Sonar has expanded its SonarCloud offering with two new plans, SonarCloud Enterprise and SonarCloud Team, to empower development teams to deliver Clean Code confidently.
SonarCloud is the company’s fully managed SaaS solution for improving the quality and security of human-developed and AI-assisted code at scale. It is used by thousands of organizations to analyze proprietary and open-source projects.
“Our ROI in SonarCloud kicked in from the first month. We were able to understand the quality of our code better and start rolling out suitable adjustments for the engineering team,” said Furkan Yavuz, QA lead for Recognyte, an AI-driven real estate intelligence company.
Sonar explained that an unclean code can cause business outages, security risks, and poor application performance. Sonar’s Clean Code solutions help developers catch bugs, quality concerns, and security flaws early in the development process as code is being created. This allows them to find and resolve issues before they can make it to production, improving developer productivity, software quality, and business performance.
As organizations increasingly adopt AI assistants to write code and develop software, having scalable, flexible solutions with high availability and built-in security has become imperative for businesses. The new SonarCloud plans to ensure developer teams can leverage SonarCloud as their needs grow, continuously reducing exposure to risk at all levels and sustaining the performance of their software, increasing business through systematic development and delivery.
“The adoption of AI coding assistants and the push for faster software development has increased code volume and raised reliability concerns. However, most code scanning tools are just adding to the growing list of issues that are potential threats to business, most of which are false positives. Developers need to be empowered to find issues early and be motivated to fix them with the tools they love and have confidence in. Development teams who use SonarCloud can pinpoint and remediate as early in the development process as possible,” said Fabrice Bellingard, VP of Product at Sonar.
Enterprise features
SonarCloud Enterprise offers organization-wide portfolio management, new authentication and security features, executive reporting functionality, simplified administration, enterprise service-level agreements, and dedicated commercial support for all customers. Additionally, SonarCloud Enterprise is available on AWS Marketplace, ensuring simplified procurement and onboarding.
Managing multiple organizations in a DevOps environment can be difficult, causing a lack of visibility into the overall security of the company’s software and the needed actions to improve it on various levels. Specific features include: Enterprise hierarchy, portfolio creation, organization-wide configurable settings, project PDF reporting for technology leads and managers, and security standard reports for IT security teams.
Authentication and security
Organizations tend to use a combination of different tools in their DevOps toolkit to ensure code quality and security, on top of multiple linters to support the complexity of leveraging various languages.
Managing organization and group membership to various solutions and ensuring they are synchronized can be a sizable administrative effort, and lead to security risks. Features that support this and ongoing security assurance include: Single Sign-On (SSO), synchronized access management, and more scalable token management.
At onboarding, default settings can be prepared and applied to all projects with organization-wide configuration. This relieves the tedious and slow task that large enterprises face of configuring many projects, project by project. Automated project creation at scale also supports ease in standing up SonarCloud. It enables the auto-creation of projects in SonarCloud that were initially built in an enterprise DevOps platform. Additionally, enterprise billing can be done as a single entity while applied to multiple organizations.
Comments