Try our new research platform with insights from 80,000+ expert users

Klocwork vs SonarQube Cloud (formerly SonarCloud) comparison

Perforce and Sonar are both solutions in the Static Application Security Testing (SAST) category. Perforce is ranked #17 with an average rating of 8.2, while Sonar is ranked #9 with an average rating of 8.1. Perforce holds a 1.5% mindshare in SAST, compared to Sonar’s 4.2% mindshare. Additionally, 93% of Perforce users are willing to recommend the solution, compared to 100% of Sonar users who would recommend it.
Klocwork
Read 25 Klocwork reviews
  • 3,353 Views
  • 2,448 Comparison Views
93% willing to recommend
SonarQube Cloud (formerly S...
Read 16 SonarQube Cloud (formerly SonarCloud) reviews
  • 6,615 Views
  • 6,549 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 21, 2025

Klocwork and SonarQube Cloud are leaders in static code analysis. Klocwork seems to have the upper hand in industries requiring high safety and reliability due to its deep static analysis and low false positives, whereas SonarQube Cloud excels as a SaaS solution ideal for continuous integration without maintenance needs.

Features: Klocwork offers extensive customization capabilities, supports industry standards, and integrates seamlessly into CI pipelines, helping find defects early with low false positives. It also supports a wide range of IDEs, enhancing developer experience. SonarQube Cloud provides excellent vulnerability detection, efficient GitLab integration, and offers continuous insights into code quality with minimal false positives. It also caters to mono and multi-report needs, enhancing its adaptability to different project requirements.

Room for Improvement: Klocwork could expand language support and improve handling of global variables, addressing integration challenges and the efficiency of upgrading processes. SonarQube Cloud needs better documentation and customization to improve dynamic analysis capabilities. Addressing false positives and offering more detailed solutions to code issues are other suggested improvements.

Ease of Deployment and Customer Service: Klocwork is traditionally on-premises but is known for strong support and responsiveness. It has an extensive global presence and offers a comprehensive reporting structure. SonarQube Cloud, as a cloud solution, provides flexibility and requires no maintenance but faces potential integration issues. Users report good customer service, though some documentation clarity issues remain.

Pricing and ROI: Klocwork is competitively priced with flexible licensing but can be costly due to licensing restrictions. Its ROI is praised for compliance ease and code quality improvements. SonarQube Cloud, typically less expensive for smaller codebases, charges based on analyzed lines of code. It's economical but perceived as expensive for small companies. Users value its ROI for improved code quality and reducing developmental defects.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Klocwork vs. SonarQube Cloud (formerly SonarCloud) Report (Updated: September 2025).
Buyer's Guide
Klocwork vs. SonarQube Cloud (formerly SonarCloud)
September 2025
Download the complete report
Helped 868,787 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
6.2
Klocwork enhances code quality and compliance, improving efficiency in defect resolution, especially in automotive sectors, despite ROI measurement challenges.
Sentiment score
4.9
SonarQube Cloud helps improve code quality and save costs, though ROI measurement is challenging due to rising expenses.
The main ROI factors include efficiency and how we meet compliance standards for various automotive requirements.
For more quotes and insights, download the Klocwork report
It is easily integrable with the CI/CD pipeline and supports multiple projects with its extensive plugin options.
The product is designed for bigger clients, while smaller companies are often put aside.
For more quotes and insights, download the SonarQube Cloud (formerly SonarCloud) report
KG
Archana Verma - PeerSpot reviewer
RG
 

Customer Service

Sentiment score
6.8
Klocwork's support is praised for responsiveness, effective problem-solving, and reducing user contact via comprehensive documentation, despite prioritization issues.
Sentiment score
6.4
SonarQube Cloud offers good community support but needs better documentation and technical engagement, with mixed feedback on support responsiveness.
The issue is not about the knowledge of the support but about the prioritization of the tickets they handle.
The customer support team is very responsive, proactive, and engages in conversations to ensure our needs are met.
During the initial phase when I did interact with the vendor, the support was satisfactory.
For more quotes and insights, download the Klocwork report
Integrating it into different solutions is straightforward.
The customer service and support for SonarQube Cloud are responsive and helpful.
For more quotes and insights, download the SonarQube Cloud (formerly SonarCloud) report
KG
AA
PM
RG
Archana Verma - PeerSpot reviewer
 

