We performed a comparison between Apiiro and SonarQube based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Apiiro's secrets detection feature has saved us several times, which we appreciate greatly."
"The workflow automation is likely the best aspect of the solution."
"This has improved our organization because it has helped to find Security Vulnerabilities."
"This solution has the capability to analyze source code in almost all the languages in the market."
"We can create a Quality Gate in order to fail Jenkins jobs where the code coverage is lower than the set percentage."
"Improve the code coverage and evaluates the technical steps and percentage of code being resolved."
"It provides you with many features, as it does with the premium model, but there are still extra features that can be purchased if needed."
"Integrate it into the developers' workbench so that they can bench check their code against what will be done in the server-based audit version."
"The static code analysis is very good."
"We have worked with the support from SonarQube and we have had good experiences."
"I would like support for our self-hosted Git server, other than GitHub, just regular Git."
"User management is a little bit clunky."
"This is a well-rounded solution, however, some features could be made available on the free version. The price of the solution could be reduced."
"I would also like SonarQube to be able to write custom scanning rules. More documentation would be helpful as well because some of our guys were struggling with the customization script."
"We're in the process of figuring out how to automate the workflow for QA audit controls on it. I think that's perhaps an area that we could use some buffing. We're a Kubernetes shop, so there are some things that aren't direct fits, which we're struggling with on the component Docker side. But nothing major."
"We could use some team support, but since we are using the community version, it's not available."
"The scanning part could be improved in SonarQube. We have used Coverity for scanning, and we have the critical issues reported by Coverity. When we used SonarQube for scanning and looked at the results, it seems that some of them have incorrect input. This part can be improved for C and C++ languages."
"When we have a thousand products published over it, we expect it to be more efficient in terms of serving requests from the browser."
"There are limitations to the free version that limit development options as far as languages."
"Currently requires multiple tools, lacking one overall tool."
Apiiro is ranked 21st in Static Application Security Testing (SAST) with 2 reviews while SonarQube is ranked 1st in Static Application Security Testing (SAST) with 110 reviews. Apiiro is rated 8.6, while SonarQube is rated 8.0. The top reviewer of Apiiro writes "A great secrets detection feature, good visibility, and integrates well". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Apiiro is most compared with Snyk, Ox Security, Cycode, Semgrep Supply Chain and Checkmarx One, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk. See our Apiiro vs. SonarQube report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.