A C&C++ tour of SonarLint for VS Code |
Abbas Sabra and Geoffray Adde |
May. 03, 2022 |
534 |
- |
A Look Back at KubeCon 2022 |
Clint Cameron |
Nov. 10, 2022 |
507 |
- |
Bad code costs more than just your money |
Liz Ryan |
Oct. 13, 2022 |
182 |
- |
Beyond the Rules of Three, Five and Zero |
Phil Nash |
Oct. 26, 2022 |
1712 |
- |
Bits from Hexacon 2022 |
Thomas Chauchefoin |
Oct. 25, 2022 |
1047 |
- |
Remote Code Execution via Prototype Pollution in Blitz.js |
Paul Gerste |
Jul. 12, 2022 |
2126 |
- |
Cacti: Unauthenticated Remote Code Execution |
Stefan Schiller |
Jan. 03, 2023 |
1450 |
- |
Checkmk: Remote Code Execution by Chaining Multiple Bugs (1/3) |
Stefan Schiller |
Nov. 01, 2022 |
2513 |
- |
Checkmk: Remote Code Execution by Chaining Multiple Bugs (2/3) |
Stefan Schiller |
Nov. 08, 2022 |
2797 |
- |
Checkmk: Remote Code Execution by Chaining Multiple Bugs (3/3) |
Stefan Schiller |
Nov. 15, 2022 |
2032 |
- |
Code Security Advent Calendar 2022 |
Paul Gerste |
Nov. 29, 2022 |
632 |
- |
Common TypeScript Issues Nº 5: Optional property declarations |
Phil Nash |
Jan. 30, 2023 |
661 |
- |
What I learned from using SonarQube for the first time |
Sonar |
Dec. 01, 2022 |
1624 |
- |
Disclosing information with a side-channel in Django |
Dennis Brinkrolf |
Jul. 26, 2022 |
3247 |
- |
Doing More with Less in Uncertain Times |
Bruce Herbert |
Nov. 18, 2022 |
571 |
- |
Five SonarCloud features for developers that want Clean Code |
Thomas Olivier |
Oct. 06, 2022 |
1317 |
- |
Horde Webmail 5.2.22 - Account Takeover via Email |
Simon Scannell |
Feb. 22, 2022 |
1508 |
- |
Horde Webmail - Remote Code Execution via Email |
Simon Scannell |
May. 31, 2022 |
1278 |
- |
How to enable your development team to deliver Clean Code? |
Thomas Olivier |
Dec. 08, 2022 |
1595 |
- |
Clean Your Infrastructure Code with Sonar |
Clint Cameron |
Mar. 22, 2022 |
670 |
- |
Interview with a SonarSource Developer |
Andrew Osborne |
Sep. 15, 2022 |
1134 |
- |
Lesser spotted React mistakes: Hooked on a feeling |
Gabriel Vivas |
Oct. 20, 2022 |
1043 |
- |
Lesser spotted React mistakes: What are we even rendering? |
Gabriel Vivas |
Jan. 05, 2023 |
1547 |
- |
Lesser spotted React mistakes: Zombie methods |
Gabriel Vivas |
Nov. 28, 2022 |
1216 |
- |
Level up your team's skills as they code |
Liz Ryan |
Jan. 10, 2023 |
621 |
- |
Securing Developer Tools: OneDev Remote Code Execution |
Paul Gerste |
Sep. 20, 2022 |
2364 |
- |
OpenEMR - Remote Code Execution in your Healthcare System |
Dennis Brinkrolf |
Jan. 25, 2023 |
1695 |
- |
Our journey toward accessibility |
Sonar |
Sep. 26, 2022 |
1000 |
- |
Path Traversal Vulnerabilities in Icinga Web |
Thomas Chauchefoin |
May. 10, 2022 |
1952 |
- |
PHP Supply Chain Attack on PEAR |
Thomas Chauchefoin |
Mar. 29, 2022 |
2057 |
- |
The Power of Clean Code |
Olivier Gaudin |
Sep. 09, 2022 |
556 |
- |
RainLoop Webmail - Emails at Risk due to Code Flaw |
Simon Scannell |
Apr. 19, 2022 |
1534 |
- |
Remote Code Execution in Melis Platform |
Karim El Ouerghemmi, Thomas Chauchefoin |
Oct. 18, 2022 |
1987 |
- |
