We performed a comparison between Check Point CloudGuard WAF and SonarQube based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It helps us streamline our revenue streams, and we're spending less money on application security."
"The solution's strongest point is that you can connect everything to it, giving you a full view of what's connected."
"The most effective CloudGuard feature for threat prevention is its web app protection."
"We have not had any incidents. We could realize its benefits immediately. We watched and monitored the traffic, and it was amazing to see the results."
"The tool performs device health checkups and updates us. It helps us to be compliant with regulatory policies."
"It is a highly scalable solution with a quick turnaround time for deployment and running of the software across any IT system."
"The solution offers sophisticated security techniques with unique characteristics that can be particularly valuable for the financial sector, which is where we develop apps."
"Its ability to adapt to our applications and ensure our security policies are followed is a big plus."
"SonarQube is good for checking and maintaining code quality."
"The features of SonarQube that I find most valuable for identifying code smells are its comprehensive code analysis capabilities, which cover various aspects of code sustainability."
"With SonarQube's web interface, it is easy to drill down to see the individual problems, but also to look at the project from above and get the big picture, with possible larger problem areas."
"We advise all of our developers to have this solution in place."
"The good thing with SonarQube is it covers a lot of issues, it's a very robust framework."
"SonarQube is one of the more popular solutions because it supports 29 languages."
"I like that it helps us maintain our work quality and code security."
"The most valuable features are that it is user-friendly, easy to access, and they provide good training files."
"I advise proactive threat detection intelligence offline, which can also help monitor and ensure system checks and compliances are in place."
"In terms of features, I do not have any negatives. Their integration is extremely quick. It is better than others I have been involved with in the past. Their pricing model, however, can be better."
"I would like to be able to integrate the theme of Artificial Intelligence to help review issues and to monitor and view the security issue while also suggesting and interpreting and additionally configuring solutions - basically, acting as an interpreter."
"A feature we'd like to see in the future is something that could protect against other attack vectors, with a focus on application protection."
"Deeper and more transparent integration between Cloud Application Security and analysis monitoring tools could be very valuable - although the solution currently offers integrations with third-party security tools."
"For the next release, I would suggest considering features like enhanced threat intelligence integration."
"Check Point CloudGuard Application Security needs to improve updates on integrations. It also needs to incorporate real-time monitoring features."
"The coding configurations can be simplified to save time for IT teams and developers."
"Ease of use/interface."
"Having performance regression would be a helpful add on or ability to be able to do during the scan."
"Expression of common vulnerabilities and exposures is not always current."
"If the product could assist us with fixing issues by giving us more pointers then it would help to resolve more of the warnings without such a commitment in terms of time."
"SonarQube is not development-centric like Snyk."
"We had some issues scanning the master branch but when we upgraded to version 7.9 we noticed it does scan the master branch but we had to do a workaround for it to happen. This process could be improved in a future release."
"SonarQube needs to improve its support model. They do not work 24/7, and they do not provide weekend support in case things go wrong. They only have a standard 8:00 am to 5:00 pm support model in which you have to raise a support ticket and wait. The support model is not effective for premium customers."
"After scanning our code and generating a report, it would be helpful if SonarQube could also generate a solution to fix vulnerabilities in the report."
Check Point CloudGuard WAF is ranked 11th in Application Security Tools with 30 reviews while SonarQube is ranked 1st in Application Security Tools with 110 reviews. Check Point CloudGuard WAF is rated 9.0, while SonarQube is rated 8.0. The top reviewer of Check Point CloudGuard WAF writes "Automation capabilities also help streamline security processes and smooths down API integration processes and detects API availability". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Check Point CloudGuard WAF is most compared with Checkmarx One, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk. See our Check Point CloudGuard WAF vs. SonarQube report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.