SonarQube vs Veracode: What are the differences?
Developers describe SonarQube as "Continuous Code Quality". SonarQube provides an overview of the overall health of your source code and even more importantly, it highlights issues found on new code. With a Quality Gate set on your project, you will simply fix the Leak and start mechanically improving. On the other hand, Veracode is detailed as "A simpler and more scalable way to increase the resiliency of your global application infrastructure". It seamlessly integrates application security into the software lifecycle, effectively eliminating vulnerabilities during the lowest-cost point in the development/deployment chain, and blocking threats while in production.
SonarQube and Veracode can be categorized as "Code Review" tools.
SonarQube is an open source tool with 3.93K GitHub stars and 1.11K GitHub forks. Here's a link to SonarQube's open source repository on GitHub.