Review your security vulnerabilities in GitHub with code scanning alerts |
Thomas Olivier |
Feb. 24, 2022 |
507 |
- |
How to disable XXE processing? |
Eric Therond |
Jan. 25, 2022 |
1003 |
- |
Securing Developer Tools: A New Supply Chain Attack on PHP |
Thomas Chauchefoin |
Oct. 04, 2022 |
2623 |
- |
Securing Developer Tools: Argument Injection in Visual Studio Code |
Thomas Chauchefoin |
Aug. 23, 2022 |
1588 |
- |
Securing Developer Tools: Git Integrations |
Thomas Chauchefoin |
Mar. 15, 2022 |
2282 |
- |
Securing Developer Tools: Package Managers |
Paul Gerste |
Mar. 08, 2022 |
2762 |
- |
Security Implications of URL Parsing Differentials |
Thomas Chauchefoin |
Aug. 08, 2022 |
1849 |
- |
Sonar @ Pwn2Own Toronto 2022 |
Thomas Chauchefoin |
Dec. 12, 2022 |
782 |
- |
Sonar Streamlines the Race to Release |
Clint Cameron |
Aug. 30, 2022 |
1364 |
- |
SonarQube 9.8 is here! |
Lauren Cranford |
Dec. 21, 2022 |
121 |
- |
SonarQube 9.7 is here! |
Lauren Cranford |
Oct. 19, 2022 |
79 |
- |
Sonar’s analysis performance targets |
Alexandre Gigleux |
Jun. 07, 2022 |
966 |
- |
Develop Your Cloud Native Apps the Sustainable Way |
Clint Cameron |
Dec. 15, 2022 |
1196 |
- |
The Rules of Three, Five and Zero |
Phil Nash |
Oct. 11, 2022 |
1510 |
- |
Don't be afraid of XXE vulnerabilities: understand the beast and how to detect them |
Eric Therond |
Jan. 18, 2022 |
14 |
- |
Vulnerability Research Highlights 2021 |
Johannes Dahse |
Jan. 05, 2022 |
1179 |
- |
Vulnerability Research Highlights 2022 |
Johannes Dahse |
Jan. 11, 2023 |
1709 |
- |
Scaling Clean Code Across the Enterprise |
Bruce Herbert |
Dec. 06, 2022 |
886 |
- |
WordPress Core - Unauthenticated Blind SSRF |
Simon Scannell and Thomas Chauchefoin |
Sep. 06, 2022 |
1630 |
1 |
WordPress < 5.8.3 - Object Injection Vulnerability |
Simon Scannell |
Feb. 08, 2022 |
1979 |
- |
WordPress 5.8.2 Stored XSS Vulnerability |
Karim El Ouerghemmi |
Jan. 11, 2022 |
1762 |
- |
You’re 3 minutes away from clean Java pull requests! |
Thomas Olivier |
Sep. 01, 2022 |
670 |
- |
Zabbix - A Case Study of Unsafe Session Storage |
Thomas Chauchefoin |
Feb. 16, 2022 |
2351 |
- |
Zimbra Email - Stealing Clear-Text Credentials via Memcache injection |
Simon Scannell |
Jun. 14, 2022 |
2727 |
- |
Unrar Path Traversal Vulnerability affects Zimbra Mail |
Simon Scannell |
Jun. 28, 2022 |
2122 |
- |
5 things to consider in performance comparisons |
G. Ann Campbell |
Mar. 01, 2022 |
929 |
- |
Increase developer velocity today with Clean as You Code |
Liz Ryan |
Feb. 16, 2023 |
845 |
- |
We are Sonar! |
Marisa Davis |
Feb. 14, 2023 |
736 |
- |
Common TypeScript Issues Nº 4: Don't create and drop objects immediately |
Phil Nash |
Feb. 07, 2023 |
674 |
- |
Common TypeScript Issues Nº 3: unused local variables and functions |
Phil Nash |
Feb. 20, 2023 |
896 |
- |
Clean Code: The Best Approach to Writing Secure Cloud Native Apps |
Clint Cameron |
Feb. 21, 2023 |
310 |
- |
Empowering weak primitives: file truncation to code execution with Git |
Thomas Chauchefoin |
Feb. 27, 2023 |
1042 |
- |
Common TypeScript Issues Nº 2: non-empty statements |
Phil Nash |
