I cannot comment on that. I'd rate the solution nine out ...
Is SonarQube the best tool for static analysis?
I am not very familiar with SonarQube and their solutions, so I can not answer. But if you are asking me about which tools that are the best for for Static Code Analysis, I suggest you have a look...
Which gives you more for your money - SonarQube or Veracode?
SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use...
How would you decide between Coverity and Sonarqube?
We researched Coverity, but in the end, we chose SonarQube. SonarQube is a tool for reviewing code quality and security. It helps to guide our development teams during code reviews by providing rem...
 

Also Known As

AcuSensor
Sonar
 

Learn More

 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Joomla!, Digicure, Team Random, Credit Suisse, Samsung, Air New Zealand
Information Not Available
Find out what your peers are saying about Acunetix vs. SonarQube Server (formerly SonarQube) and other solutions. Updated: October 2024.
814,528 professionals have used our research since 2012.