SonarQube Server Description

SonarQube Server serves as a self-hosted solution for ongoing code quality assessment, enabling development teams to detect and address bugs, vulnerabilities, and code issues in real time. It delivers automated static analysis across multiple programming languages, ensuring that the highest standards of quality and security are upheld throughout the software development process. Additionally, SonarQube Server integrates effortlessly with current CI/CD workflows, providing options for both on-premise and cloud deployments. Equipped with sophisticated reporting capabilities, it assists teams in managing technical debt, monitoring progress, and maintaining coding standards. This platform is particularly well-suited for organizations desiring comprehensive oversight of their code quality and security while maintaining high performance levels. Furthermore, SonarQube fosters a culture of continuous improvement within development teams, encouraging proactive measures to enhance code integrity over time.

SonarQube Server Alternatives
Parasoft Reviews
Parasoft
(120 Ratings)
Parasoft's mission is to provide automated testing solutions and expertise that empower organizations to expedite delivery of safe and reliable software. A powerful unified C and C++ test automation solution for static analysis, unit testing and structural code coverage, Parasoft C/C++test helps satisfy compliance with industry functional safety and security requirements for embedded software systems.
Learn more
Cortex Reviews
Cortex
(3 Ratings)
Cortex Internal Developer Portal allows engineering organizations to easily gain visibility into services and deliver high-quality software. Scorecards allow teams to focus on what is most important to them, such as service quality, production ready standards, and migrations. Cortex's Service Catalog integrates with popular engineering tools to give teams an easy way of understanding everything about their architecture. Teams help organizations improve service quality while fostering a sense ownership and pride. Scaffolder allows developers to scaffold a new service using templates created by your team in less than five minute.
Learn more
Windsurf Editor Reviews
Windsurf Editor
(76 Ratings)
Windsurf is a cutting-edge IDE designed for developers to maintain focus and productivity through AI-driven assistance. At the heart of the platform is Cascade, an intelligent agent that not only fixes bugs and errors but also anticipates potential issues before they arise. With built-in features for real-time code previews, automatic linting, and seamless integrations with popular tools like GitHub and Slack, Windsurf streamlines the development process. Developers can also benefit from memory tracking, which helps Cascade recall past work, and smart suggestions that enhance code optimization. Windsurf’s unique capabilities ensure that developers can work faster and smarter, reducing onboarding time and accelerating project delivery.
Learn more
Aikido Security Reviews
Aikido Security
(71 Ratings)
Aikido is the all-in-one security platform for development teams to secure their complete stack, from code to cloud. Aikido centralizes all code and cloud security scanners in one place. Aikido offers a range of powerful scanners including static code analysis (SAST), dynamic application security testing (DAST), container image scanning, and infrastructure-as-code (IaC) scanning. Aikido integrates AI-powered auto-fixing features, reducing manual work by automatically generating pull requests to resolve vulnerabilities and security issues. It also provides customizable alerts, real-time vulnerability monitoring, and runtime protection, enabling teams to secure their applications and infrastructure seamlessly.
Learn more

Integrations

View Integrations

Reviews - 2 Verified Reviews

Total
ease
features
design
support
See More Reviews Write a Review

Company Details

Company:
SonarSource
Year Founded:
2008
Headquarters:
Switzerland
Website:
www.sonarsource.com/products/sonarqube/

Media

SonarQube Server Screenshot 1
SonarQube Server Screenshot 1 SonarQube Server Screenshot 2
Recommended Products
Passwordless Authentication and Passwordless Security Icon
Passwordless Authentication and Passwordless Security

Identity is everything. Protect it with Duo.

It’s no secret — passwords can be a real headache, both for the people who use them and the people who manage them. Over time, we’ve created hundreds of passwords, it’s easy to lose track of them and they’re easily compromised. Fortunately, passwordless authentication is becoming a feasible reality for many businesses. Duo can help you get there.
Get a Free Trial

Product Details

Platforms
Web-Based
Types of Training
Training Docs

SonarQube Server Features and Options

Application Security Software

Analytics / Reporting
Open Source Component Monitoring
Source Code Analysis
Third-Party Tools Integration
Training Resources
Vulnerability Detection
Vulnerability Remediation

Static Code Analysis Software

Analytics / Reporting
Code Standardization / Validation
Multiple Programming Language Support
Provides Recommendations
Standard Security/Industry Libraries
Vulnerability Management

Static Application Security Testing (SAST) Software

Application Security
Dashboard
Debugging
Deployment Management
IDE
Multi-Language Scanning
Real-Time Analytics
Source Code Scanning
Vulnerability Scanning

SonarQube Server Lists

SonarQube Server User Reviews

Write a Review
  • Name: Aman V.
    Job Title: Technical Lead
    Length of product use: 2+ Years
    Used How Often?: Weekly
    Role: User
    Organization Size: 20,000 or More
    Features
    Design
    Ease
    Pricing
    Support
    Likelihood to Recommend to Others
    1 2 3 4 5 6 7 8 9 10

    Industry standard code quality tool

    Date: Apr 01 2022

    Summary: SonarQube is used across the industry as the go-to solution for code review. It has an impressive interface which provides all the information - issue, the code where it occurred and the optimal solution suggestion; at one place.

    Positive: Great User Interface / Dashboard.
    Different tiers of bugs - helps identify and fix only the critical issues.
    Suggestions to fix the issue.
    Jenkins integration.
    Also available as SaaS offering.
    Also shows security defects.

    Negative: The only con i can think of is expensive license which is not optimal for personal projects (unless open source). There is a free trial though.

    Read More...
  • Name: Daniel M.
    Job Title: Security Architect
    Length of product use: Less than 6 months
    Used How Often?: Daily
    Role: User
    Organization Size: 500 - 999
    Features
    Design
    Ease
    Pricing
    Support
    Likelihood to Recommend to Others
    1 2 3 4 5 6 7 8 9 10

    Excellent Product

    Date: Apr 01 2019

    Summary: I integrated SonarQube into my SDLC and it reliably detects and blocks security issues

    Positive: - Accurate results and no bullshit findings
    - Very fast analysis
    - Handy configuration features for analysis customization
    - Nice interface
    - Plenty integration options

    Negative: - It has its price but its worth every penny. Similar vendors are more expensive with significantly less value.

    Read More...
  • Previous
  • You're on page 1
  • Next