CodeSonar vs Klocwork comparison

CodeSecure and Perforce are both solutions in the Application Security Tools category. CodeSecure is ranked #28, while Perforce is ranked #17 with an average rating of 8.2. CodeSecure holds a 1.2% mindshare in AS, compared to Perforce’s 1.4% mindshare. Additionally, 87% of CodeSecure users are willing to recommend the solution, compared to 93% of Perforce users who would recommend it.

CodeSonar

Read 7 CodeSonar reviews

2,608 Views
1,800 Comparison Views

87% willing to recommend

Klocwork

Read 25 Klocwork reviews

3,478 Views
1,913 Comparison Views

93% willing to recommend

CodeSonar

Klocwork

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 8, 2024

Klocwork and CodeSonar are leading tools in static code analysis. Based on user reviews, CodeSonar is preferred for its extensive features and justified pricing, even though Klocwork is favored for its competitive pricing and support.

Features: Klocwork supports multiple programming languages, integrates easily with existing systems, and is recognized for comprehensive language support. CodeSonar provides thorough analysis, has high accuracy in detecting potential vulnerabilities, and offers superior detection abilities.

Room for Improvement: Klocwork could improve in processing speed, reduce false positives, and enhance performance. CodeSonar needs a more intuitive configuration process, improved documentation, and simplified user interaction.

Ease of Deployment and Customer Service: Klocwork has an easy deployment process, but users desire more proactive customer service. CodeSonar's complex deployment is balanced by responsive support, providing effective guidance.

Pricing and ROI: Klocwork provides competitive setup costs and reasonable ROI based on integration needs. CodeSonar's higher cost is balanced by a comprehensive feature set and detailed analysis, making it a justified investment for thorough code evaluation.

To learn more, read our detailed CodeSonar vs. Klocwork Report (Updated: December 2025).

Buyer's Guide

CodeSonar vs. Klocwork

December 2025

Download the complete report

Helped 879,899 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

CodeSonar

Ranking in Application Security Tools

28th

Ranking in Static Code Analysis

11th

Average Rating

8.2

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

No ranking in other categories

Klocwork

Ranking in Application Security Tools

17th

Ranking in Static Code Analysis

3rd

Average Rating

8.0

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

Static Application Security Testing (SAST) (14th)

Mindshare comparison

As of January 2026, in the Application Security Tools category, the mindshare of CodeSonar is 1.2%, up from 1.2% compared to the previous year. The mindshare of Klocwork is 1.4%, down from 1.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Application Security Tools Market Share Distribution
Product	Market Share (%)
Klocwork	1.4%
CodeSonar	1.2%
Other	97.4%

Application Security Tools

Featured Reviews

Mathieu ALBRESPY

Intigration Developer at ez-Wheel

Nice interface, quick to deploy, and easy to expand

This is the first time I've used this kind of software. It was the only one we could apply to analyze with MISRA rules. At my new company, I tried to use Klocwork. I tried to use it, just once so I cannot compare it exactly with CodeSonar. I also have a plugin for my Visual Studio and I try to make it work. It's not easy, however, I don't think that we have this kind of functionality with CodeSonar. It can do some incremental analysis. However, since this feature is also available on CodeSonar, it would be a good idea to have a plugin on Visual Studio just to have a quick analysis.

Read full review

Krishna M Gopalakrishnan

Manager, Quality, Functional Safety, Cybersecurity Embedded Processing at a manufacturing company with 10,001+ employees

Experience with compliance improvements and efficiency boosts but static analysis engine shows a need for enhancement

One area for improvement is that when customers use different static analysis tools, they report more issues compared to Klocwork. The static analysis engine of Klocwork has areas that need improvement. Customers using different static analysis tools report more issues than with Klocwork, indicating that Klocwork's engine is not as superior. Klocwork should be able to analyze large codebases efficiently, supporting a desktop version for periodic small delta changes before pushing to the server.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"What I like best about CodeSonar is that it has fantastic speed, analysis and configuration times. Its detection of all runtime errors is also very good, though there were times it missed a few. The configuration of logs by CodeSonar is also very fantastic which I've not seen anywhere else. I also like the GUI interface of CodeSonar because it's very user friendly and the tool also shows very precise logs and results."

