- Home
- ...
- Software Composition Analysis Tools
- Mend.io
- SonarQube Server (formerly SonarQube)
- Mend.io-vs-SonarQube Server (formerly SonarQube)
Compare Mend.io and SonarQube Server (formerly SonarQube) 
- Free
- Popular & classic languages support
- Integration with DevOps platforms
Really impressed with their service, and the response time when an unknown library needed resolution. Very detailed information for most of the open source dependencies. Dependency version history and their vulnerabilities have been helpful. UI and...
It would be great if an auto dependency resolution/management is provided for any finding.
The tool is really good for Static Code Analysis - detecting bugs, vulnerabilities and code smells. CI/CD pipeline integrations are really usesfull and cruical as part of the SDLC. Another great feature is the custom rules - for the advanced users. Apart...
My experience as a SonarSource customer shows that they manifest little interest in small customers. In addition, their quality policy is poor when it comes to fixing major bugs in their code. For instance, this ticket has now been open for 1 year without...
Really impressed with their service, and the response time when an unknown library needed resolution. Very detailed information for most of the open source dependencies. Dependency version history and their vulnerabilities have been helpful. UI and...
The tool is really good for Static Code Analysis - detecting bugs, vulnerabilities and code smells. CI/CD pipeline integrations are really usesfull and cruical as part of the SDLC. Another great feature is the custom rules - for the advanced users. Apart...
It would be great if an auto dependency resolution/management is provided for any finding.
My experience as a SonarSource customer shows that they manifest little interest in small customers. In addition, their quality policy is poor when it comes to fixing major bugs in their code. For instance, this ticket has now been open for 1 year without...