Mar. 01, 2023 |
926 |
- |
SonarQube LTS Upgrade Checklist |
Brian Cipollone |
Mar. 06, 2023 |
912 |
- |
Celebrating International Women's Day with the women of Sonar |
Liz Ryan |
Mar. 08, 2023 |
2577 |
- |
Common TypeScript Issues Nº 1: assignments within sub-expressions |
Phil Nash |
Mar. 08, 2023 |
895 |
- |
9 more reasons to upgrade to SonarQube 9.9 LTS |
Colin Mueller |
Mar. 13, 2023 |
1021 |
- |
Cloud native features in SonarQube 9.9 LTS |
Clint Cameron |
Mar. 16, 2023 |
488 |
- |
The top 5 common TypeScript issues found by SonarLint |
Phil Nash |
Mar. 20, 2023 |
615 |
- |
Your Guide to Clean Code in Cloud Native Apps |
Clint Cameron |
Mar. 23, 2023 |
306 |
- |
Sonar is the Clean Code solution for your DevOps workflow |
Liz Ryan |
Mar. 28, 2023 |
1055 |
- |
It’s a (SNMP) Trap: Gaining Code Execution on LibreNMS |
Stefan Schiller |
Mar. 29, 2023 |
1704 |
- |
Announcing SonarQube 10.0 |
Kirti Joshi |
Apr. 04, 2023 |
257 |
- |
How bad code destroys developer velocity |
Liz Ryan |
Apr. 05, 2023 |
176 |
- |
Another 9 reasons to upgrade to SonarQube 9.9 LTS |
Colin Mueller |
Apr. 05, 2023 |
1074 |
- |
Pretalx Vulnerabilities: How to get accepted at every conference |
Stefan Schiller |
Apr. 12, 2023 |
1786 |
- |
Sonar ❤️ Compiler Explorer: Write clean C++ code inside your browser |
Fred Tingaud |
Apr. 16, 2023 |
1312 |
- |
Interview with Sonar Python Developers Part 1 |
Andrew Osborne |
Apr. 17, 2023 |
1439 |
- |
Odoo: Get your Content Type right, or else! |
Dennis Brinkrolf, Thomas Chauchefoin |
Apr. 24, 2023 |
1849 |
- |
Interview with Sonar Python Developers Part 2 |
Andrew Osborne |
Apr. 25, 2023 |
1044 |
- |
Reflections from DevNexus, the largest Java conference in the U.S.A. |
Jonathan Vila Lopez |
Apr. 30, 2023 |
670 |
- |
Weird Python: 5 Unexpected Behaviors in the Python Interpreter |
Quazi Nafiul Islam |
May. 01, 2023 |
988 |
- |
Why SonarQube 9.9 LTS is a must-have for Python developers |
Colin Mueller |
May. 04, 2023 |
1546 |
- |
CNCF Silver membership |
Jonathan Vila |
May. 04, 2023 |
183 |
- |
ES2023 introduces new array copying methods to JavaScript |
Phil Nash |
May. 10, 2023 |
1332 |
1 |
Is Clean Code the solution to Jupyter notebook code quality? |
Andrew Osborne |
May. 10, 2023 |
1481 |
- |
SonarCloud or SonarQube? - Guidance on Choosing One for Your Team |
Clint Cameron |
May. 15, 2023 |
1233 |
- |
Pimcore: One click, two security vulnerabilities |
Yaniv Nizry |
May. 15, 2023 |
1577 |
- |
SonarLint supports Go analysis! |
Andrew Osborne |
May. 17, 2023 |
570 |
- |
Sonar and HashiCorp Partner to Deliver Clean Terraform Code & Good Vibes |
Clint Cameron |
May. 23, 2023 |
580 |
- |
Reflections from OffensiveCon 2023 |
Thomas Chauchefoin |
May. 24, 2023 |
1012 |
- |
Hands on with the Node.js test runner |
Phil Nash |
May. 30, 2023 |
2099 |
1 |
Why SonarQube 9.9 LTS is a must-have for Java developers |
Colin Mueller |
Jun. 01, 2023 |
2003 |
- |
What Mr. Miyagi can teach you about writing Clean Code |
Liz Ryan |
Jun. 06, 2023 |
862 |
- |
Sonar at JSNation 2023 in Amsterdam |
Gabriel Vivas |
Jun. 08, 2023 |
676 |
- |
