Sonar is pleased to announce that SonarQube Advanced Security is now Generally Available! This new offering (beta previously announced in March) significantly extends SonarQube’s capabilities, providing a unified solution to find and fix quality and security issues across all your code – first-party, AI-generated, and third-party open source dependencies.
This milestone also represents the first major integration of our Tidelift acquisition, significantly bolstering our open source security capabilities.Key additions include comprehensive Software Composition Analysis (SCA) to manage open-source risks and advanced SAST that traces data flow into and out of libraries to uncover deeper vulnerabilities. This enables development teams to address security as an integral part of their workflow.
SonarQube Advanced Security is available now as an add-on for SonarQube Server Enterprise Edition 2025.3, with SonarQube Cloud Enterprise support following shortly. To learn more, visit our website or read the blog.