# JFrog vs SonarQube Comparison --- ## AI Generated Summary - **G2 reviewers report** that SonarQube excels in user satisfaction, receiving a higher overall rating compared to JFrog. Users appreciate its **simple deployment** process, particularly highlighting the ease of installation on Kubernetes using YAML formats, which enhances the developer experience. - **According to verified reviews** , SonarQube's integration with GitHub is seamless, allowing developers to conduct scans effortlessly. This feature is praised for enabling quick feedback on code quality and potential errors, making it a valuable tool for maintaining secure coding practices. - **Users say** that JFrog is particularly effective for larger teams and high build volumes, making it suitable for organizations of all sizes. Reviewers mention its ability to scale efficiently, which is crucial for managing multiple projects simultaneously. - **Reviewers mention** that while JFrog is easy to implement and use, it does not match the overall satisfaction levels of SonarQube. Some users feel that JFrog's support and community engagement could be improved, especially when compared to the more active user base of SonarQube. - **G2 reviewers highlight** that SonarQube provides actionable code suggestions, helping developers write better and more secure code. This focus on code quality is a significant advantage for teams looking to enhance their software development practices. - **Users report** that JFrog offers a robust solution for ML model building and deployment, with a central model repository for storing artifacts. However, the overall user experience and satisfaction ratings suggest that SonarQube may be a more reliable choice for teams prioritizing code quality and security. | | JFrog | SonarQube | |---|---|---| | **Star Rating** | 4.2 out of 5 | 4.4 out of 5 | | **Total Reviews** | 122 | 141 | | **Largest Market Segment** | Enterprise (46.2% of reviews) | Enterprise (42.0% of reviews) | | **Entry Level Price** | Starting at $150.00 Per Month | Free | --- ## Top Pros & Cons ### JFrog Pros: - Features (18 reviews) - Repository Management (14 reviews) Cons: - Complexity (9 reviews) - Expensive (8 reviews) ### SonarQube Pros: - Code Quality (24 reviews) - Features (20 reviews) Cons: - Software Bugs (12 reviews) - Complex Configuration (10 reviews) --- ## Ratings Comparison | Rating | JFrog | SonarQube | |---|---|---| | **Meets Requirements** | 8.6 (83 reviews) | 8.8 (119 reviews) | | **Ease of Use** | 8.2 (85 reviews) | 8.5 (122 reviews) | | **Ease of Setup** | 8.2 (51 reviews) | 8.1 (81 reviews) | | **Ease of Admin** | 8.4 (40 reviews) | 8.5 (67 reviews) | | **Quality of Support** | 8.4 (72 reviews) | 8.2 (101 reviews) | | **Has the product been a good partner in doing business?** | 8.5 (39 reviews) | 8.3 (60 reviews) | | **Product Direction (% positive)** | 8.5 (77 reviews) | 8.6 (115 reviews) | --- ## Pricing ### JFrog #### Entry-Level Pricing Plan: PRO Price: Starting at $150.00 Per Month Description: Automated Artifact and Container Registry for Individuals & Small teams Key Features: - Universal Binary Repository - Release Lifecycle Management - Unlimited Docker Hub Pulls [Browse all 3 editions](https://www.g2.com/products/jfrog-2024-03-28/pricing) #### Free Trial Yes ### SonarQube #### Entry-Level Pricing Plan: Free Price: Free Description: For developers wanting to try SonarQube. Key Features: - Scan of private projects limited to 50k lines of code - Users limited to max. 5 - Architecture management [Browse all 3 editions](https://www.g2.com/products/sonarqube/pricing) #### Free Trial Yes --- ## Features Comparison By Category ### Application Release Orchestration | Product | Score | Reviews | |---|---|---| | **JFrog** | 7.7/10 | 9 | | **SonarQube** | N/A | N/A | #### Administration | Feature | JFrog | SonarQube | |---|---|---| | **Configuration Management** | 7.1 (8 reviews) | Not enough data | | **Access Control** | 