CodeSonar logo

CodeSonar

by AdaCore
No reviews yet
ActiveOn-premise
Quick facts
VendorAdaCore
Year launchedN/A
StatusActive
LocationN/A
Countries servedN/A
Languages1
Integrations5+
Free tierNO
Free trialNO
Contact salesYES

About CodeSonar

CodeSonar is a Static Application Security Testing (SAST) tool for C/C++, Java, C#, Go, Python, and other languages. It performs deep, whole-program static analysis to find bugs, security vulnerabilities, and compliance violations before testing.

CodeSonar, offered by AdaCore, is a static application security testing (SAST) solution designed for high-integrity software projects in industries like aerospace, automotive, and defense. It performs deep semantic analysis on a wide range of languages, including C/C++, Java, Python, and Rust, to identify complex bugs and security vulnerabilities early in the development cycle. The tool integrates into existing CI/CD pipelines and IDEs, providing actionable feedback to developers. Key features include support for numerous coding standards (MISRA, CERT, CWE), advanced error detection through symbolic execution, and a centralized hub for reviewing analysis history. Pricing is available upon request, and support is provided directly by AdaCore's engineering team. The product is deployable on-premise, suiting air-gapped and secure environments.

Pros & Cons

Pros
  • Supports a wide range of programming languages, including C/C++, Java, and Rust.
  • Performs deep, whole-program static analysis to find complex bugs.
  • Integrates with many common IDEs, CI/CD pipelines, and compilers.
  • Enforces compliance with major coding standards like MISRA, CERT, and CWE.
  • Designed for safety-critical industries like aerospace, automotive, and defense.
Cons
  • Pricing is not publicly available and requires a quote.
  • No free trial or free tier is advertised.

Features

Key features

Multi-Language Support

Analyzes C/C++, Java, C#, Go, Python, JavaScript, TypeScript, Kotlin, and Rust.

Deep Static Analysis

Uses abstract interpretation and symbolic execution to explore all feasible execution paths and detect defects across modules.

Compliance Checks

Supports coding standards such as MISRA C/C++, CERT-C, AUTOSAR C++, and CWE.

DevOps Integration

Integrates with IDEs and CI/CD pipelines to present defects like compiler warnings within existing workflows.

Centralized Review Hub

Provides a central repository to view and manage the full history of analyses, with visualizations for warning paths and call trees.

Additional features

Advanced Error Detection

Includes control flow, data flow, taint, and memory modeling to uncover subtle errors.

Compiler Support

Compatible with a wide range of compilers including clang, GCC, GNAT Pro, Microsoft, IAR, TASKING, Green Hills, and Wind River.

Persistent Findings

Tracks defects across analyses, even if the code's location changes within a file.

Legacy Code Analysis

Assesses risk in large, legacy codebases and third-party software integrations.

Pricing

Free trial
Free version
Request a quote
Promo Offer

Countries & Languages

Countries served
1
Interface languages
Billing currencies

Interface languages

English

No reviews yet

Be the first to drop a review

Alternatives to CodeSonar

Calsoft Systems ERP Services logo

Calsoft Systems ERP Services

Calsoft ERP Solution-Based Services is a business technology and ERP consulting platform focused on Microsoft…

Tapston Custom Software Development logo

Tapston Custom Software Development

Tapston is a full-service software development company specializing in the design and delivery of custom…

Fluidity Software Development Services logo

Fluidity Software Development Services

Fluidity Software Development Services provides SaaS software development, digital transformation consulting, agile product engineering, and…

Salus Cloud logo

Salus Cloud

Salus Cloud is a cloud-based platform from Salus Cloud that provides data protection and security…

Oculus Platform SDK logo

Oculus Platform SDK

Oculus Platform SDK is a development software from Meta Platforms, Inc. designed for virtual reality…

HackenProof logo

HackenProof

HackenProof is a cybersecurity platform from HackenProof, Inc. that focuses on vulnerability management. It includes…

Spot something wrong or outdated?

Suggest a correction — a reviewer verifies every change.

Often compared with CodeSonar

Compare any two tools →
Calsoft Systems ERP Services logo
Calsoft Systems ERP Services
IT Consulting
0.0
Tapston Custom Software Development logo
Tapston Custom Software Development
IT Consulting
0.0
Fluidity Software Development Services logo
Fluidity Software Development Services
Software Development
0.0
Salus Cloud logo
Salus Cloud
DevOps
0.0