Try our new research platform with insights from 80,000+ expert users

Kiuwan vs SonarQube Cloud (formerly SonarCloud) comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 9, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Kiuwan
Ranking in Static Application Security Testing (SAST)
24th
Average Rating
8.6
Reviews Sentiment
7.0
Number of Reviews
23
Ranking in other categories
Application Security Tools (28th)
SonarQube Cloud (formerly S...
Ranking in Static Application Security Testing (SAST)
8th
Average Rating
8.2
Reviews Sentiment
6.6
Number of Reviews
13
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Static Application Security Testing (SAST) category, the mindshare of Kiuwan is 1.0%, up from 0.9% compared to the previous year. The mindshare of SonarQube Cloud (formerly SonarCloud) is 6.6%, down from 6.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Static Application Security Testing (SAST)
 

Featured Reviews

Mustufa Bhavnagarwala - PeerSpot reviewer
Though a stable tool, the UI needs improvement
Kiuwan can improve its UI a little more. The user experience can be made better. Kiuwan offers a user interface that is similar to the one offered by Windows 7 or Windows 98, which I saw when I ran the tool and tried to scan the repository to find the security issues. The product's UI has certain shortcomings, where improvements are required.
Archana Verma - PeerSpot reviewer
Provides valuable insights on code vulnerabilities and integrates seamlessly with CI/CD pipelines
I find SonarQube Cloud to be very user-friendly with an easy-to-use interface. It provides detailed code smell reports and insights on hotspots, which can later represent security vulnerabilities. It gives precise reports compared to Coverity and has a slightly lower number of false positives. It is integrated easily with the CI/CD pipeline, saving time and cost. It provides information on upcoming vulnerability details and loopholes that might turn into vulnerabilities.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution has a continuous integration process."
"I like that I can scan the code without sending it to the Kiuwan cloud. I can do it locally on my device. When the local analyzer finishes, the results display on the dashboard in the cloud. It's essential for security purposes to be able to scan my code locally."
"I personally like the way it breaks down security vulnerabilities with LoC at first glance."
"Lifecycle features, because they permit us to show non-technical people the risk and costs hidden into the code due to bad programming practices."
"The most valuable feature is the time to resolution, where it tells you how long it is going to take to get to a zero-base or a five-star security rating."
"The most valuable feature of the solution stems from the fact that it is quick when processing and giving an output or generating a report."
"I find it immensely helpful because it's not just about generating code; it's about ensuring efficiency in the execution."
"It provides value by offering options to enhance both code quality and the security of the company."
"I find SonarQube Cloud very easy to use and simple to integrate initially."
"The most valuable feature of SonarCloud is its overall performance."
"I find SonarQube Cloud to be very user-friendly with an easy-to-use interface."
"The reports from SonarCloud are very good."
"I'm not implementing the solutions. However, I've talked to the people who deploy the tools, and they are happy with how easy setting up SonarCloud is."
"The solution provides continuous code analysis which has improved the quality of our code. It can raise alarms on vulnerabilities with immediate reports on the dashboard. Few things are false positives and we can customize the rules."
"SonarCloud is overall a good tool for identifying code smells, bugs, and code duplication, but we've found that using Android Lint is more effective for our needs."
"I find SonarQube Cloud very easy to use and simple to integrate initially."
 

Cons

"The solution seems to give us a lot of false positives. This could be improved quite a bit."
"Perhaps more languages supported."
"I would like to see better integration with Azure DevOps in the next release of this solution."
"DIfferent languages, such Spanish, Portuguese, and so on."
"I would like to see better integration with the Visual Studio and Eclipse IDEs."
"The QA developer and security could be improved."
"The next release should include more flexibility in the reporting."
"The development-to-delivery phase."
"SonarQube Cloud could improve its vulnerability detection compared to Veracode. Additionally, it has fewer capabilities, which prompted us to use Veracode."
"We had some issues with the scanner."
"Reporting features are missing in SonarCloud."
"CI/CD pipeline is part of a whole chain of design, development, and production, and it's becoming increasingly crucial to optimize the various tools across different stages. However, it's still a silo approach because the full integration is missing. This isn't just an issue with SonarCloud. It's a general problem with tooling."
"The UI can be improved."
"The solution needs to improve its customization and flexibility."
"SonarCloud's UI needs enhancement."
"SonarQube Cloud could improve its vulnerability detection compared to Veracode."
 

Pricing and Cost Advice

"The price of Kiuwan is lower than that of other tools on the market."
"Nothing special. It's a very fair model."
"This solution is cheaper than other tools."
"It follows a subscription model. I think the price is somewhere in the middle."
"I recommend contacting a sales person who will create the best plan payment plan for you, as we did."
"Check with your account manager."
"Kiuwan is an open-source solution and free to use."
"Previously, the pricing was 17,000 euros for five million lines analyzed. However, they now charge $15,000 per one million lines, significantly increasing the cost."
"The price of SonarCloud could be less expensive. We are using the community version and the price should be more reasonable."
"I am using the free version of the solution."
"While not extremely cheap, it aligns well with market standards and offers good value."
"The current pricing is quite cheap."
"The price of SonarCloud is not expensive, it goes by the lines of code. 1 million lines per code are approximately 4,000 USD per year. If you need 2 million lines of code you would double the annual cost."
"I rate the pricing a five out of ten."
report
Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
845,406 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
16%
Insurance Company
7%
Comms Service Provider
7%
Computer Software Company
18%
Financial Services Firm
10%
Manufacturing Company
10%
Insurance Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Kiuwan?
The most valuable feature of the solution stems from the fact that it is quick when processing and giving an output or generating a report.
What is your experience regarding pricing and costs for Kiuwan?
I'm not entirely sure about the price and business aspects, but I assume Checkmarx might be less expensive. I think Checkmarx might offer more affordable options, especially in its smaller business...
What needs improvement with Kiuwan?
Kiuwan can improve its UI a little more. The user experience can be made better. Kiuwan offers a user interface that is similar to the one offered by Windows 7 or Windows 98, which I saw when I ran...
What do you like most about SonarCloud?
Recently, they introduced support for mono reports and microservices, which is a noteworthy development as it provides a more detailed view of each service.
What is your experience regarding pricing and costs for SonarCloud?
From what I understand, SonarQube Cloud is roughly equivalent in cost to Veracode, maybe a little cheaper.
What needs improvement with SonarCloud?
SonarQube Cloud could improve its vulnerability detection compared to Veracode. Additionally, it has fewer capabilities, which prompted us to use Veracode.
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

DHL, BNP Paribas, Zurich, AXA, Ernst & Young, KFC, Santander, Latam, Ferrovial
Information Not Available
Find out what your peers are saying about Kiuwan vs. SonarQube Cloud (formerly SonarCloud) and other solutions. Updated: March 2025.
845,406 professionals have used our research since 2012.