CodeSonar – GitLab Integration

CodeSonar SAST GitLab Project Management


CodeSonar integrates directly into the GitLab CI pipeline to detect zero-day vulnerabilities. CodeSonar scan results are available in the GitLab Merge Requests, in the GitLab Security Dashboard, and can be assigned as a GitLab Issue. With CodeSonar, product development teams looking to shift left without disruption to their SDLC now have a seamless GitLab CI/CD integration. 

Capabilities & Benefits
  • With each merge request, CodeSonar will automatically analyze your code and return any vulnerabilities found via the GitLab SAST interface.
  • A summary of detected vulnerabilities can be viewed directly in the GitLab Merge Request, so you can quickly see new security issues that are detected in your project.
  • The CodeSonar warning message can easily be viewed directly in GitLab, and detailed warning reports with annotated source code are just a mouse click away – no copy and pasting or searching for line numbers.
  • Developers can work with detected vulnerabilities right in the GitLab UI – review a warning, create a GitLab issue, and assign it to a developer without ever leaving GitLab.

Learn How to be MISRA compliant while using GitLab with this short video.

Learn More

CodeSonar SAST.

GitLab UI.

To download the latest integration kit please use this link which will require you to login into the support portal.

Book a Demo

We’re ready to help you integrate SAST and SCA security into your DevSecOps flow. Get a personally guided tour of our solution offerings to ensure you are receiving the right solution for your development team. 

book now