6.9 (8 reviews) | Not enough data | | **Dashboards** | 7.7 (8 reviews) | Not enough data | #### Functionality | Feature | JFrog | SonarQube | |---|---|---| | **Deployment Automation** | 7.5 (8 reviews) | Not enough data | | **Process Analytics** | 7.5 (8 reviews) | Not enough data | | **Plugins** | 8.1 (9 reviews) | Not enough data | | **APIs / Integrations** | 8.5 (9 reviews) | Not enough data | | **Feature Flags** | Feature Not Available | Not enough data | #### Processes | Feature | JFrog | SonarQube | |---|---|---| | **Pipelines** | 8.5 (9 reviews) | Not enough data | | **Orchestration** | 7.4 (9 reviews) | Not enough data | | **Workflow Visualization** | 7.3 (8 reviews) | Not enough data | ### Static Application Security Testing (SAST) | Product | Score | Reviews | |---|---|---| | **JFrog** | N/A | N/A | | **SonarQube** | 7.3/10 | 25 | #### Administration | Feature | JFrog | SonarQube | |---|---|---| | **API / Integrations** | Not enough data | 7.9 (20 reviews) | | **Extensibility** | Not enough data | 6.0 (20 reviews) | #### Analysis | Feature | JFrog | SonarQube | |---|---|---| | **Reporting and Analytics** | Not enough data | 7.4 (21 reviews) | | **Issue Tracking** | Not enough data | 8.0 (20 reviews) | | **Static Code Analysis** | Not enough data | 9.0 (23 reviews) | | **Code Analysis** | Not enough data | 9.1 (23 reviews) | #### Testing | Feature | JFrog | SonarQube | |---|---|---| | **Command-Line Tools** | Not enough data | 6.6 (18 reviews) | | **Manual Testing** | Not enough data | 5.9 (19 reviews) | | **Test Automation** | Not enough data | 6.0 (21 reviews) | | **Compliance Testing** | Not enough data | 6.9 (18 reviews) | | **Black-Box Scanning** | Not enough data | 6.8 (17 reviews) | | **Detection Rate** | Not enough data | 8.2 (21 reviews) | | **False Positives** | Not enough data | 6.7 (23 reviews) | #### Agentic AI - Static Application Security Testing (SAST) | Feature | JFrog | SonarQube | |---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | ### Cloud Infrastructure Automation | Product | Score | Reviews | |---|---|---| | **JFrog** | 8.7/10 | 5 | | **SonarQube** | N/A | N/A | #### Administration | Feature | JFrog | SonarQube | |---|---|---| | **Administration Console** | 8.7 (5 reviews) | Not enough data | | **Task Management** | 8.7 (5 reviews) | Not enough data | | **Dashboards and Visualizations** | 9.0 (5 reviews) | Not enough data | | **Access Control** | 9.3 (5 reviews) | Not enough data | #### Automation | Feature | JFrog | SonarQube | |---|---|---| | **Test Automation** | Not enough data | Not enough data | | **Intelligent Automation** | Feature Not Available | Not enough data | | **Release Automation** | 8.7 (5 reviews) | Not enough data | | **Automated Provisioning** | Feature Not Available | Not enough data | #### IT Management | Feature | JFrog | SonarQube | |---|---|---| | **Workflow Management** | Not enough data | Not enough data | | **Infrastructure Management** | 7.7 (5 reviews) | Not enough data | | **IT Discovery** | Not enough data | Not enough data | ### MLOps Platforms | Product | Score | Reviews | |---|---|---| | **JFrog** | N/A | N/A | | **SonarQube** | N/A | N/A | #### Deployment | Feature | JFrog | SonarQube | |---|---|---| | **Language Flexibility** | Not enough data | Not enough data | | **Framework Flexibility** | Not enough data | Not enough data | | **Versioning** | Not enough data | Not enough data | | **Ease of Deployment** | Not enough data | Not enough data | | **Scalability** | Not enough data | Not enough data | #### Deployment | Feature | JFrog | SonarQube | |---|---|---| | **Language Flexibility** | Not enough data | Not enough data | | **Framework Flexibility** | Not enough data | Not enough data | | **Versioning** | Not enough data | Not enough data | | **Ease of Deployment** | Not enough data | Not enough data | | **Scalability** | Not enough data | Not enough data | #### Management | Feature | JFrog | SonarQube | |---|---|---| | **Cataloging** | Not enough data | Not enough data | | **Monitoring** | Not enough data | Not enough data | | **Governing** | Not enough data | Not enough data | | **Model Registry** | Not enough data | Not enough data | #### Operations | Feature | JFrog | SonarQube | |---|---|---| | **Metrics** | Not enough data | Not enough data | | **Infrastructure management** | Not enough data | Not enough data | | **Collaboration** | Not enough data | Not enough data | #### Management | Feature | JFrog | SonarQube | |---|---|---| | **Cataloging** | Not enough data | Not enough data | | **Monitoring** | Not enough data | Not enough data | | **Governing** | Not enough data | Not enough data | #### Generative AI | Feature | JFrog | SonarQube | |---|---|---| | **AI Text Generation** | Not enough data | Not enough data | | **AI Text Summarization** | Not enough data | Not enough data | ### Continuous Delivery | Product | Score | Reviews | |---|---|---| | **JFrog** | 8.2/10 | 12 | | **SonarQube** | N/A | N/A | #### Functionality | Feature | JFrog | SonarQube | |---|---|---| | **Deployment-Ready Staging** | 8.2 (10 reviews) | Not enough data | | **Integration** | 8.2 (10 reviews) | Not enough data | | **Extensible** | 8.6 (11 reviews) | Not enough data | #### Management | Feature | JFrog | SonarQube | |---|---|---| | **Processes and Workflow** | 8.5 (11 reviews) | Not enough data | | **Reporting** | 7.4 (9 reviews) | Not enough data | | **Automation** | 8.2 (10 reviews) | Not enough data | #### Agentic AI - Continuous Delivery | Feature | JFrog | SonarQube | |---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | | **Cross-system Integration** | Not enough data | Not enough data | | **Adaptive Learning** | Not enough data | Not enough data | | **Natural Language Interaction** | Not enough data | Not enough data | | **Proactive Assistance** | Not enough data | Not enough data | ### Software Development Analytics Tools | Product | Score | Reviews | |---|---|---| | **JFrog** | N/A | N/A | | **SonarQube** | 8.0/10 | 35 | #### Functionality | Feature | JFrog | SonarQube | |---|---|---| | **Repository Integration** | Not enough data | 8.1 (32 reviews) | | **Analytics and Trends** | Not enough data | 8.5 (31 reviews) | | **Productivity Updates** | Not enough data | 8.2 (29 reviews) | #### Management | Feature | JFrog | SonarQube | |---|---|---| | **Historical Data Consolidation** | Not enough data | Feature Not Available | | **Data Context** | Not enough data | 7.5 (26 reviews) | | **Testing Integration** | Not enough data | 7.9 (29 reviews) | ### Repository Management | Product | Score | Reviews | |---|---|---| | **JFrog** | 6.7/10 | 11 | | **SonarQube** | N/A | N/A | #### Functionality | Feature | JFrog | SonarQube | |---|---|---| | **Package Management** | 7.2 (9 reviews) | Not enough data | | **Integration** | 6.7 (9 reviews) | Not enough data | | **Code Analysis** | 6.3 (8 reviews) | Not enough data | | **Vulnerability Checks** | 6.2 (7 reviews) | Not enough data | #### Management | Feature | JFrog | SonarQube | |---|---|---| | **Package Access Control** | 8.3 (11 reviews) | Not enough data | | **Package Tracking** | 7.1 (8 reviews) | Not enough data | | **Automation** | 4.7 (6 reviews) | Not enough data | | **Rollback** | 6.7 (9 reviews) | Not enough data | ### Bug Tracking | Product | Score | Reviews | |---|---|---| | **JFrog** | N/A | N/A | | **SonarQube** | 8.1/10 | 11 | #### Bug Reporting | Feature | JFrog | SonarQube | |---|---|---| | **User Reports & Feedback** | Not enough data | 7.7 (10 reviews) | | **Tester Reports & Feedback** | Not enough data | 8.0 (10 reviews) | | **Team Reports & Comments** | Not enough data | 8.3 (10 reviews) | #### Bug Monitoring | Feature | JFrog | SonarQube | |---|---|---| | **Analytics** | Not enough data | 7.8 (10 reviews) | | **Bug History** | Not enough data | 8.2 (10 reviews) | | **Data Retention** | Not enough data | 8.5 (10 reviews) | #### Agentic