Java static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your JAVA code

Get started for free

Bug
Security Vulnerability
Security Hotspot
Code Smell

Language versions

through Java 16

Web frameworks

Struts, Spring, JSP, Thymeleaf

Test frameworks

JUnit 4/5, AssertJ, Mockito, Spring Test, TestNG

ORMs

Hibernate, Spring JDBC Template, JDO, Rapidoid, iBATIS, Torque, VertX SQL

Build integrations

Maven, Gradle, Ant

Java coverage of OWASP TOP 10 2017

		Security Vulnerability	Security Hotspot
A1	Injection
A2	Broken Authentication
A3	Sensitive Data Exposure
A4	XML External Entities (XXE)
A5	Broken Access control
A6	Security misconfigurations
A7	Cross Site Scripting (XSS)
A8	Insecure Deserialization
A9	Using Components with known vulnerabilities
A10	Insufficient logging and monitoring

Get started analyzing
your Java projects
today!

Get started for free

Code Quality

Code Security

Benefits SonarQube empowers all developers to write cleaner and safer code.

Integrations Analysis results right where your code lives

Code Quality

Code Security

Benefits SonarQube empowers all developers to write cleaner and safer code.

Integrations Analysis results right where your code lives

Java static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your JAVA code

Java coverage of OWASP TOP 10 2017

Get started analyzing
your Java projects
today!

Other languages

Get Started

Features

Get Involved

About SonarQube

.cls-1{fill:#4c9bd6;}.cls-2{fill:#174f7b;}bug Code Quality

Code Security

Benefits SonarQube empowers all developers to write cleaner and safer code.

Integrations Analysis results right where your code lives

.cls-1{fill:#4c9bd6;}.cls-2{fill:#174f7b;}bug Code Quality

Code Security

Benefits SonarQube empowers all developers to write cleaner and safer code.

Integrations Analysis results right where your code lives

Java static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your JAVA code

Java coverage of OWASP TOP 10 2017

Get started analyzing your Java projects today!

Other languages

Get Started

Features

Get Involved

About SonarQube

Code Quality

Code Quality

Get started analyzing
your Java projects
today!