Sonarqube Community Edition OWASP Top 10

Is Sonarqube Community Edition contains all rules of OWASP Top 10 ? If it doesn’t , which rules of Owasp can we analyse ? My company ask for it but i couldn’t find enough information , i need urgent answer.


Hello !
you can see all rules on all languages here:
To see the OWASP and SANS based rules take a look at the Tags dropdown for each language.
And you’ll see where the rules are available (Community Edition / Developer Edition or above) at the bottom of each rule.
Most of our SAST rules are available starting in the Developer Edition fyi.


1 Like

Additional to what Carine said, I can also recommend the following page for a more high-level overview of OWASP Top 10 coverage: SonarQube covers the OWASP Top 10 | SonarQube

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.