Smarter Together: Fostering a culture of collaboration and growth at Sonar |
Marisa Davis |
Jun. 14, 2023 |
851 |
- |
SonarQube 10.1 release announcement |
Kirti Joshi |
Jun. 21, 2023 |
208 |
- |
Why SonarQube 9.9 LTS is a must-have for JavaScript and TypeScript Developers |
Colin Mueller |
Jun. 22, 2023 |
1357 |
- |
Why ORMs and Prepared Statements Can't (Always) Win |
Thomas Chauchefoin |
Jun. 26, 2023 |
2037 |
- |
TyphoonCon 2023 Wrap Up |
Thomas Chauchefoin |
Jun. 29, 2023 |
586 |
- |
TROOPERS 2023 Conference Takeaways |
Stefan Schiller |
Jul. 05, 2023 |
886 |
- |
Why SonarQube 9.9 LTS is a must-have for PHP Developers |
Colin Mueller |
Jul. 13, 2023 |
978 |
- |
How Sonar Developer Advocates got started in their careers |
Liz Ryan |
Jul. 18, 2023 |
1837 |
- |
New Research from Sonar on Cost of Technical Debt |
Manish Gupta |
Jul. 19, 2023 |
592 |
- |
A Twist in the Code: OpenMeetings Vulnerabilities through Unexpected Application State |
Stefan Schiller |
Jul. 19, 2023 |
1697 |
- |
Working with Multiple Code Variants in C++ |
Phil Nash |
Aug. 03, 2023 |
1194 |
- |
WeAreDevelopers 2023 - what did you miss? |
Andrew Osborne |
Aug. 10, 2023 |
620 |
- |
No, C++ static analysis does not have to be painful |
Geoffray Adde |
Aug. 13, 2023 |
1452 |
- |
Patches, Collisions, and Root Shells: A Pwn2Own Adventure |
Paul Gerste, Thomas Chauchefoin, Stefan Schiller |
Aug. 14, 2023 |
1793 |
- |
What is deeper SAST in JavaScript? |
Phil Nash |
Aug. 17, 2023 |
1059 |
- |
BlackHat 2023: Hackers, Casinos, and an Exciting Announcement |
Kirti Joshi | Thomas Chauchefoin |
Aug. 18, 2023 |
834 |
- |
Playing Dominos with Moodle's Security (1/2) |
Yaniv Nizry |
Aug. 21, 2023 |
1114 |
- |
Enhancing SAST Detection: Leveraging Benchmarks for Measuring Progress |
Alexandre Gigleux |
Aug. 20, 2023 |
793 |
- |
Playing Dominos with Moodle's Security (2/2) |
Yaniv Nizry |
Aug. 28, 2023 |
1522 |
- |
Code Vulnerabilities Put Proton Mails at Risk |
Paul Gerste |
Sep. 04, 2023 |
3509 |
4 |
Introducing SonarQube 10.2: Setting New Standards in Code Quality and Security |
Bianka Banova |
Sep. 06, 2023 |
1210 |
- |
Get the benefits of TypeScript in your JavaScript |
Phil Nash |
Sep. 07, 2023 |
1552 |
- |
Security Guy TV Interview - Going Deeper with SAST and Clean Code |
Katie Hyman |
Sep. 08, 2023 |
2129 |
- |
Code Vulnerabilities Put Skiff Emails at Risk |
Paul Gerste |
Sep. 12, 2023 |
1934 |
- |
Typing your JavaScript without writing TypeScript |
Phil Nash |
Sep. 13, 2023 |
617 |
- |
Enhancing Software Development Practices through SonarQube: A Path to Continuous Learning |
Hannah Zimmerman |
Sep. 14, 2023 |
566 |
- |
The new JDK LTS is out! Long live JDK 21! |
Jonathan Vila |
Sep. 19, 2023 |
953 |
- |
Remote Code Execution in Tutanota Desktop due to Code Flaw |
Paul Gerste |
Sep. 20, 2023 |
2741 |
2 |
5 Clean Code Tips for Reducing Cognitive Complexity |
John Clifton |
Sep. 22, 2023 |
532 |
- |
Open Source Summit 2023 |
Jonathan Vila |
Sep. 26, 2023 |
473 |
- |
Source Code at Risk: Critical Code Vulnerability in CI/CD Platform TeamCity |
Stefan Schiller |
Sep. 26, 2023 |
1536 |
