SonarSource started with a vision to democratize access to code quality management.
Today, it provides a world-class solution to manage Code Quality and Code Security and has a global footprint serving 12,000+ customers.
Freddy Mallet realizes that code quality management starts to become a critical activity in software development, and that no product on the market provides the ability to perform automated code review in an effective and integrated manner.
Simon Brandhof starts developing the Sonar platform by integrating best-of-breed open source tools for Java.
The two of them are joined in September 2007 by Olivier Gaudin, who was enthused by the Sonar platform’s vision and starts contributing to it.
All three of them decide to combine their expertise and passion to found SonarSource company and take Sonar to the enterprise market.
SonarSource is founded in November 2008 to accelerate development and adoption of the open source Sonar platform. Initial effort is put on making the platform enterprise-ready, adding ground-breaking features such as an API to develop plugin, a built-in access rights mechanism, custom dashboards, hotspots, time machine. . .
SonarSource starts to develop its commercial offering on top of open source Sonar platform.
SonarSource releases its first commercial plugin, Views for projects portfolio management. This will be quickly followed by the release of more commercial plugins such as COBOL, VB6, SQALE… At the same time, the Sonar platform was honored at the Open World Forum 2009 for being one of the most original projects in terms of innovation, quality of execution and potential for value creation.
SonarSource sees both community enterprise acceptance of the Sonar platform, which is now downloaded more than 2,000 times a month.
The company grows in size and, thanks to the success of both the Sonar platform and its commercial offerings, is able to raise the pace of research and development. The results are seen in the release of the C# plugin (June 2011) and the PL/SQL plugin (September 2011).
SonarSource adds commercial editions to its offering, going for enterprise market and the platform is renamed SonarQube.
Based on customer feedback, SonarSource decides to introduce Editions into its commercial offering to respond to the needs of larger companies. At the same time, the platform gets renamed to SonarQube to develop the brand and make sure it can be protected across the world.
SonarSource decides to expand the scope of its analyzers, to cover maintainability, reliability and security.
After expanding the number of languages covered to more than two dozen, SonarSource decides to also increase the scope vertically by covering maintainability, reliability and security. The approach taken was to implement existing well-known standards for these domains.
SonarSource receives $45 Million USD minority investment from Insight Venture Partners.
SonarSource has grown significantly since inception and they will use the new capital to further accelerate growth and continue to pursue its vision of enabling developers to continuously release highly maintainable, reliable, and secure code. Richard Wells, Managing Director and Matt Gatto, Vice President at Insight will be joining the company’s Board of Directors.
SonarSource launches its SaaS: SonarCloud
In response to market needs and user demands, SonarSource launched SonarCloud to provide static code analysis as a service. Totally free for open-source projects (paid plan for private projects), SonarCloud pairs with existing cloud-based CI/CD workflows (e.g. GitHub Actions and BitBucket Pipes) to provide Code Quality and Security feedback directly within Pull Requests.
SonarSource enters the SAST market
SonarSource launches its Static Application Security Testing (SAST), releasing additional rules (e.g. taint analysis rules to detect injection flaws) and a new User Experience in its existing products. With its SAST offering, SonarSource intends to disrupt the market by empowering development teams to impact the security of their codebase, thanks to clear feedback and guidance provided directly during the code review process.
SonarSource acquires RIPS Technologies
RIPS Technologies is a German startup known for its leading code security analyzers. With this acquisition, teams are joining forces in building best-in-class Static Application Security Testing (SAST) products that help development teams and organizations deliver more secure software. An exciting milestone in SonarSource’s journey disrupt and lead the Code Security market with developer-first SAST products.
Today, it provides a world-class solution to manage Code Quality and Code Security, with a global footprint serving 12,000+ customers.
SonarSource’s products are used by more than 270’000+ organizations around the globe which make our solutions the de facto standard solutions on the market. Companies of all size rely on SonarSource’s editions and products to manage their technical debt and risk, and ultimately deliver better software.