Speed Up Salesforce App Delivery on Mar 23rd, 10am PST / 1pm ET Register Now
SonarQube
SonarQube
SonarQube
CI/CD Stage
Security
Product Type
Security
Product
SonarQube
Company
SonarQube
Community
Founder(s)
Olivier Gaudin Freddy Mallet Simon Brandhof
Founded
2008
Product Links
Documentation
Release Notes
Community

SonarQube

SonarQube is a web-based open-source platform used to measure and analyze the source code quality. It embraces progress with multi-language applications or modern and legacy workflows.

Early security feedback, empowered developers

Security issues should not be considered the de facto realm of security teams.

Beyond the words (DevSecOps, SDLC, etc.), the true opportunity lies in developers writing more secure code with SonarQube detecting vulnerabilities, explaining their nature and giving appropriate next steps.

Feel engaged: Getting security feedback during code review is your opportunity to learn and feel more engaged.

Keep it safe: A deep understanding of the issue and its implications leads to a better fix and a safer application.

Increase throughput: Fixing security later in the workflow costs time and money – it’s plain and simple.

If you shorten the feedback loop, throughput naturally increases.

Elevate your game: Directly involving the development team increases knowledge sharing about the nature of security threats and improves overall clean coding abilities.

Dedicated UI to track untrusted user input: Quickly navigate any issue from the vulnerability source to the code location (‘sink’) where the compromise occurs.