Scalability Issues

Sentiment score
6.7
Klocwork is scalable, efficient, and integrates well with SAST tools, suitable for teams of all sizes without scalability issues.
Sentiment score
5.5
SonarQube Cloud is praised for scalability, though billing and comparisons suggest areas for improvement and expansion potential.
Klocwork supports our scalability needs without issues, even as project volumes increase.
The program-to-program enablement is scalable.
For more quotes and insights, download the Klocwork report
It has been used in multiple projects and performs well.
There are limitations, and it seems to have fewer capabilities than Veracode.
SonarQube Cloud is a scalable product, and I rate its scalability at seven out of ten.
For more quotes and insights, download the SonarQube Cloud (formerly SonarCloud) report
AA
PM
reviewer933816 - PeerSpot reviewerreviewer2356089 - PeerSpot reviewerArchana Verma - PeerSpot reviewer
 

Stability Issues

Sentiment score
6.8
Klocwork is reliable and stable, effectively handling large codebases but requires significant computing power and faster updates.
Sentiment score
6.8
SonarQube Cloud is stable and reliable but needs improved documentation, integration, onboarding, and community support for better usability.
Installation is easy, and the solution is stable.
For more quotes and insights, download the Klocwork report
It is a quite stable solution.
From my team's feedback, it is almost an eight out of ten.
For more quotes and insights, download the SonarQube Cloud (formerly SonarCloud) report
GR
Archana Verma - PeerSpot reviewerreviewer2356089 - PeerSpot reviewer
 

Room For Improvement

Klocwork needs improved language support, flexible reporting, better integration with Agile DevOps, and enhanced static and dynamic analysis.
SonarQube Cloud users seek improvements in reporting, integration, customization, and documentation, alongside dynamic analysis and automated vulnerability detection.
We would like Klocwork to connect to Git and notify developers of issues tied to specific commits.
Klocwork sometimes provides too many additional warnings which require expertise to manage.
There are too many warnings, and it requires expertise to determine the correct category for them.
For more quotes and insights, download the Klocwork report
Static code analysis is good, but the product lacks dynamic code scanning capabilities, an area where Veracode excels.
To improve SonarQube Cloud (formerly SonarCloud), it should excel in all these domains.
I would like to see SonarQube Cloud provide more detailed solutions for fixing code issues, especially solutions related to CVEs.
For more quotes and insights, download the SonarQube Cloud (formerly SonarCloud) report
AA
PM
GR
reviewer933816 - PeerSpot reviewer
RG
Archana Verma - PeerSpot reviewer
 

Setup Cost

Klocwork's flexible pricing models are valued, though opinions vary on cost-effectiveness, catering to diverse organizational needs.
SonarQube Cloud's pricing is scalable yet potentially costly for smaller companies, though efficient for minimizing repeated scans.
It is less expensive than Coverity.
Klocwork was competitively priced, making it a cost-effective solution for us.
Klocwork's pricing seems attractive, as it uses a per-user license model that does not have a lot of overhead.
For more quotes and insights, download the Klocwork report
SonarQube Cloud is roughly equivalent in cost to Veracode, maybe a little cheaper.
From my experience, SonarQube Cloud (formerly SonarCloud) is very expensive for small companies.
We used the open-source version of SonarQube Cloud for its minimum features and did not license its extensive capabilities.
For more quotes and insights, download the SonarQube Cloud (formerly SonarCloud) report
PM
AA
KG
reviewer2356089 - PeerSpot reviewer
RG
reviewer933816 - PeerSpot reviewer
 

Valuable Features

Klocwork provides efficient static code analysis with strong IDE integration, supporting multiple languages and enhancing code quality and collaboration.
SonarQube Cloud enhances code quality with seamless CI/CD integration, detailed reports, and supports startups and mid-sized businesses.
The most valuable feature of Klocwork is the static analysis tools, which help identify potential security threats and errors.
Its integration with the CI/CD pipeline has helped streamline the software development process.
It takes just half a day to set up.
For more quotes and insights, download the Klocwork report
The most valuable features of SonarQube Cloud (formerly SonarCloud) include code inspection, addressing technical debt, and identifying security vulnerabilities.
I use SonarQube Cloud (formerly SonarCloud) to check the quality of developer code and identify vulnerabilities.
It gives precise reports compared to Coverity and has a slightly lower number of false positives.
For more quotes and insights, download the SonarQube Cloud (formerly SonarCloud) report
AA
KG
GR
reviewer933816 - PeerSpot reviewer
RG
Archana Verma - PeerSpot reviewer
 

