Easy to use DecSecOps application
January 20, 2023

Easy to use DecSecOps application

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with SonarQube

SonarQube is a freeware used for checking security vulnerabilities, inspection of automatic code quality checks and for CI/CD automation. In our organization we used this application as an integrated service plugin with Microsoft Azure's DevOps for CI/CD automation. It is very helpful application for inspection of applications developed using a variety of programming languages.

Pros

  • Automatic code analysis
  • Checking Security vulnerabilities
  • Easy integration with devops applications

Cons

  • Need more examples for different programming language codes
  • Better documentation
  • Integration with Azure
  • Code quality checking
  • Free to use application thus saving money compared to paid applications to do similar job
  • Easy to use
  • Helps in regular devops process

Do you think SonarQube Server delivers good value for the price?

Yes

Are you happy with SonarQube Server's feature set?

Yes

Did SonarQube Server live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of SonarQube Server go as expected?

Yes

Would you buy SonarQube Server again?

Yes

Well suited:
- Easy to Integrate with different DevOps platforms for CI/CD automation
- To detect application security vulnerabilities
- For automation static code checks / analysis in order to detect bugs
- Can be used for variety of programming language applications
Improvement areas:
- Better documentation
- More programming language specific examples

Comments

More Reviews of SonarQube Server

  1. Home
  2. Static Application Security Testing (SAST) Tools
  3. SonarQube Server Reviews
  4. User Review of SonarQube Server