Easy integration into SonarQube
Add a security gate to the leading product for continuous code quality inspection with our SonarQube plugin. While SonarPHP fingerprints for a few basic issues, our plugin allows integrating RIPS sophisticated data flow analysis to catch real and critical security vulnerabilities.
Keep pace with your security state
Automate Security Testing
By using this plugin you can automatically trigger new security analyses of your applications with your self-hosted RIPS instance or via your RIPS SaaS account. All findings can then be examined directly in SonarQube. Further, you can configure a project-based security risk that results in a quality gate fail whenever a custom threshold of vulnerabilities is detected.
Block Critical Vulnerabilities
Combining SonarQube with the efficient security analysis of RIPS enables the measurement of the overall quality and security of your applications in a single place. Our plugin includes over 100 security-related analysis rules extracted from our current analysis engine, providing the most complete and accurate static analysis solution available for PHP and Java.
Deploy Secure Applications
The RIPS plugin enables you to integrate our award-winning security analysis solution directly into SonarQube. It allows to continuously scan existing SonarQube projects for security threats and for quality issues so that the deployment of insecure applications can be prevented.