Categories and Ranking

Klocwork
Ranking in Static Application Security Testing (SAST)
17th
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
25
Ranking in other categories
Application Security Tools (19th), Static Code Analysis (6th)
SonarQube Cloud (formerly S...
Ranking in Static Application Security Testing (SAST)
9th
Average Rating
8.2
Reviews Sentiment
6.2
Number of Reviews
16
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of October 2025, in the Static Application Security Testing (SAST) category, the mindshare of Klocwork is 1.5%, down from 1.8% compared to the previous year. The mindshare of SonarQube Cloud (formerly SonarCloud) is 4.2%, down from 5.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Static Application Security Testing (SAST) Market Share Distribution
ProductMarket Share (%)
SonarQube Cloud (formerly SonarCloud)4.2%
Klocwork1.5%
Other94.3%
Static Application Security Testing (SAST)
 

Featured Reviews

AnirbanSarkar - PeerSpot reviewer
Lets you find defects during the development phase, so you don't have to wait till the development is over to find and address flaws
What needs improvement in Klocwork, compared to other products in the market, is the dashboard or reporting mechanisms that need to be a bit more flexible. The Klocwork dashboard could be improved. Though it's good, it's not as good as some of the other products in the market, which is a problem. The reporting could be more detailed and easier to sort out because sorting in Klocwork could be a bit more time-consuming, mainly when sorting defects based on filters, compared to how it's done on other tools such as Coverity. What I'd like added in the next release of Klocwork is the peer code review Cahoots which used to be a part of Klocwork, and the architecture analysis and both have been taken out of Klocwork. I found the two critical for specific deployments, so if those can be brought back to Klocwork, that would be very good.
Read full review
Archana Verma - PeerSpot reviewer
Provides valuable insights on code vulnerabilities and integrates seamlessly with CI/CD pipelines
I find SonarQube Cloud to be very user-friendly with an easy-to-use interface. It provides detailed code smell reports and insights on hotspots, which can later represent security vulnerabilities. It gives precise reports compared to Coverity and has a slightly lower number of false positives. It is integrated easily with the CI/CD pipeline, saving time and cost. It provides information on upcoming vulnerability details and loopholes that might turn into vulnerabilities.
Read full review
report
See which vendors are best for you
Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
See recommendations
868,787 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
26%
Computer Software Company
12%
Comms Service Provider
7%
Transportation Company
6%
Computer Software Company
16%
Financial Services Firm
10%
Manufacturing Company
9%
Insurance Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business12
Midsize Enterprise2
Large Enterprise12
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise3
Large Enterprise4
 

Questions from the Community

What is your experience regarding pricing and costs for Klocwork?
Klocwork's pricing seems attractive, as it uses a per-user license model that does not have a lot of overhead.
See all answers
What needs improvement with Klocwork?
One area for improvement is that when customers use different static analysis tools, they report more issues compared to Klocwork. The static analysis engine of Klocwork has areas that need improve...
See all answers
What is your primary use case for Klocwork?
I work on tools such as Klocwork, LDRA, as well as Jira and Confluence, focusing more on the software quality assurance aspect. We use Klocwork for coding and aggregate checks. We use it for static...
See all answers
What do you like most about SonarCloud?
Recently, they introduced support for mono reports and microservices, which is a noteworthy development as it provides a more detailed view of each service.
See all answers
What is your experience regarding pricing and costs for SonarCloud?
From my experience, SonarQube Cloud (formerly SonarCloud) is very expensive for small companies. It would be a great improvement if the price for smaller companies were reduced, as I do not have th...
See all answers
What needs improvement with SonarCloud?
Sometimes, there are tracking issues. It has its own graphical GUI where we can track everything. Since most of our projects are open source, there are multiple features which can be improved. For ...
See all answers
 

