Top Rated
About TrustRadius Scoring
Score 8.1 out of 100
Top Rated


Recent Reviews

Code Quality Improvements Made Easy

November 04, 2021
We use SonarQube to check and ensure Java code quality as part of our development process. With built in suggestions for coding …
Read full review

SonarQube wins!

October 14, 2021
Used across the organization for static code analysis.
Read full review

Quality archway for projects

May 03, 2021
We are using it currently while building a .NET CI\CD pipeline for an automated analysis of our code quality and all the vulnerabilities …

Code scanning for developers

April 30, 2021
Our organization has a dedicated static security scanning tools we run against our code to check for vulnerabilities. While the security …
Read full review

Great tool to keep your code clean

April 30, 2021
We use SonarQube to scan our code for vulnerabilities and code "smells." SonarQube is wired into our continuous integration software …
Read full review

Sonarqube is a worth static analysis tool

June 29, 2019
Excellent static analysis tool for identifying potential issues with your code. Sonarqube is easily integrated with your CI/CD workflow, …
Read full review

Reviewer Sentiment

Positive ()
Negative ()
Learn how we calculate reviewer sentiment


TrustRadius Award Top Rated 2022

Reviewer Pros & Cons

View all pros & cons

Video Reviews

Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of SonarQube, and make your voice heard!


View all pricing



On Premise

Developer EDITION

Starts at $150

On Premise
100,000 Lines of Code

Enterprise EDITION

Starts at $20,000

On Premise
1 Million Lines of Code

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visit…


  • Free Trial
  • Free/Freemium Version
  • Premium Consulting / Integration Services

Features Scorecard

No scorecards have been submitted for this product yet..

Product Details

What is SonarQube?

SonarQube is a tool for continuously inspecting Code Quality and Code Security, and guiding development teams during code reviews. SonarQube provides remediation guidance for 27 languages so developers can understand and fix issues, and so teams can deliver better and safer software. SonarQube integrates into the user's workflow to provide the right feedback at the right time: in-IDE with SonarLint, in pull requests, and in SonarQube itself. Boasting over 225,000 deployments helping small development teams and global organizations, SonarQube provides a means for teams and companies around the world to own and impact their Code Quality and Code Security.

SonarQube Features

  • Supported: Code Quality and Code Security
  • Supported: Developer workflow integration
  • Supported: Deep support for the Clean as You Code methodology

SonarQube Integrations

  • GitLab
  • Bitbucket
  • ALM Integration available for GitHub
  • Azure DevOps - self-managed & in-cloud
  • CI integrations with: Jenkins
  • GitHub Actions
  • GitLab CI
  • Bitbucket Pipelines
  • Azure DevOps Pipelines
  • SCM integrations with: Git
  • Subversion
  • Authentication integrations with: GitHub
  • LDAP
  • SAML
  • HTTP headers

SonarQube Competitors

SonarQube Technical Details

Deployment TypesOn-premise, SaaS
Operating SystemsWindows, Linux, Mac, Cloud
Mobile ApplicationNo
Supported CountriesGlobal
Supported LanguagesCommunity localization plugins support several languages.


View all alternatives

Frequently Asked Questions

What is SonarQube?

SonarQube (formerly Sonar) is an open source application security solution.

What are SonarQube's top competitors?

Veracode, Checkmarx, and Snyk are common alternatives for SonarQube.

Who uses SonarQube?

The most common users of SonarQube are Enterprises (1,001+ employees) from the Information Technology & Services industry.

Reviews and Ratings




(1-1 of 1)
Companies can't remove reviews or game the system. Here's why
Score 9 out of 10
Vetted Review
Verified User
Review Source
We we easily able to integrate the SonarQube steps into our TFS process via the Microsoft Marektplace, we didn't have the need to call SonarQube support. We've used their online documentation and community forum if we ran into any issues.