AUSTIN – February 27, 2024 – Sonar, the leading Clean Code solution provider, today announced its information security management system (ISMS) is certified to the latest version of the ISO20071 standard: ISO27001:2022. The certification, from the International Organization for Standardization (ISO), mandates numerous controls for the establishment, operation, monitoring, maintenance, and continual improvement of an ISMS. Achieving the certification validates Sonar’s deep-rooted methodologies for business, people, and IT processes, and its ability to identify, manage, and reduce risk to sensitive and proprietary data.
“Receiving this certification demonstrates our robust and mature approach to internal security management, as we work toward upholding the highest security standards. This certification is a reflection of the confidence our customers have in our ability to meet complex compliance requirements,” said Andrea Malagodi, CIO of Sonar. “Our internal security team and the entire company are committed to the ongoing advancement of our ISMS, and continued vigilance around the ISO27001:2022 standard.”
An independent body made up of an extensive global network of individual experts in different areas, ISO identifies what International Standards are required by businesses, governments, and society. It develops the standards in partnership with the sectors that will put them to use, adopts them by transparent procedures based on international input, and delivers them to be implemented worldwide. The security management standard ISO27001:2022 specifically details security management best practices and comprehensive security controls. Earning the certification, which requires a third-party ISMS audit, validates Sonar’s customer-first approach and emphasizes its expertise in Information Security and Assurance as well as its strength in Risk Management.
As Sonar continues to grow as a company and innovate our Clean Code solutions (SonarQube for IDE, SonarQube Server, and SonarQube Cloud), it is committed to keeping with the top best practices for ensuring internal security. Today, Sonar serves over 550,000 organizations (representing over half of the Fortune 100), and the security and integrity of its people, processes, data, and technology do and will always remain paramount.
About Sonar
Sonar is the trust and verification layer for AI code, and the industry standard for automated code review for 17+ years. Integrating code quality and code security into a single platform, Sonar delivers deterministic, repeatable, and actionable code verification at scale, analyzing over 750 billion lines of code daily to ensure software is secure, reliable, and maintainable. Rooted in the open source community, Sonar is trusted by 7M+ developers globally, including teams at Microsoft, Adobe, Deutsche Bank, AstraZeneca, and Ford Motor Company.
To learn more about Sonar, please visit https://www.sonarsource.com/