How can we do the Security analysis using SonarQube?
For Security analysis purposes, a source code security analyzer
– examines source code to
– detect and report weaknesses that can lead to security vulnerabilities.
They are one of the last lines of defense to eliminate software vulnerabilities during development or after deployment. A Source Code Security Analysis Tool Functional Specification is available.
The SonarQube Quality Model has three different types of rules: Reliability (bug), Vulnerability (security), and Maintainability (code smell) rules. But divided another way, there are only two types: security rules, and all the rest.
To be clear, the standard for most rules implemented in SonarQube language plugins is very strict: no false positives. For normal rules, you should be able to be confident that whatever is reported to you as an issue really is an issue.
The vast majority of security-related rules originate from established standards: CWE, SANS Top 25, and OWASP Top 10. To find rules that relate to any of these standards, you can search rules either by tag or by text.
CWE – Common Weakness Enumeration (CWE™) is a formal list or dictionary of common software weaknesses that can occur in software’s architecture, design, code or implementation that can lead to exploitable security vulnerabilities.
SANS Top 25 – The SANS Top 25 list is a collection of the 25-most dangerous errors listed in the CWE, as compiled by the SANS organization.
OWASP Top 10 – OWASP stands for Open Web Application Security Project.The OWASP Top 10 is a list of broad categories of weaknesses, each of which can map to many individual rules.
XANITIZER – XANITIZER provides an integration with the code quality management platform SonarQube. It transfers all security relevant XANITIZER findings to SonarQube. It is possible to display this data in the SonarQube dashboard and the corresponding drilldown pages and time machines.
Reference