OWASP API Security Top 10

SonarQube Server / Community Build Product Manager for a Day
1

Hello

Does SonarQube covers the security risks listed in “OWASP API Security Top 10”?
The SonarQube Security Reports include OWASP Top 10, but as we are developing and maintaining a lot of APIs, the API security is particularly important to us.

If not, is there a possibility to add those rules on our side or, eventually, on the Sonar side?

2

Hi,

Welcome to the community!

This is not one that has been top of mind for us. You may find some rules that relate to this, but I can’t tell you we offer coverage of this.

 
Ann