Comparisons

Coverity Static vs Klocwork Logo
Coverity Static vs Klocwork
Compared 28% of the time
SonarQube Server (formerly SonarQube) vs Klocwork Logo
SonarQube Server (formerly SonarQube) vs Klocwork
Compared 27% of the time
Polyspace Code Prover vs Klocwork Logo
Polyspace Code Prover vs Klocwork
Compared 14% of the time
Helix QAC vs Klocwork Logo
Helix QAC vs Klocwork
Compared 6% of the time
More Klocwork Competitors
SonarQube Server (formerly SonarQube) vs SonarQube Cloud (formerly SonarCloud) Logo
SonarQube Server (formerly SonarQube) vs SonarQube Cloud (formerly SonarCloud)
Compared 33% of the time
Snyk vs SonarQube Cloud (formerly SonarCloud) Logo
Snyk vs SonarQube Cloud (formerly SonarCloud)
Compared 16% of the time
Semgrep vs SonarQube Cloud (formerly SonarCloud) Logo
Semgrep vs SonarQube Cloud (formerly SonarCloud)
Compared 6% of the time
GitLab vs SonarQube Cloud (formerly SonarCloud) Logo
GitLab vs SonarQube Cloud (formerly SonarCloud)
Compared 6% of the time
Veracode vs SonarQube Cloud (formerly SonarCloud) Logo
Veracode vs SonarQube Cloud (formerly SonarCloud)
Compared 5% of the time
More SonarQube Cloud (formerly SonarCloud) Competitors
 

Product Reports

Buyer's Guide
Klocwork
September 2025
Klocwork reportDownload Klocwork product report
Buyer's Guide
SonarQube Cloud (formerly SonarCloud)
September 2025
SonarQube Cloud (formerly SonarCloud) reportDownload SonarQube Cloud (formerly SonarCloud) product report
 

Overview

Klocwork detects security, safety, and reliability issues in real-time by using this static code analysis toolkit that works alongside developers, finding issues as early as possible, and integrates with teams, supporting continuous integration and actionable reporting.

Perforce

SonarQube Cloud offers static code analysis and application security testing, seamlessly integrating into CI/CD pipelines. It's a vital tool for identifying vulnerabilities and ensuring code quality before deployment.

SonarQube Cloud is widely used for its ability to integrate with tools like GitHub, Jenkins, and Bitbucket, providing critical feedback at the pull request level. It's designed to help organizations maintain clean code by acting as a quality gate. This service supports development methodologies including sprints and Kanban for ongoing vulnerability management. While appreciated for its dashboard and integration capabilities, some users find initial setup challenging and note the need for enhanced documentation. The recent addition of mono reports and microservices support offers deeper insights into security and code quality, though container testing limitations and false positives are noted drawbacks. Manual intervention is sometimes required to address detailed reporting, with external tools being necessary for comprehensive analysis. Notifications for larger teams during serious issues and streamlined integration of new features are also areas of improvement.

What are the key features of SonarQube Cloud?
  • Vulnerability Detection: Identifies potential security threats within code.
  • Security Hotspots: Highlights sections of the code that require closer inspection.
  • Feedback on Feature Branches: Enables early detection and resolution of quality issues.
  • No Maintenance: Ensures focus remains on development rather than tool upkeep.
  • Mono and Multi-Reports: Offers diverse insights into code quality.
What benefits should users look for?
  • Integration Ease: Seamlessly connects with popular development platforms.
  • Continuous Code Analysis: Provides consistent feedback to improve code standards.
  • Unified Quality View: Dashboard offers a comprehensive look at code metrics.
  • Security Insights: Detailed information on vulnerabilities and their impact.

In specific industries, SonarQube Cloud finds application in finance and healthcare where code integrity and security are paramount. It allows teams to identify critical vulnerabilities early and ensures that software development aligns with industry regulations and standards. By continuously analyzing code, it aids organizations in deploying secure and reliable applications, fostering trust and compliance.

Sonar
 

Sample Customers

ACCESS Co Ltd, Risk-AI, Winbond Electronics, Bristol-Myers Squibb Pharmaceutical Research Institute, University of Southern California, Alebra Technologies, SIMULIA, Risk Management Solutions, Brigham Young University, SRD, HRL
Information Not Available
Buyer's Guide
Klocwork vs. SonarQube Cloud (formerly SonarCloud)
September 2025
Free Report: Klocwork vs. SonarQube Cloud (formerly SonarCloud)
Find out what your peers are saying about Klocwork vs. SonarQube Cloud (formerly SonarCloud) and other solutions. Updated: September 2025.
DOWNLOAD NOW
868,787 professionals have used our research since 2012.
See our Klocwork vs. SonarQube Cloud (formerly SonarCloud) report.
See our list of best Static Application Security Testing (SAST) vendors.

We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.