Try our new research platform with insights from 80,000+ expert users

Contrast Security Protect vs SonarQube Server (formerly SonarQube) comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 30, 2024
 

Categories and Ranking

Contrast Security Protect
Ranking in Application Security Tools
33rd
Average Rating
8.4
Number of Reviews
3
Ranking in other categories
No ranking in other categories
SonarQube Server (formerly ...
Ranking in Application Security Tools
1st
Average Rating
8.0
Number of Reviews
113
Ranking in other categories
Static Application Security Testing (SAST) (1st), Software Development Analytics (1st)
 

Mindshare comparison

As of November 2024, in the Application Security Tools category, the mindshare of Contrast Security Protect is 0.5%, up from 0.4% compared to the previous year. The mindshare of SonarQube Server (formerly SonarQube) is 26.7%, down from 27.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

Akshay Waghmare - PeerSpot reviewer
Nov 9, 2023
A stable DevSecOps product that gives fewer false positives
We use the product for DevSecOps.  The product gives a few false positives. We get 99 percent true positives.  Contrast Security Protect needs to improve integration.  I have been using the product for a year.  Contrast Security Protect is stable.  The solution is scalable. My company has ten…
Wang Dayong - PeerSpot reviewer
May 10, 2023
Easy to integrate and has a plug-in that supports both C and C++ languages
We use the product to review our software codes. We have integrated the product to review our new delivery code When we deliver a code, the solution scans the code and reports whether the code has bugs or any other vulnerability issues. Thus the solution helps us identify issues and improve the…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution has excellent real-time capabilities."
"The product gives a few false positives. We get 99 percent true positives."
"Protect provides us with more in-depth visibility into ongoing attacks."
"It easily ties into our continuous integration pipeline."
"It is working fine. It provides a good value for money."
"The most valuable function is its usability."
"It is a very good tool for analysis and security vulnerability checking."
"SonarQube's unit test coverage and exhaustive information at the module, project, and overall code repo levels are quite good."
"SonarQube is scalable. My company has 50 users."
"Using SonarQube benefits us because we are able to avoid the inclusion of malware in our applications."
"We are using the Community edition. So, we don't have to incur any licensing costs. This is the best part."
 

Cons

"There's room for improvement in the initial setup."
"Contrast Security Protect needs to improve integration."
"Protect's reporting GUI is very basic. To get all statuses from the APIs, we needed to write our own KPI dashboard to provide reports."
"The time it took for me to do the whole process was approximately two hours because I had to download, read the documentation, and do the configurations."
"It requires advanced heuristics to recognize more complex constructs that could be disregarded as issues."
"The implementation of the solution is straightforward. However, we did have some initial initialization issues at the of the projects. I don't think it was SonarQube's fault. It was the way it was implemented in our organization because it's mainly integrated with many software, such as Jira, Confluence, and Butler."
"This is a well-rounded solution, however, some features could be made available on the free version. The price of the solution could be reduced."
"The software testing tool capability could improve. It does not always integrate well. You have to use a specific plugin and the plugin does not always go in Apple's applications."
"I don't believe you can have metrics of code quality based upon code analysis. I don't think it's possible for a computer to do it."
"The exporting capabilities could be improved. Currently, exporting is fully dependent on the SonarQube environment."
"We called support and complained but have not received any information as we use the free version. We had to fix it on our own and could not escalate it to the tool's developer."
 

Pricing and Cost Advice

Information not available
"The beauty of this solution is the free open-source version is capable enough in doing pretty much what an enterprise-level version can do."
"We are using the free, unlicensed version."
"The solution has a free version and a license version. The license is priced reasonably, the cost of hiring one programmer is more expensive than the solution."
"SonarQube price is a little bit higher than Kiuwan's. Kiuwan also gives a little bit of flexibility in terms of pricing."
"People can try the free licenses and later can seek buying plugins/support, etc. once they started liking it."
"We have a license with 125,000 lines of code. We did not purchase a lot of lines but it is specific to our code environment."
"The solution is cheaper than other products."
"We use the free version; there are no hidden costs or licensing required."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
814,528 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
25%
Computer Software Company
19%
Manufacturing Company
12%
Insurance Company
8%
Financial Services Firm
17%
Computer Software Company
15%
Manufacturing Company
13%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Contrast Security Protect?
The product gives a few false positives. We get 99 percent true positives.
What needs improvement with Contrast Security Protect?
Contrast Security Protect needs to improve integration.
Is SonarQube the best tool for static analysis?
I am not very familiar with SonarQube and their solutions, so I can not answer. But if you are asking me about which tools that are the best for for Static Code Analysis, I suggest you have a look...
Which gives you more for your money - SonarQube or Veracode?
SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use...
How would you decide between Coverity and Sonarqube?
We researched Coverity, but in the end, we chose SonarQube. SonarQube is a tool for reviewing code quality and security. It helps to guide our development teams during code reviews by providing rem...
 

Also Known As

Contrast Protect
Sonar
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Williams-Sonoma, Autodesk, HUAWEI, Chromeriver, RingCentral, Demandware.
Information Not Available
Find out what your peers are saying about Contrast Security Protect vs. SonarQube Server (formerly SonarQube) and other solutions. Updated: October 2024.
814,528 professionals have used our research since 2012.