"It has been able to scale."

"CodeSonar’s most valuable feature is finding security threats."

"There is nice functionality for code surfing and browsing."

"The most valuable feature of CodeSonar is the catching of dead code. It is helpful."

"The tool is very good for detecting memory leaks."

"The most valuable features of CodeSonar were all the categorized classes provided, and reports of future bugs which might occur in the production code. Additionally, I found the buffer overflow and underflow useful."

"The reporting helps us understand the trend of our results and whether we improve over time. We can see the history within Klocwork's server architecture and know that we're making things better. It creates a great story for our management. We can demonstrate value and how our software is developing over time."

"The ability to create custom checkers is a plus."

"Overall I find Klocwork's features superior for our needs."

"The tool helps the team to think beforehand about corner cases or potential bugs that might arise in real-time."

"The best advantage of Klocwork is the reduced setup time."

"Klocwork is user-friendly, with a client-server architecture that provides all needed compliance."

"One can increase the number of vendors, so the solution is scalable."

"The best advantage of Klocwork is the reduced setup time."

More Klocwork pros

Cons

"CodeSonar could improve by having better coding rules so we did not have to use another solution, such as MISRA C."

"It would be beneficial for the solution to include code standards and additional functionality for security."

"In terms of areas for improvement, the use case for CodeSonar was good, but compared to other tools, it seems CodeSonar isn't a sound static analysis tool, and this is a major con I've seen from it. Right now, in the market, people prefer sound static analysis tools, so I would have preferred if CodeSonar was developed into a sound static analysis tool formally, in terms of its algorithms, so then you can see it extensively used in the market because at the moment, here in India, only fifty to sixty customers use CodeSonar. If the product is developed into a sound static analysis tool, it could compete with Polyspace, and from its current fifty customers, that number could go up to a hundred."

"In a future release, the solution should upgrade itself to the current trends and differentiate between the languages. If there are any classifications that can be set for these programming languages that would be helpful rather than having everything in the generic category."

"There could be a shared licensing model for the users."

"The scanning tool for core architecture could be improved."

"It was expensive."

"Now the only issue we have is that whenever we need to get the code we have to build it first. Then we can get the report."

"Modern languages, such as Angular and .NET, should be included as a part of Klocwork. They have recently added Kotlin as a part of their project, but we would like to see more languages in Klocwork. That's the reason we are using Coverity as a backup for some of the other languages."

"We bought Klocwork, but it was limited to one little program, but the program is now sort of failing. So, we have a license for usage on a program that is sort of failing, and we really can't use the license on anything else."

"Even though it does the job, there's room for feature enhancements, such as integrations with Git for better tracking and notifications."

"Every update that we receive requires of us a lengthy and involved process."

"Klocwork does have a problem with true positives. It only found 30% of true positives in the Juliet test case."

"Customers using different static analysis tools report more issues than with Klocwork, indicating that Klocwork's engine is not as superior."

"There are too many warnings, and it requires expertise to determine the correct category for them."

More Klocwork cons

Pricing and Cost Advice

"The application’s pricing is high compared to other tools."

"Our organization purchased a license to use the solution."

"Pricing is a bit costly."

"The solution's price depends on the number of licenses needed and the source code for the project."

"This solution offers competitive pricing."

"Klocwork is still tight on their licensing. If Klocwork would loosen up on the licensing, and where the license could be used, and how many different programs could be run on it, then we have several development programs that I would love to be able to use it for going forward."

"There are other solutions on the market such as Microsoft Visual Studio. They have been adding more static code analysis features that come for free. It is getting better all the time. That is one of the possibilities is that we've been considering that we may stop using the Klocwork because it doesn't give us any added value."

"Klocwork should not to be quite so heavy handed on the licensing for very specific programs."

"Licensing fees are paid annually, but they also have a perpetual license."

"When it comes to licensing, the solution has two packages, one for a fixed and the other for a floating server, with the former being more cost effective than the latter."

