Sonar static code analysis

SonarQube Cloud or SonarQube Server

SonarQube Server (self-managed) and SonarQube Cloud (hosted) offer static code analysis with hundreds of unique rules to find bugs, vulnerabilities, and more in your code.

Download SonarQube ServerPruebe SonarQube Cloud gratisPruebe SonarQube Cloud gratis icon
Sonar

SonarQube Cloud and SonarQube Server

SonarQube Cloud and SonarQube Server are valuable tools to help you write clean, quality code in your projects. Both products rely on the same underlying static analysis engine to find bugs, vulnerabilities, and code smells and generate valuable code quality metrics. So, which product is best for you and your team to write Code Quality?

Clean code is being added to a project

Are your team, code, and workflow fully cloud-based?

If you’re looking for a hosted static analysis option, then SonarQube Cloud is a great choice. As a hosted offering, users do not have to worry about installation or maintenance. At a high level, SonarQube Cloud offers: 

  • Automatic, zero-configuration, analysis with GitHub for many popular languages, and immediate access to new features and functionality
  • Authentication integration with GitHub, Azure DevOps, Bitbucket and GitLab
  • Free open-source analysis for public projects or usage-based pricing model for private projects
Pruebe SonarQube Cloud gratisPruebe SonarQube Cloud gratis icon
Main Branch Evolution on SonarCloud

Looking for a self-managed solution?

If you’re looking for a self-managed static code analysis option, then open-source based SonarQube Server is a great choice. SonarQube Server Developer Edition and Enterprise Edition also include additional enterprise features that may be valuable to your organization’s specific use case(s). At a high level, SonarQube Server offers: 

  • Run your instance your way, as a virtual machine, on Docker, or with Kubernetes with vertical and horizontal scaling support
  • Easy project onboarding with integration to GitHub, GitLab, Azure and Bitbucket; in-cloud and on-premises
  • Commerical features include executive-level reporting capabilities, security reports including coverage for OWASP Top 10 and CWE Top 25 and more, portfolios support, multiple DevOps platform support and more
  • Advanced security analysis with deeper SAST
Descargue SonarQube Server ahora
SonarQube Quality Gate Passed

How are SonarQube Server and SonarQube Cloud similar?

  • Open-source analysis is always free with SonarQube Community Build and SonarQube Cloud, and a no-commitment, 14-day free trial offering covering 30+ languages and frameworks
  • Both are based on the same underlying static analysis engine to catch bugs, vulnerabilities, and code smells - generating valuable code quality metrics
  • IDE Support with SonarQube for IDE integration and integration with CI/CD workflow in most DevOps platforms
  • Efficient and fast SAST analysis and more!
Setting up SonarQube and SonarCloud is easy
Featured Blog post

SonarQube Cloud or SonarQube Server? - Guidance on Choosing One for Your Team

Learn about the similarities and key differences between SonarQube Cloud and SonarQube Server and which one is best for your use case.

Read Blog Post
Image shows the SonarQube Cloud and SonarQube Server logos with a question mark between them, referencing the decision a potential user needs to make. Luckily, Sonar makes it easy to choose!

start your Code Quality journey now

Download SonarQube ServerTry SonarQube Cloud For Free