1 |
Sonar's Scoring on the Top 3 Java SAST Benchmarks |
Alexandre Gigleux |
Sep. 26, 2023 |
824 |
- |
Unzipping Dangers: OpenRefine Zip Slip Vulnerability |
Stefan Schiller |
Sep. 27, 2023 |
1276 |
- |
A comprehensive guide to the dangers of Regular Expressions in JavaScript |
Phil Nash |
Sep. 28, 2023 |
2901 |
3 |
Why I’m passionate about Static Analysis and how I helped make it better |
Abbas Sabra |
Oct. 02, 2023 |
2212 |
- |
ISMG Interview - Securing Applications, Accelerating DevOps with Clean Code |
Katie Hyman |
Oct. 05, 2023 |
1975 |
- |
Interview with Sonar Java Enthusiasts |
Tony Graham |
Oct. 09, 2023 |
1948 |
- |
Java SAST Benchmarks: why you shouldn't trust them blindly |
Pierre-Loup Tristant |
Oct. 11, 2023 |
1111 |
- |
Security Vulnerabilities in CasaOS |
Thomas Chauchefoin |
Oct. 17, 2023 |
2087 |
- |
What is Clean Code? |
Gabriel Vivas |
Oct. 18, 2023 |
1552 |
- |
Highlights from Hexacon 2023 |
Stefan Schiller |
Oct. 18, 2023 |
817 |
- |
Shifting Right for Secure Platforms and DevOps |
Ben Dechrai |
Oct. 25, 2023 |
1430 |
- |
9 Steps to get the most out of your SonarCloud Trial |
Zoe Bell |
Nov. 07, 2023 |
1684 |
- |
Linux Foundation Chat: Open Source & Clean Code |
Katie Hyman |
Nov. 07, 2023 |
300 |
- |
Visual Studio Code Security: Deep Dive into Your Favorite Editor (1/3) |
Thomas Chauchefoin, Paul Gerste |
Nov. 07, 2023 |
3389 |
- |
Sonar's Scoring on the Top 3 C# SAST Benchmarks |
Alexandre Gigleux |
Nov. 07, 2023 |
704 |
- |
Visual Studio Code Security: Markdown Vulnerabilities in Third-Party Extensions (2/3) |
Paul Gerste |
Nov. 14, 2023 |
2378 |
- |
SonarQube 10.3 Release Announcement |
Robert Curlee |
Nov. 15, 2023 |
503 |
- |
Visual Studio Code Security: Finding New Vulnerabilities in the NPM Integration (3/3) |
Thomas Chauchefoin, Paul Gerste |
Nov. 20, 2023 |
1748 |
- |
Top issues in Java projects |
Jonathan Vila |
Sep. 26, 2023 |
971 |
- |
Sonar is “On the Radar”: New Omdia Report |
Katie Hyman |
Nov. 29, 2023 |
453 |
- |
Sonar keeps your secrets from leaking … unlike that "trusted" friend from grade school |
Alexandre Gigleux |
Nov. 07, 2023 |
653 |
- |
Unraveling the Costs of Bad Code in Software Development |
Liz Ryan |
Dec. 05, 2023 |
611 |
- |
Stop nesting ternaries in JavaScript |
Phil Nash |
Dec. 07, 2023 |
1299 |
2 |
Spring framework pitfalls |
Jonathan Vila |
Dec. 11, 2023 |
1252 |
- |
pfSense Security: Sensing Code Vulnerabilities with SonarCloud |
Oskar Zeino-Mahmalat |
Dec. 11, 2023 |
2177 |
3 |
Sonar @ Black Hat Europe! |
Thomas Chauchefoin |
Dec. 13, 2023 |
699 |
- |
2024 Security Predictions from the Sonar Research Team |
Johannes Dahse |
Dec. 14, 2023 |
621 |
- |
2024 DevOps Predictions from the Sonar Developer Advocate Team |
Peter McKee |
Dec. 21, 2023 |
910 |
- |
AI-Generated Code Demands ‘Trust, But Verify’ Approach to Software Development |
Tariq Shaukat |
Apr. 11, 2024 |
1389 |
- |
C# Logging Best Practices with .NET |
Denis Troller |
Apr. 10, 2024 |
2561 |
- |
Apache Dubbo Consumer Risks: The Road Not Taken |
Yaniv Nizry |
Apr. 01, 2024 |
1633 |
- |
Ensuring the right usage of Java 21 new features |
