What users are saying about
6 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 8.1 out of 100
19 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 8.3 out of 100

Likelihood to Recommend

Micro Focus Fortify on Demand

Integrated as part of our CI / CD chain. Scans are done in an automated fashion and defects are reported out and tracked. Easy to use, easy to integrate. Very pleased with the product. It does not perform cross module analysis scanning for vulnerabilities that may cross applications as well as it could, but it's pretty close.
Gene Baker | TrustRadius Reviewer

SonarQube

SonarQube has been well suited for us when new devleopers start working on our projects. With SonarQube checking code smells and our custom coding stardards, new developers write better code with less errors as outlined by our development standards.It is also very handy to have SonarQube built right into our continuous integration process. Doing it this way results in having less worry around whether our coding standards have been followed. They are automatically applied before code is checked in.
Anonymous | TrustRadius Reviewer

Pros

Micro Focus Fortify on Demand

  • SAST
  • DAST
  • Manage Software Security Risk
  • Automation
  • Compliance
  • Integration
Gene Baker | TrustRadius Reviewer

SonarQube

  • Core competency of static analysis. This is why SonarQube exists and it does it exceedingly well.
  • Customized quality settings let you tailor the tool for your specific needs.
  • Support for many languages including C, C++, Python, and more.
Anonymous | TrustRadius Reviewer

Cons

Micro Focus Fortify on Demand

  • Cross module compliance
Gene Baker | TrustRadius Reviewer

SonarQube

  • Have a way to ignore the issues that the team decides not to fix.
Hung Vu | TrustRadius Reviewer

Support Rating

Micro Focus Fortify on Demand

Micro Focus Fortify on Demand 10.0
Based on 1 answer
Always receive excellent support from the vendor. No issues there.
Gene Baker | TrustRadius Reviewer

SonarQube

SonarQube 9.0
Based on 1 answer
We we easily able to integrate the SonarQube steps into our TFS process via the Microsoft Marektplace, we didn't have the need to call SonarQube support. We've used their online documentation and community forum if we ran into any issues.
Anonymous | TrustRadius Reviewer

Alternatives Considered

Micro Focus Fortify on Demand

CAST in my opinion provides a far superior product in that it can parse in an entire suite of applications and do scans across modules. HP Fortify probably has deeper and more current scanning so I think both products complement each other. I would not rely solely on Fortify and would try to have that as part of the mix of products. Overall it's a good product. We use Fortify because the Enterprise has made that a mandatory part of our security suite.
Gene Baker | TrustRadius Reviewer

SonarQube

Gitlab, if you have the right license, ships with a static analysis tool. It integrates better with Gitlab, but didn't seem to have the same quality output that Sonarqube did. Sonarqube's community version is plenty suitable for day to day analysis operations.
Anonymous | TrustRadius Reviewer

Return on Investment

Micro Focus Fortify on Demand

  • Good as part of our security suite to help prevent successful attacks.
  • Reporting of defects helps to educate developers.
  • Worth the price we paid.
Gene Baker | TrustRadius Reviewer

SonarQube

  • It became easy to identify the bugs and issue generation.
  • It is open source thus saving money.
  • Enhances the code quality and standard.
Sanyam Jain | TrustRadius Reviewer

Pricing Details

Micro Focus Fortify on Demand

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

SonarQube

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Add comparison