Try our new research platform with insights from 80,000+ expert users

Check Point CloudGuard WAF vs SonarQube Server (formerly SonarQube) comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 30, 2024
 

Categories and Ranking

Check Point CloudGuard WAF
Ranking in Application Security Tools
10th
Average Rating
8.8
Reviews Sentiment
7.9
Number of Reviews
34
Ranking in other categories
Web Application Firewall (WAF) (14th)
SonarQube Server (formerly ...
Ranking in Application Security Tools
1st
Average Rating
8.0
Number of Reviews
113
Ranking in other categories
Static Application Security Testing (SAST) (1st), Software Development Analytics (1st)
 

Mindshare comparison

As of November 2024, in the Application Security Tools category, the mindshare of Check Point CloudGuard WAF is 0.1%, up from 0.1% compared to the previous year. The mindshare of SonarQube Server (formerly SonarQube) is 26.7%, down from 27.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

Ashish Upadhyay - PeerSpot reviewer
Mar 18, 2024
Automation capabilities also help streamline security processes and smooths down API integration processes and detects API availability
There is room for improvement in the pricing strategy. By reducing their cost and extending the trial period, Check Point can attract more partnerships and customers, keeping up with other vendors in the field. It has a trial period, but they can extend it so we can better evaluate how it's working in our environment and how well it is suited. It should be converted to activate some discounts on buying standard versions. This will attract more of us, and we'll get more time to check the application and how it works. Additionally, their effort to involve IT teams would mean continuous adaptation to meet business requirements. This can help with the price picture and increasing the trial period so we can better evaluate the cost-effectiveness. Also, Check Point need to continue developing new features and arrangements in line with changing business requirements. The analysis time while it analyzes itself is very time-consuming. They need to improve the latency and minimize the steps involved. Also, the documentation needs to be updated, more improved, and simplified... so that even a beginner can start with this application. It can make things more beginner-friendly. Also, Check Point can bring some updates to the integration features with other security solutions, making it easier to integrate. For instance, it needs to integrate with solutions someone might have various firewall solutions from IBM and others, depending on which ones the business wants to integrate with.
Wang Dayong - PeerSpot reviewer
May 10, 2023
Easy to integrate and has a plug-in that supports both C and C++ languages
We use the product to review our software codes. We have integrated the product to review our new delivery code When we deliver a code, the solution scans the code and reports whether the code has bugs or any other vulnerability issues. Thus the solution helps us identify issues and improve the…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It is a highly scalable solution with a quick turnaround time for deployment and running of the software across any IT system."
"The tool's most valuable feature is AI, which makes operations easier. Moreover, it is easy to deploy."
"One of the best features of CloudGuard WAF is its user-friendly GUI dashboard."
"Its ability to adapt to our applications and ensure our security policies are followed is a big plus."
"The solution offers continuous security monitoring and alerting, which can help organizations detect and respond to security incidents in real time."
"The most effective CloudGuard feature for threat prevention is its web app protection."
"By using a cloud application security solution, our company can save costs by reducing the need for additional security hardware and software and improving operational efficiency."
"It is a very scalable and stable solution."
"The product has a friendly UI that is easy to use and understand."
"The good thing with SonarQube is it covers a lot of issues, it's a very robust framework."
"The initial setup is simple. It requires some security, but it's simple."
"I like that it has a better dashboard compared to Clockwork. It's also stable."
"SonarQube is admin friendly."
"I am only interested in the security features in SonarQube. There are plenty of features other features, such as test coverage, code anomalies, and pointer access are handled by the business logic teams. They get the reports and they have to fix them in JIRA or Bugzilla."
"It helps our developers work more efficiently as we can identify things in a code prior to it being pushed to where it needs to go."
"The solution is stable."
 

