Is Sonarqube Community Edition contains all rules of OWASP Top 10 ? If it doesn’t , which rules of Owasp can we analyse ? My company ask for it but i couldn’t find enough information , i need urgent answer.
Thanks
Hello !
you can see all rules on all languages here: https://rules.sonarsource.com/
To see the OWASP and SANS based rules take a look at the Tags dropdown for each language.
And you’ll see where the rules are available (Community Edition / Developer Edition or above) at the bottom of each rule.
Most of our SAST rules are available starting in the Developer Edition fyi.
Carine
1 Like
Additional to what Carine said, I can also recommend the following page for a more high-level overview of OWASP Top 10 coverage: SonarQube covers the OWASP Top 10 | SonarQube
1 Like
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.