Try our new research platform with insights from 80,000+ expert users

ReversingLabs vs SonarQube Server (formerly SonarQube) comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 30, 2024
 

Categories and Ranking

ReversingLabs
Ranking in Application Security Tools
29th
Average Rating
9.2
Number of Reviews
4
Ranking in other categories
Anti-Malware Tools (20th), Container Security (26th), Software Composition Analysis (SCA) (12th), Threat Intelligence Platforms (11th), Software Supply Chain Security (11th)
SonarQube Server (formerly ...
Ranking in Application Security Tools
1st
Average Rating
8.0
Number of Reviews
113
Ranking in other categories
Static Application Security Testing (SAST) (1st), Software Development Analytics (1st)
 

Mindshare comparison

As of November 2024, in the Application Security Tools category, the mindshare of ReversingLabs is 0.2%, up from 0.1% compared to the previous year. The mindshare of SonarQube Server (formerly SonarQube) is 26.7%, down from 27.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

Jesse Harris - PeerSpot reviewer
Sep 19, 2023
Comes with a large sample size and helps t stay on top of emerging threats
The solution helps to stay on top of emerging threats with easy integration with other products.  ReversingLabs has a large sample size.  The solution needs to improve integrations.  I have been using the solution for four to five years.  ReversingLabs' stability is excellent.  I rate the…
Wang Dayong - PeerSpot reviewer
May 10, 2023
Easy to integrate and has a plug-in that supports both C and C++ languages
We use the product to review our software codes. We have integrated the product to review our new delivery code When we deliver a code, the solution scans the code and reports whether the code has bugs or any other vulnerability issues. Thus the solution helps us identify issues and improve the…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"ReversingLabs has a large sample size."
"It offers reports on a great many more file types than the other analysis solutions we have. It can give us a more in-depth analysis and better reporting on a larger number of file types. It also gives us a more comprehensive score on a number of things as well, and that's why we're using it as a front-end filter. It gives us more information... It's valuable because of its depth of information, as well as the breadth it gives us. There aren't a lot of tools that cover all of the different file types."
"As far as the malware repository is concerned, it's extensive. It's a good source for finding samples, where we are unable to find them on other channels or by leveraging other sources."
"As far as static analysis information is concerned, we use most of the information that is available in order to determine whether or not we might be dealing with a malware variant. This includes information that is related to Java rules. This is also related to malware families indicated or specific malicious software variants that are labeled by name."
"The automated static analysis of malware is the most valuable feature. Its detection abilities are very good. It hits all of the different platforms out there, platforms that see the items in the wild."
"Issue Explanations: Documentation with detailed samples. Helps in growing technical knowledge and re-writing logic to conforming solutions."
"This solution has the capability to analyze source code in almost all the languages in the market."
"It assists during the development with SonarLint and helps the developer to change his approach or rather improve his coding pattern or style. That's one advantage I've seen. Another advantage is that we can customize the rules."
"I like that it helps us maintain our work quality and code security."
"When comparing other static code analysis tools, SonarQube has fewer false-positive issues being reported. They have a lot of support for different tech stacks. It covers the entire developer community which includes Salesforce or it could be the regular Java.net project. It has actually sufficed all the needs in one tool for static code analysis."
"Provides local scanning for developers."
"I like that it covers most programming languages for source code review."
"This has improved our organization because it has helped to find Security Vulnerabilities."
 

Cons

"We would really like further integration with our threat intelligence platform, which is called ThreatConnect. We would also really like further integrations with an endpoint protection product we use called Tanium. The reason I mentioned both of these is that ReversingLabs claims to have extensive integrations with both of them, but they did not work for us."
"While the company is very helpful, it would be very much appreciated to have extensive proof of concept scripts for the different APIs available, though not for all the APIs that we have purchased. Respective scripts are available, but those scripts which are available are typically not of very high quality."
"I would like to see if we could do a little bit more of bulk uploading of hash sets. Right now, I can only do them individually."
"The product support could be better at times. Sometimes, the resources that they provide could be of higher quality."
"The solution needs to improve integrations."
"The product must improve security analysis."
"The reporting is good, but I am not able to download a specific report as a PDF, so downloading reports is something that should be looked at."
"When we have a thousand products published over it, we expect it to be more efficient in terms of serving requests from the browser."
"SonarQube could improve by adding automatic creation of tasks after scanning and more support for the Czech language."
"I find it is light on the security side."
"In terms of what can be improved, the areas that need more attention in the solution are its architecture and development."
"If the product could assist us with fixing issues by giving us more pointers then it would help to resolve more of the warnings without such a commitment in terms of time."
"Technical support and the price could be better."
 

Pricing and Cost Advice

"We have a yearly contract based on the number of queries and malicious programs which can be processed."
"Currently, the license number of lookups that we purchased has not been reached yet, because the integration has only recently been completed. However, our usage is expected and planned to increase over the next couple of months."
"We have a license with 125,000 lines of code. We did not purchase a lot of lines but it is specific to our code environment."
"On the pricing side, it's 3,000 Euros for 1 million lines of code."
"It's an open-source product."
"I use the full trial version of SonarQube."
"We use the solution free of cost."
"The price of the solution could be reduced."
"We did not purchase a license (required for C++ support), but this option was considered."
"SonarQube enterprise, I am not sure of the price but from what I understand they are charging a fee. It's is not clear if it is an annual fee or a one-off."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
814,528 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
16%
Computer Software Company
16%
Insurance Company
8%
Educational Organization
6%
Financial Services Firm
17%
Computer Software Company
15%
Manufacturing Company
13%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

Is SonarQube the best tool for static analysis?
I am not very familiar with SonarQube and their solutions, so I can not answer. But if you are asking me about which tools that are the best for for Static Code Analysis, I suggest you have a look...
Which gives you more for your money - SonarQube or Veracode?
SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use...
How would you decide between Coverity and Sonarqube?
We researched Coverity, but in the end, we chose SonarQube. SonarQube is a tool for reviewing code quality and security. It helps to guide our development teams during code reviews by providing rem...
 

Also Known As

ReversingLabs Titanium, ReversingLabs secure.software
Sonar
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Financial services, healthcare, government, manufacturing, oil & gas, telecommunications, information technology
Information Not Available
Find out what your peers are saying about ReversingLabs vs. SonarQube Server (formerly SonarQube) and other solutions. Updated: October 2024.
814,528 professionals have used our research since 2012.