AI - Bug Tracking | Feature | JFrog | SonarQube | |---|---|---| | **Adaptive Learning** | Not enough data | Not enough data | | **Natural Language Interaction** | Not enough data | Not enough data | | **Proactive Assistance** | Not enough data | Not enough data | ### Software Composition Analysis | Product | Score | Reviews | |---|---|---| | **JFrog** | 9.3/10 | 5 | | **SonarQube** | N/A | N/A | #### Functionality - Software Composition Analysis | Feature | JFrog | SonarQube | |---|---|---| | **Language Support** | Not enough data | Not enough data | | **Integration** | Not enough data | Not enough data | | **Transparency** | Not enough data | Not enough data | #### Effectiveness - Software Composition Analysis | Feature | JFrog | SonarQube | |---|---|---| | **Remediation Suggestions** | Not enough data | Not enough data | | **Continuous Monitoring** | 9.3 (5 reviews) | Not enough data | | **Thorough Detection** | Not enough data | Not enough data | ### IoT Device Management Platforms | Product | Score | Reviews | |---|---|---| | **JFrog** | N/A | N/A | | **SonarQube** | N/A | N/A | #### Device Recognition | Feature | JFrog | SonarQube | |---|---|---| | **Device Discovery** | Not enough data | Not enough data | | **Device Types** | Not enough data | Not enough data | | **Dashboard** | Not enough data | Not enough data | #### Monitoring | Feature | JFrog | SonarQube | |---|---|---| | **Device Status** | Not enough data | Not enough data | | **Alerts & Notifications** | Not enough data | Not enough data | | **Analytics** | Not enough data | Not enough data | #### Provisioning | Feature | JFrog | SonarQube | |---|---|---| | **Remote Configuration** | Not enough data | Not enough data | | **Event Triggering** | Not enough data | Not enough data | | **Device Diagnostics & Repair** | Not enough data | Not enough data | | **Firmware Updates** | Not enough data | Not enough data | ### DevOps Platforms | Product | Score | Reviews | |---|---|---| | **JFrog** | 7.4/10 | 18 | | **SonarQube** | N/A | N/A | #### Management | Feature | JFrog | SonarQube | |---|---|---| | **Configuration Management** | 7.6 (15 reviews) | Not enough data | | **Access Control** | 7.2 (12 reviews) | Not enough data | | **Orchestration** | 7.3 (10 reviews) | Not enough data | #### Functionality | Feature | JFrog | SonarQube | |---|---|---| | **Automation** | 7.1 (13 reviews) | Not enough data | | **Integrations** | 7.2 (13 reviews) | Not enough data | | **Extensibility** | 6.2 (10 reviews) | Not enough data | #### Processes | Feature | JFrog | SonarQube | |---|---|---| | **Pipeline Control** | 8.5 (13 reviews) | Not enough data | | **Workflow Visualization** | 7.0 (10 reviews) | Not enough data | | **Continuous Deployment** | 8.6 (14 reviews) | Not enough data | ### Continuous Integration | Product | Score | Reviews | |---|---|---| | **JFrog** | 7.7/10 | 11 | | **SonarQube** | N/A | N/A | #### Functionality | Feature | JFrog | SonarQube | |---|---|---| | **Integrations** | 8.0 (10 reviews) | Not enough data | | **Extensibility** | 8.0 (10 reviews) | Not enough data | | **Test Customization** | 7.8 (9 reviews) | Not enough data | #### Management | Feature | JFrog | SonarQube | |---|---|---| | **Automation** | 7.5 (10 reviews) | Not enough data | | **Processes and Workflow** | 7.8 (10 reviews) | Not enough data | | **Reporting** | 6.9 (9 reviews) | Not enough data | #### Agentic AI - Continuous Integration | Feature | JFrog | SonarQube | |---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | | **Cross-system Integration** | Not enough data | Not enough data | | **Adaptive Learning** | Not enough data | Not enough data | | **Natural Language Interaction** | Not enough data | Not enough data | | **Proactive Assistance** | Not enough data | Not enough data | ### Secure Code Review | Product | Score | Reviews | |---|---|---| | **JFrog** | N/A | N/A | | **SonarQube** | 7.5/10 | 45 | #### Documentation | Feature | JFrog | SonarQube | |---|---|---| | **Feedback** | Not enough data | 8.0 (42 reviews) | | **Prioritization** | Not enough data | 7.6 (37 reviews) | | **Remediation Suggestions** | Not enough data | 8.3 (38 reviews) | #### Security | Feature | JFrog | SonarQube | |---|---|---| | **False Positives** | Not enough data | 6.7 (37 reviews) | | **Custom Compliance** | Not enough data | 7.0 (34 reviews) | | **Agility** | Not enough data | 7.9 (37 reviews) | ### Software Supply Chain Security Tools | Product | Score | Reviews | |---|---|---| | **JFrog** | N/A | N/A | | **SonarQube** | N/A | N/A | #### Security | Feature | JFrog | SonarQube | |---|---|---| | **Tampering** | Not enough data | Not enough data | | **Malicious Code** | Not enough data | Not enough data | | **Verification** | Not enough data | Not enough data | | **Security Risks** | Not enough data | Not enough data | #### Tracking | Feature | JFrog | SonarQube | |---|---|---| | **Bill of Materials** | Not enough data | Not enough data | | **Audit Trails** | Not enough data | Not enough data | | **Monitoring** | Not enough data | Not enough data | ### Application Security Posture Management (ASPM) | Product | Score | Reviews | |---|---|---| | **JFrog** | N/A | N/A | | **SonarQube** | 8.5/10 | 7 | #### Risk management - Application Security Posture Management (ASPM) | Feature | JFrog | SonarQube | |---|---|---| | **Vulnerability Management** | Not enough data | 9.3 (5 reviews) | | **Risk Assessment and Prioritization** | Not enough data | Feature Not Available | | **Compliance Management** | Not enough data | 9.0 (5 reviews) | | **Policy Enforcement** | Not enough data | 8.9 (6 reviews) | #### Integration and efficiency - Application Security Posture Management (ASPM) | Feature | JFrog | SonarQube | |---|---|---| | **Integration with Development Tools** | Not enough data | 7.8 (6 reviews) | | **Automation and Efficiency** | Not enough data | Feature Not Available | #### Reporting and Analytics - Application Security Posture Management (ASPM) | Feature | JFrog | SonarQube | |---|---|---| | **Trend Analysis** | Not enough data | 7.8 (6 reviews) | | **Risk Scoring** | Not enough data | Not enough data | | **Customizable Dashboards** | Not enough data | 8.3 (5 reviews) | #### Agentic AI - Application Security Posture Management (ASPM) | Feature | JFrog | SonarQube | |---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | | **Multi-step Planning** | Not enough data | Not enough data | ### Software Bill of Materials (SBOM) | Product | Score | Reviews | |---|---|---| | **JFrog** | N/A | N/A | | **SonarQube** | N/A | N/A | #### Functionality - Software Bill of Materials (SBOM) | Feature | JFrog | SonarQube | |---|---|---| | **Format Support** | Not enough data | Not enough data | | **Annotations** | Not enough data | Not enough data | | **Attestation** | Not enough data | Not enough data | #### Management - Software Bill of Materials (SBOM) | Feature | JFrog | SonarQube | |---|---|---| | **Monitoring** | Not enough data | Not enough data | | **Dashboards** | Not enough data | Not enough data | | **User Provisioning** | Not enough data | Not enough data | ### AI Governance Tools | Product | Score | Reviews | |---|---|---| | **JFrog** | N/A | N/A | | **SonarQube** | N/A | N/A | #### AI Compliance | Feature | JFrog | SonarQube | |---|---|---| | **Regulatory Reporting** | Not enough data | Not enough data | | **Automated Compliance** | Not enough data | Not enough data | | **Audit Trails** | Not enough data | Feature Not Available | #### Risk Management & Monitoring | Feature | JFrog | SonarQube | |---|---|---| | **AI Risk Management** | Not enough data | Feature Not Available | | **Real-time Monitoring** | Not enough data | Not enough data | #### AI Lifecycle Management | Feature | JFrog | SonarQube | |---|---|---| | **Lifecycle Automation** | Not enough data | Feature Not Available | #### Access Control and Security | Feature | JFrog | SonarQube | |---|---|---| | **Pole-based Access Control (RBAC)** | Not enough data | Not enough data | #### Collaboration and Communication | Feature | JFrog | SonarQube | |---|---|---| | **Model Sharing and Reuse** | Not enough data | Feature Not Available | #### Agentic AI - AI Governance Tools | Feature | JFrog | SonarQube | |---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | | **Multi-step Planning** | Not enough data | Not enough data | | **Cross-system Integration** | Not enough data | Not enough data | | **Adaptive Learning** | Not enough data | Not enough data | | **Natural Language Interaction** | Not enough data | Not enough data | | **Proactive Assistance** | Not enough data | Feature Not Available | | **Decision Making** | Not enough data | Not enough data | ### Static Code Analysis | Product | Score | Reviews | |---|---|---| | **JFrog** | N/A | N/A | | **SonarQube** | 6.2/10 | 8 | #### Agentic AI - Static Code Analysis | Feature | JFrog | SonarQube | |---|---|---| | **Adaptive Learning** | Not enough data | 6.3 (8 reviews) | | **Natural Language Interaction** | Not enough data | 5.7 (7 reviews) | | **Proactive Assistance** | Not enough data | 6.7 (8 reviews) | ### AI AppSec Assistants | Product | Score | Reviews | |---|---|---| | **JFrog** | N/A | N/A | | **SonarQube** | N/A | N/A | #### Performance - AI AppSec Assistants | Feature | JFrog | SonarQube | |---|---|---| | **Remediation** | Not enough data | Not enough data | | **Real-time Vulnerability Detection** | Not enough data | Not enough data | | **Accuracy** | Not enough data | Not enough data | #### Integration - AI AppSec Assistants | Feature | JFrog | SonarQube | |---|---|---| | **Stack Integration** | Not enough data | Not enough data | | **Workflow Integration** | Not enough data | Not enough data | | **Codebase Contextual Awareness** | Not enough data | Not enough data | ### Cloud Security | Product | Score | Reviews | |---|---|---| | **JFrog** | N/A | N/A | | **SonarQube** | N/A | N/A | #### Cloud Visibility | Feature | JFrog | SonarQube | |---|---|---| | **Data Discovery** | Not enough data | Not enough data | | **Cloud Registry** | Not enough data | Not enough data | | **Cloud Gap Analytics** | Not enough data | Not enough data | #### Security | Feature | JFrog | SonarQube | |---|---|---| | **Data Security** | Not enough data | Not enough data | | **Data loss Prevention** | Not enough data | Not enough data | | **Security Auditing** | Not enough data | Not enough data | #### Identity | Feature | JFrog | SonarQube | |---|---|---| | **SSO** | Not enough data | Not enough data | | **Governance** | Not enough data | Not enough data | | **User Analytics** | Not enough data | Not enough data | --- ## Categories **Shared Categories (3):** [Software Bill of Materials (SBOM) Software](https://www.g2.com/categories/software-bill-of-materials-sbom), [Software Composition Analysis Tools](https://www.g2.com/categories/software-composition-analysis), [Static Application Security Testing (SAST) Software](https://www.g2.com/categories/static-application-security-testing-sast) **Unique to JFrog (11):** [DevOps Platforms](https://www.g2.com/categories/devops-platforms), [Repository Management Software](https://www.g2.com/categories/repository-management), [MLOps Platforms](https://www.g2.com/categories/mlops-platforms), [IoT Device Management Platforms](https://www.g2.com/categories/iot-device-management-platforms), [Cloud Infrastructure Automation Software](https://www.g2.com/categories/cloud-infrastructure-automation), [Application Release Orchestration (ARO) Tools](https://www.g2.com/categories/application-release-orchestration), [Container Registry Software](https://www.g2.com/categories/container-registry), [Version Control Hosting Software](https://www.g2.com/categories/version-control-hosting), [Continuous Delivery Tools](https://www.g2.com/categories/continuous-delivery-tools), [Continuous Integration