sonarqube

Easy integration into SonarQube

Simplify security

Add a security gate to the leading product for continuous code quality inspection with our SonarQube plugin. While SonarPHP fingerprints for a few basic issues, our plugin allows integrating RIPS sophisticated data flow analysis to catch real and critical security vulnerabilities.

Technical Documentation

Blog Post

Request Trial

Keep pace with your security state

Automate Security Testing
Automate Security Testing
Block Critical Vulnerabilities
Block Critical Vulnerabilities
Deploy Secure Applications
Deploy Secure Applications

Automate Security Testing

By using this plugin you can automatically trigger new security analyses of your applications with your self-hosted RIPS instance or via your RIPS SaaS account. All findings can then be examined directly in SonarQube. Further, you can configure a project-based security risk that results in a quality gate fail whenever a custom threshold of vulnerabilities is detected.

Block Critical Vulnerabilities

Combining SonarQube with the efficient security analysis of RIPS enables the measurement of the overall quality and security of your applications in a single place. Our plugin includes over 100 security-related analysis rules extracted from our current analysis engine, providing the most complete and accurate static analysis solution available for PHP and Java.

Deploy Secure Applications

The RIPS plugin enables you to integrate our award-winning security analysis solution directly into SonarQube. It allows to continuously scan existing SonarQube projects for security threats and for quality issues so that the deployment of insecure applications can be prevented.