SonarQube Logo
SonarQube Logo
SonarSource SA

SonarQube

Composite Score
8.6 /10
CX Score
8.9 /10
29 Reviews Write a Review
Claim Software
Category
Download Scorecard
SonarQube
8.6 /10

What is SonarQube?

SonarQube is the leading tool for continuously inspecting the Code Quality & Security of your codebases and guiding development teams during Code Reviews. Covering 27 programming languages, while pairing-up with your existing software pipeline, SonarQube provides clear remediation guidance for developers to understand and fix issues and ultimately deliver better and safer software. With over 170k deployments helping small development teams as well as global organizations, SonarQube provides the means for all teams and companies around the world to own and impact their Code Quality.

Company Details

Need Assistance?

We're here to help you with understanding our reports and the data inside to help you make decisions.

Get Assistance

Awards & Recognition

SonarQube won the following awards in the Application Security Testing category

SonarQube Ratings

Real user data aggregated to summarize the product performance and customer experience.
Download the entire Product Scorecard to access more information on SonarQube.

Product scores listed below represent current data. This may be different from data contained in reports and awards, which express data as of their publication date.

92 Likeliness to Recommend

100 Plan to Renew

84 Satisfaction of Cost Relative to Value

{y}
{name}

Emotional Footprint Overview

Product scores listed below represent current data. This may be different from data contained in reports and awards, which express data as of their publication date.

+94 Net Emotional Footprint

The emotional sentiment held by end users of the software based on their experience with the vendor. Responses are captured on an eight-point scale.

How much do users love SonarQube?

0% Negative
0% Neutral
100% Positive

Pros

  • Performance Enhancing
  • Respectful
  • Altruistic
  • Transparent

Feature Ratings

Average 84

SDLC Integration

89

Vulnerability Scanning

85

Policy Engine and Enforcements

85

Static Application Security Testing (SAST)

83

Integrated Development Environment (IDE) plug-in

82

Dynamic Application Security Testing (DAST)

82

Mobile Application Security Testing

81

Risk Scoring

81

False Positive Remediation

80

Software Composition Analysis (SCA)

79

Container Security Testing

79

Vendor Capability Ratings

Average 83

Ease of Data Integration

90

Business Value Created

89

Breadth of Features

85

Ease of Implementation

85

Ease of IT Administration

85

Product Strategy and Rate of Improvement

81

Usability and Intuitiveness

81

Quality of Features

81

Availability and Quality of Training

80

Vendor Support

80

Ease of Customization

80

SonarQube Reviews

Tammy B.

  • Role: Information Technology
  • Industry: Technology
  • Involvement: End User of Application
Validated Review
Verified Reviewer

Submitted Dec 2025

‎A reliable guardian for code quality

Likeliness to Recommend

10 /10

What differentiates SonarQube from other similar products?

‎SonarQube makes security a shared responsibility instead of an afterthought. It reduces firefighting by preventing issues early. SonarQube stands out from other application security testing tools because it goes beyond basic vulnerability scanning and focuses deeply on overall code quality, maintainability, and long-term health.

What is your favorite aspect of this product?

‎It catches hidden bugs early, which saves time and reduces stressful last-minute fixes. The security vulnerability detection gives me confidence that our applications meet modern safety expectations. I appreciate how clearly SonarQube explains each issue and suggests practical, actionable fixes. The clean code principles encouraged by SonarQube genuinely improved how I write and review code.

What do you dislike most about this product?

‎Nothing negative has been seen yet. The platform encourages better developer habits without feeling overly restrictive. I find SonarQube especially valuable for onboarding new developers to our code standards. So I like everything about it.

What recommendations would you give to someone considering this product?

Using SonarQube will significantly reduce the number of security issues found during audits. I recommend spending time customizing quality profiles and rules to match your team’s real coding standards.

Pros

  • Helps Innovate
  • Continually Improving Product
  • Reliable
  • Performance Enhancing

Amrutha Deepika T.

  • Role: Information Technology
  • Industry: Banking
  • Involvement: Business Leader or Manager
Validated Review
Verified Reviewer

Submitted Jan 2025

Fantastic product!

Likeliness to Recommend

10 /10

What differentiates SonarQube from other similar products?

Easy to use, but a bit pricey

What is your favorite aspect of this product?

very flexible top all engineers who integrate in their projects, effective !!

What do you dislike most about this product?

analytics or report should be integrated into the IntelliJ or Visual studio direcftly for users to show results

What recommendations would you give to someone considering this product?

ease of use !!

Pros

  • Helps Innovate
  • Continually Improving Product
  • Performance Enhancing
  • Enables Productivity

Govind S.

  • Role: Consultant
  • Industry: Telecommunications
  • Involvement: IT Development, Integration, and Administration
Validated Review
Verified Reviewer

Submitted Apr 2024

SonarQube: Streamlining Code Quality

Likeliness to Recommend

9 /10

What differentiates SonarQube from other similar products?

1. Comprehensive Code Analysis: SonarQube offers a comprehensive set of code analysis tools that cover a wide range of programming languages and frameworks. 2. Scalability: SonarQube is highly scalable, capable of analyzing codebases of any size, from small projects to large enterprise applications. 3. Customizable Quality Profiles: SonarQube allows users to create custom quality profiles tailored to their specific project requirements. 4. ntegration Ecosystem: SonarQube integrates seamlessly with various development tools and CI/CD pipelines, including Jenkins, GitLab CI, and Azure DevOps.

What is your favorite aspect of this product?

One of the standout features of SonarQube that I find particularly impressive is its comprehensive code analysis capabilities. SonarQube offers an extensive array of static code analysis tools that provide deep insights into code quality, security vulnerabilities, and potential bugs. This level of analysis empowers development teams to proactively identify and address issues early in the development lifecycle, leading to higher-quality code and more robust software applications.

What do you dislike most about this product?

One aspect that some users may find challenging with SonarQube is its initial setup and configuration complexity. Setting up SonarQube to integrate seamlessly with existing development workflows, configuring quality profiles, defining rulesets, and establishing appropriate quality gates can require a significant investment of time and effort.

What recommendations would you give to someone considering this product?

1. Understand Your Requirements: Clearly define your organization's code quality and security requirements, as well as the specific challenges you aim to address with SonarQube. 2. Customize for Your Environment: Take advantage of SonarQube's customization options to tailor the platform to your organization's specific needs and coding standards. 3, Integrate with CI/CD Pipelines: Integrate SonarQube seamlessly into your continuous integration and continuous deployment (CI/CD) pipelines to automate code analysis and quality checks as part of your development workflow.

Pros

  • Altruistic
  • Helps Innovate
  • Continually Improving Product
  • Performance Enhancing

Most Popular SonarQube Comparisons