Cons

"The coding configurations can be simplified to save time for IT teams and developers."
"Cost reduction and trial period extension should be considered with some lucrative discount offerings in buying standard versions."
"It was costlier than other solutions."
"It doesn't detect user activity like some of its competitors. It's not a vulnerability, but it's a legitimate activity that it doesn't detect. It only detects vulnerabilities or misconfigurations."
"Deeper and more transparent integration between Cloud Application Security and analysis monitoring tools could be very valuable - although the solution currently offers integrations with third-party security tools."
"The documentation needs to be updated, more improved, and simplified... so that even a beginner can start with this application. It can make things more beginner-friendly."
"Improving the process for handling licensing renewals would be a welcome enhancement."
"There are occasions when it interfaces with other systems, leading to a loss of visibility."
"We previously experienced issues with security but a segregated security violation has been implemented and the issues we experienced are being fixed."
"The time it took for me to do the whole process was approximately two hours because I had to download, read the documentation, and do the configurations."
"SonarQube could improve by adding automatic creation of tasks after scanning and more support for the Czech language."
"It requires advanced heuristics to recognize more complex constructs that could be disregarded as issues."
"After scanning our code and generating a report, it would be helpful if SonarQube could also generate a solution to fix vulnerabilities in the report."
"When we have a thousand products published over it, we expect it to be more efficient in terms of serving requests from the browser."
"There is need for support for the additional languages and ease of use in adding new rules for detecting issues."
"The product's user documentation can be vastly improved."
 

Pricing and Cost Advice

"The tool's licensing costs are yearly and competitive."
"Check Point CloudGuard Application Security's pricing is comparable to other products in the market."
"I find the pricing to be reasonable."
"The pricing is competitive compared to other solutions on the market. So, the licensing cost is average."
"It is reasonable as compared to the other solutions."
"Considering all the benefits we've observed, we find the price to be satisfactory."
"Check Point CloudGuard WAF is expensive compared to Azure WAF."
"The pricing is not that expensive considering what it offers."
"It's a bit expensive for us. The currency rate of the dollar is a problem but it may be fine for other countries."
"SonarQube price is a little bit higher than Kiuwan's. Kiuwan also gives a little bit of flexibility in terms of pricing."
"The development license cost is reasonable, and we've had no concerns about SonarQube when it comes to cost."
"This is open source."
"I use the full trial version of SonarQube."
"We're using an older version because it is the open-source flavor of it and we can continue using it at no cost. We're not paying any licensing at all, which was another factor in choosing this route so that we can learn and grow with it and not be committed to licenses and other similar things. If we choose to get something else, we have to relearn, but we don't have to relicense. Basically, we're paying no license costs."
"The beauty of this solution is the free open-source version is capable enough in doing pretty much what an enterprise-level version can do."
"The tool's pricing is reasonable."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
814,528 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
20%
Security Firm
13%
Computer Software Company
9%
Manufacturing Company
7%
Financial Services Firm
17%
Computer Software Company
15%
Manufacturing Company
13%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about CloudGuard for Application Security?
The app control is very sensitive, and the threat detection and prevention is better than other Check Point solutions. There is a centralized management console for threat protection and self-inspe...
What is your experience regarding pricing and costs for CloudGuard for Application Security?
Pricing is a bit high, but it is justified considering the features and support provided by Check Point.
What needs improvement with CloudGuard for Application Security?
When I was working with the WAF platform, there were limitations, particularly concerning compliance and reporting. Managing multiple tools for different functions like WAF, firewall, CDN solutions...
Is SonarQube the best tool for static analysis?
I am not very familiar with SonarQube and their solutions, so I can not answer. But if you are asking me about which tools that are the best for for Static Code Analysis, I suggest you have a look...
Which gives you more for your money - SonarQube or Veracode?
SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use...
How would you decide between Coverity and Sonarqube?
We researched Coverity, but in the end, we chose SonarQube. SonarQube is a tool for reviewing code quality and security. It helps to guide our development teams during code reviews by providing rem...
 

Also Known As

Check Point CloudGuard Application Security, CloudGuard Application Security, CloudGuard AppSec
Sonar
 

Learn More

 

Interactive Demo

 

Overview

 

Sample Customers

Orange España, Paschoalotto
Information Not Available
Find out what your peers are saying about Check Point CloudGuard WAF vs. SonarQube Server (formerly SonarQube) and other solutions. Updated: October 2024.
814,528 professionals have used our research since 2012.