I work in a large enterprise Healthcare Company.
We are thinking of buying SonarQube licensing (Developer edition) and need to understand some details of it. Is there anyone I can talk to?
SonarQube is an open source tool. The use of the developer edition leads me to think you mean SonarSource Developer edition. With SonarSource you will still need to run your own servers to host the tool. But the SonarSource option unlocks the enterprise options with the tool. For example handling branch analysis, more languages, etc.
You could contact sonarsource directly, https://www.sonarsource.com/company/contact/, and I am sure they will be happy to help you with what you need etc.
There is also the community forum where you can find a lot of information there too: https://community.sonarsource.com/
Then there is sonarcloud too, which is basically a SaaS offering of the developer edition but you have very limited control over plugins and setup of the server itself.
It really all depends on what your needs are.
Hi, we still use the community edition and not yet matured to the point where developer edition makes sense to pay for. What paid features were you needing to use? Do you make use of community edition currently? Let me know if you have questions, will answer what i can.
@Steven Gomez @Phil Denomme @Jeff Ingalls @Donovan Greeff @Kiran Gujju @Daniel Hall @Anshuman Kishore @Jeff Ingalls You've written reviews of Sonarqube. Can you help out Ashok? He is thinking of buying SonarQube licensing (Developer edition) and needs to understand some details of it. He works for a large enterprise in the healthcare space. cc @Menachem D Pritzker @Rony_Sklar
I'm currently researching the following two application security tools: Coverity and SonarQube.
Can anyone point me out to main differences between these 2 products?
Thanks for your help!
Many companies wonder about whether SAST or DAST is better for application security testing. What are the relative benefits of each methodology? Is it possible to make use of both?