Security is a key software quality requirement. Combining security insights from tools like SonarQube with performance, functional, and resiliency observability data in Dynatrace allows security teams to get a comprehensive overview of the state of security in your software development process.
To learn more about the new SonarQube Extension, Andi Grabner (@andreas_grabner) invited Johannes Oezkan-Preisinger (@barblin), Product Security Engineer at Dynatrace, who built this integration initially for internal use before the Dynatrace Extension team brought it to the Hub.
Johannes walks us through the metrics, logs, scan events, and SDLC events that the extension ingests. He shows us how to use the ready-made dashboards and how to build customized dashboards on this data. He reveals some tips and tricks on how this data can be used by security and quality teams and explains how to easily configure ingesting data from one or many SonarQube instances.
---------------------------
๐ Chapters ๐
00:00 - Introduction
00:55 - Why integrate SonarQube and Dynatrace
02:01 - Customized SonarQube Dashboards
04:37 - Vulnerability findings dashboard
05:12 - Security product coverage dashboard
05:44 - How to configure the SonarQube Extension
09:17 - Wrap Up
-----------------------------
๐ Additional Links
View the SonarQube Extension on the Hub
Visit the Dynatrace Playground
Try out Dynatrace with a free trial
-----------------------------
Subscribe to our YT channel
Stay up-to-date with Dynatrace! Follow us on Facebook, Instagram, LinkedIn, Twitter, Twitch
