Hi. I’m unable to identify a list of the security check types included in the Developer & Enterprise Editions of SonarQube.
Please could someone provide a security feature comparison between SonarCloud (from the bottom of this page https://sonarcloud.io/code-security) and those offered by the Developer & Enterprise Editions of SonarQube.
Hello,
I will answer only to the “security check types” part of your question. For the differences between Developer vs Enterprise I let you check: https://www.sonarsource.com/plans-and-pricing/
The security checks (we call them “rules”) are the same between SonarCloud and SonarQube Developer Edition. Compared to SQ DE, the advantage of SonarCloud is that:
- you don’t need to manage the upgrade yourself: we take care of it
- you get the latest rules, improvements as soon as they are implemented without having to do something
Alex
Thanks @Alexandre_Gigleux. I’m currently trying to decide between SQ DE & EE. Are you able to provide a list of supported security rules in those two versions please? The web page is quite vague.
Found the resource.
https://rules.sonarsource.com/
There is no difference between SQ DE and EE in number of security rules. The best if you are already in the evaluation process would be to email your Sales Representative and he/she will be able to answer all the questions you may have and select the best Edition with you.