Tools](https://www.g2.com/categories/continuous-integration), [Software Supply Chain Security Solutions](https://www.g2.com/categories/software-supply-chain-security-tools) **Unique to SonarQube (7):** [Application Security Posture Management (ASPM) Software](https://www.g2.com/categories/application-security-posture-management-aspm), [Secure Code Review Software](https://www.g2.com/categories/secure-code-review), [Software Development Analytics Tools](https://www.g2.com/categories/software-development-analytics-tools), [Static Code Analysis Tools](https://www.g2.com/categories/static-code-analysis), [Bug Tracking Software](https://www.g2.com/categories/bug-tracking), [AI AppSec Assistants](https://www.g2.com/categories/ai-appsec-assistants), [ AI Governance Tools](https://www.g2.com/categories/ai-governance-tools) --- ## Reviewer Demographics ### By Company Size | Segment | JFrog | SonarQube | |---|---|---| | **Small-Business** | 23.9% | 18.1% | | **Mid-Market** | 29.9% | 39.9% | | **Enterprise** | 46.2% | 42.0% | ### By Industry #### JFrog - **Information Technology and Services:** 32.7% - **Computer Software:** 13.1% - **Financial Services:** 8.4% - **Computer & Network Security:** 5.6% - **Banking:** 2.8% - **Hospital & Health Care:** 2.8% - **Insurance:** 2.8% - **Internet:** 2.8% - **Automotive:** 1.9% - **Construction:** 1.9% - **Other:** 25.2% #### SonarQube - **Information Technology and Services:** 26.7% - **Computer Software:** 20.7% - **Financial Services:** 7.4% - **Banking:** 3.7% - **Computer & Network Security:** 3.0% - **Hospital & Health Care:** 3.0% - **Manufacturing:** 2.2% - **Automotive:** 2.2% - **Aviation & Aerospace:** 2.2% - **Telecommunications:** 2.2% - **Other:** 26.7% --- ## Alternatives ### Alternatives to JFrog - [GitLab](https://www.g2.com/products/gitlab/reviews) — 4.5/5 stars (891 reviews) - [GitHub](https://www.g2.com/products/github/reviews) — 4.7/5 stars (2355 reviews) - [Jenkins](https://www.g2.com/products/jenkins/reviews) — 4.4/5 stars (563 reviews) - [Red Hat Ansible Automation Platform](https://www.g2.com/products/red-hat-ansible-automation-platform/reviews) — 4.6/5 stars (377 reviews) - [CloudBees](https://www.g2.com/products/cloudbees/reviews) — 4.4/5 stars (621 reviews) - [CircleCI](https://www.g2.com/products/circleci/reviews) — 4.4/5 stars (509 reviews) - [Azure Pipelines](https://www.g2.com/products/azure-pipelines/reviews) — 4.3/5 stars (375 reviews) - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) — 4.7/5 stars (793 reviews) - [Bitbucket](https://www.g2.com/products/bitbucket/reviews) — 4.4/5 stars (1007 reviews) - [Harness Platform](https://www.g2.com/products/harness-platform/reviews) — 4.6/5 stars (281 reviews) ### Alternatives to SonarQube - [GitHub](https://www.g2.com/products/github/reviews) — 4.7/5 stars (2355 reviews) - [GitLab](https://www.g2.com/products/gitlab/reviews) — 4.5/5 stars (891 reviews) - [Mend.io](https://www.g2.com/products/mend-io/reviews) — 4.3/5 stars (112 reviews) - [Semgrep](https://www.g2.com/products/semgrep/reviews) — 4.6/5 stars (55 reviews) - [Veracode Application Security Platform](https://www.g2.com/products/veracode-application-security-platform/reviews) — 3.8/5 stars (25 reviews) - [Snyk](https://www.g2.com/products/snyk/reviews) — 4.5/5 stars (132 reviews) - [Aikido Security](https://www.g2.com/products/aikido-security/reviews) — 4.6/5 stars (141 reviews) - [Checkmarx](https://www.g2.com/products/checkmarx/reviews) — 4.2/5 stars (38 reviews) - [Kiuwan Code Security & Insights](https://www.g2.com/products/kiuwan-code-security-insights/reviews) — 4.5/5 stars (34 reviews) - [Embold](https://www.g2.com/products/embold/reviews) — 4.7/5 stars (18 reviews) --- ## Top Discussions ### JFrog No discussions available for this product. ### SonarQube No discussions available for this product. --- **Source:** [G2.com](https://www.g2.com) | [Comparison Page](https://www.g2.com/compare/jfrog-2024-03-28-vs-sonarqube)