SonarQube Cloud, formerly and still often referred to through the SonarCloud product name, brings SonarQube's code quality and security analysis to a managed SaaS service for CI/CD workflows. It scans pull requests for bugs, vulnerabilities, security hotspots, code smells, architecture issues, duplication, and coverage regressions without requiring teams to operate their own SonarQube Server instance.
Quality Gates define pass/fail criteria for reliability, maintainability, security, test coverage, and duplication. PR decoration shows new issues directly inside GitHub, GitLab, Bitbucket, and Azure DevOps workflows, while the Sonar dashboard tracks technical debt and code-health trends over time.
Current Sonar pricing lists the SonarQube Team plan from $32 monthly for teams under 50 developers, with 30+ languages, secrets detection, AI-driven code fixes, pull-request analysis, and commercial support availability. Enterprise uses custom annual pricing and adds advanced security reports, audit logs, SSO/SCIM, CMK/BYOK, portfolios, custom dashboards, premium support, and 40+ language coverage including ABAP, COBOL, and Apex.
The free path remains useful for trials and public-project usage, including a private-project free tier up to 50K LoC according to Sonar's pricing FAQ. Teams with strict data-residency, air-gap, or plugin-control requirements should compare SonarQube Server before defaulting to the hosted cloud service.
