Sonar
Code quality and security analysis tool helping developers identify and fix vulnerabilities throughout the development lifecycle.
Product categories
- Static application security testing (SAST)
- Analyzes source code for vulnerabilities before deployment, scanning applications in a non-running state to detect flaws early in cloud development pipelines.
- Software composition analysis (SCA)
- Scans third-party libraries and open-source components for vulnerabilities, ensuring compliance with security standards in cloud-based software dependencies.
- Interactive application security testing (IAST)
- Combines static and dynamic testing approaches to identify vulnerabilities in running applications, providing real-time security analysis in cloud environments.
Supported cloud providers
