SonarSource provides a static code analyzer for Apex. Based on our own Apex analyzer, it can find bugs, security vulnerabilities and code smells. As for any product we develop at SonarSource, it was built on the following principles: depth, accuracy and speed.
SonarApex has a great coverage of well-established quality standards. The SonarApex capability is available throughout the development chain for automated code review with self-hosted SonarQube or on-line SonarCloud.
SonarApex supports all the standard metrics implemented by SonarQube including Cognitive Complexity.