"The pricing for Klocwork is very competitive if you compare it from apple to apple. It has competitive pricing regarding the licensing model and the per-license cost. Klocwork isn't a high-end investment for anyone deploying it; even SMBs can afford it. The Klocwork cost per user would depend on the license type, so I'm unable to mention a ballpark figure because it would depend on the type of installation and how the deployment will be, and the nodes to give an accurate calculation or figure. The total price depends on the package, so my company could never publish pricing for Klocwork on the website. My team first collects information from potential clients on the deployment scenario, project environment, etc., before suggesting a package for Klocwork. My rating for Klocwork in terms of pricing is a five because of its flexible license models. There's a license model for every type of organization, whether small, midsize, or enterprise, so it's a five out of five for me."

"The limitation that we have is that Klocwork is licensed to certain programs, and if you want to license them to other programs, you have to pay more money."

See which vendors are best for you

Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.

See recommendations

879,899 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Manufacturing Company

25%

University

12%

Computer Software Company

Financial Services Firm

Manufacturing Company

24%

Computer Software Company

10%

Transportation Company

Comms Service Provider

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	5
Midsize Enterprise	1
Large Enterprise	2

By reviewers
Company Size	Count
Small Business	12
Midsize Enterprise	2
Large Enterprise	12

Questions from the Community

Ask a question

Earn 20 points

What is your experience regarding pricing and costs for Klocwork?

Klocwork's pricing seems attractive, as it uses a per-user license model that does not have a lot of overhead.

See all answers

What needs improvement with Klocwork?

See all answers

What is your primary use case for Klocwork?

I work on tools such as Klocwork, LDRA, as well as Jira and Confluence, focusing more on the software quality assurance aspect. We use Klocwork for coding and aggregate checks. We use it for static...

See all answers

Comparisons

SonarQube vs CodeSonar

Compared 33% of the time

Coverity Static vs CodeSonar

Compared 22% of the time

Polyspace Code Prover vs CodeSonar

Compared 7% of the time

Helix QAC vs CodeSonar

Compared 4% of the time

Axivion Static Code Analysis vs CodeSonar

Compared 3% of the time

More CodeSonar Competitors

Coverity Static vs Klocwork

Compared 24% of the time

SonarQube vs Klocwork

Compared 22% of the time

Polyspace Code Prover vs Klocwork

Compared 10% of the time

Helix QAC vs Klocwork

Compared 8% of the time

Parasoft SOAtest vs Klocwork

Compared 2% of the time

More Klocwork Competitors

Product Reports

Buyer's Guide

Application Security Tools

January 2026

Download CodeSonar product report

Buyer's Guide

Klocwork

January 2026

Download Klocwork product report

Overview

GrammaTech enables organizations to develop software applications more efficiently, on-budget, and on-schedule by helping to eliminate harmful defects that can cause system failures, enable data breaches, and ultimately increase corporate liabilities in today’s connected world. GrammaTech is the developer of CodeSonar, the most powerful source and binary code analysis solution available today. Extraordinarily precise, CodeSonar finds, on average, 2 times more serious defects in software than other static analysis solutions. Designed for organizations with zero tolerance for defects and vulnerabilities in their applications, CodeSonar provides static analysis for applications where reliability and security are paramount - widely used by software developers in avionics, medical, automotive, industrial control, and other mission-critical applications. Some of GrammaTech's customers include Toyota, GE, Hyundai, Kawasaki, LG, Lockheed Martin, NASA, Northrop Grumman, Panasonic, and Samsung.

CodeSecure

Klocwork detects security, safety, and reliability issues in real-time by using this static code analysis toolkit that works alongside developers, finding issues as early as possible, and integrates with teams, supporting continuous integration and actionable reporting.

Perforce

Sample Customers

Viveris, Micrel Medical Devices, Olympus, SOFTEQ, SONY

ACCESS Co Ltd, Risk-AI, Winbond Electronics, Bristol-Myers Squibb Pharmaceutical Research Institute, University of Southern California, Alebra Technologies, SIMULIA, Risk Management Solutions, Brigham Young University, SRD, HRL

Buyer's Guide

CodeSonar vs. Klocwork

December 2025

Free Report: CodeSonar vs. Klocwork

Find out what your peers are saying about CodeSonar vs. Klocwork and other solutions. Updated: December 2025.

DOWNLOAD NOW

879,899 professionals have used our research since 2012.

See our CodeSonar vs. Klocwork report.

See our list of best Application Security Tools vendors and best Static Code Analysis vendors.

We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.