Advanced Security
Developer-first security for your first-party, AI-generated, and open source code, powered by advanced SAST and integrated SCA
Starts at:
$500 annually
Recommended for 100K+ Lines of Code
30 languages & frameworks
Commercial support available
Autodetect AI-generated code
AI Code Assurance
Advanced bug detection
Industry leading secrets detection
View project's code coverage metrics
Analyze branches & pull requests
1 integration per DevOps platform
Recommended
Annual price:
Talk to sales
All features in Developer Edition plus:
Recommended for 1M+ Lines of Code
36 total languages & frameworks
Commercial support available
24/7 white glove support available
AI CodeFix
Detailed project health insights
Comprehensive security reporting
Reports for audits & regulations
Unified portfolio management
Improved performance for large teams
Includes an extra license for staging
Manage projects in a monorepo
Unlimited DevOps integrations
Annual price:
Talk to sales
All features in Enterprise Edition plus:
Recommended for 20M+ Lines of Code
36 total languages & frameworks
Standard commercial support included
24/7 white glove support available
Autoscaling based on demand
High performance for distributed teams
Component redundancy
High availability for service integrity
Data resiliency for business continuity
Highly performant under extreme loads
Unlimited DevOps integrations
Developer-first security for your first-party, AI-generated, and open source code, powered by advanced SAST and integrated SCA
TRUSTED BY OVER 7M DEVELOPERS AND 400K ORGANIZATIONS
Developer | Data Center | ||
---|---|---|---|
Languages and frameworks | 30 | 36 | 36 |
Recommended for 100K Lines of Code or above | |||
Recommended for 1M Lines of Code or above | |||
Recommended for 20M Lines of Code or above | |||
1 integration per DevOps platform | |||
Autodetect when projects potentially contain AI-generated code | |||
AI Code Assurance | |||
Run in a FIPS-enforced environment | |||
Integrate seamlessly into your CI/CD workflow | |||
Discover issues in code that cause bugs, hotspots, and security vulnerabilities | |||
Track and resolve technical debt | |||
Monitor code quality metrics and history of activity | |||
Industry leading secrets detection | |||
Combine third-party tool results with SARIF reports | |||
AutoConfig for C and C++ projects | |||
Taint analysis with cross-function and cross-file tracking | |||
Find advanced dataflow bugs | |||
Show percentage of test case coverage for improved code quality | |||
Automatically analyze feature and maintenance branches and pull requests | |||
Autoprovision users and groups from GitHub and GitLab | |||
Automatically sync permissions with GitHub and Gitlab | |||
Display security vulnerabilities in GitHub and GitLab | |||
Collect multiple projects together as an application for a single view | |||
Display quality gate pass/fail status in DevOps pull request comments | |||
Standard commercial support available | |||
Integrate with unlimited numbers of DevOps platforms | |||
AI CodeFix | |||
Custom configure the security engine for more powerful taint analysis | |||
Create custom rules to detect private secret patterns | |||
Aggregate projects and applications into a portfolio | |||
Project, application, and executive portfolio reports | |||
Security reports for common security standards | |||
Regulatory reports and audit logs | |||
Consolidate projects into a central instance | |||
Analyze with parallel processing to improve performance for large teams | |||
Pull request decoration and guided setup for monorepos | |||
Configure testing and staging environments with additional licenses | |||
Automatically provision users and groups through SCIM with Okta and Azure AD | |||
Set rule priority to uphold your coding standards | |||
24/7 premium commercial support available | |||
Component redundancy | |||
Data resiliency | |||
Horizontal scalability | |||
High performance under extreme load | |||
Autoscale in a Kubernetes cluster |
Developer Edition, Enterprise Edition, and Data Center Edition are priced per instance per year and based on your lines of code (LOC). An instance is an installation of SonarQube Server. You pay per instance for a maximum number of LOC to be analyzed.
Get in touch with sales for pricing specific to your needs.