Jonathan Vila |
Apr. 01, 2024 |
1510 |
- |
Technical debt’s impact on development speed and code quality |
Bianka Banova |
Mar. 27, 2024 |
831 |
- |
DORA Compliance for Financial Entities: leveraging Sonar solutions to ensure code security by design |
Adam Surdy |
Mar. 22, 2024 |
933 |
- |
Micro Services, Major Headaches: Detecting Vulnerabilities in Erxes' Microservices |
Paul Gerste |
Mar. 21, 2024 |
2210 |
- |
__dirname is back in Node.js with ES modules |
Phil Nash |
Mar. 21, 2024 |
911 |
3 |
#CleanCodeTips: Unlock Your Coding Potential |
Peter McKee |
Mar. 12, 2024 |
830 |
- |
Reply to calc: The Attack Chain to Compromise Mailspring |
Yaniv Nizry |
Mar. 11, 2024 |
1684 |
- |
Are You Ready For PCI DSS 4.0? |
Robert Curlee |
Mar. 11, 2024 |
949 |
- |
Increase readability with Java's Pattern Matching |
Jonathan Vila |
Mar. 04, 2024 |
638 |
1 |
OpenNMS Vulnerabilities: Securing Code against Attackers’ Unexpected Ways |
Stefan Schiller |
Feb. 29, 2024 |
1945 |
- |
White House emphasizes need for proactive coding practices to counter cyber attacks |
Harry Wang |
Feb. 29, 2024 |
782 |
- |
Sonar Reaffirms Strength of its Information Security Management Systems by Earning The Latest ISO Certification, ISO27001:2022 |
Andrea Malagodi |
Feb. 27, 2024 |
349 |
- |
How timely delivery comes from transparent outsourced software development communication |
Liz Ryan |
Feb. 27, 2024 |
1000 |
- |
Builders, Withers, and Records - Java’s path to immutability |
Jonathan Vila |
Feb. 21, 2024 |
927 |
- |
Joomla: PHP Bug Introduces Multiple XSS Vulnerabilities |
Stefan Schiller |
Feb. 20, 2024 |
1259 |
- |
Union, intersection, difference, and more are coming to JavaScript Sets |
Phil Nash |
Feb. 15, 2024 |
1280 |
115 |
Write cleaner React code with SonarQube 10.4 |
Phil Nash |
Feb. 13, 2024 |
1163 |
- |
Introducing the new Sonar Web API V2 |
Aurélien Poscia |
Feb. 08, 2024 |
935 |
- |
Building the foundation for a strong AI future |
Harry Wang |
Feb. 08, 2024 |
466 |
- |
5 Risks of Outsourcing Software Development and How to Avoid Them |
Liz Ryan |
Feb. 07, 2024 |
1281 |
- |
SonarQube 10.4 Release Announcement |
Robert Curlee |
Feb. 06, 2024 |
665 |
- |
Pitfalls of Desanitization: Leaking Customer Data from osTicket |
Oskar Zeino-Mahmalat |
Feb. 06, 2024 |
1991 |
- |
Juliet C# Benchmark and the SecureString case |
Gaëtan Ferry |
Feb. 01, 2024 |
1413 |
- |
Who are you? The Importance of Verifying Message Origins |
Stefan Schiller |
Jan. 28, 2024 |
1203 |
- |
Excessive Expansion: Uncovering Critical Security Vulnerabilities in Jenkins |
Yaniv Nizry |
Jan. 24, 2024 |
1464 |
1 |
Sonar is helping make C# code clean as Microsoft ASP.NET Core Blazor application development grows |
Denis Troller |
Jan. 23, 2024 |
963 |
- |
Lessons learned upgrading to React 18 in SonarQube |
Phil Nash |
Jan. 17, 2024 |
1212 |
- |
Vulnerability Research Highlights 2023 |
Stefan Schiller |
Jan. 03, 2024 |
1572 |
- |
Sonar's Scoring on the Top 3 Python SAST Benchmarks |
Alexandre Gigleux |
Dec. 28, 2023 |
442 |
- |
Green Coding with Clean Code - A Recap of ecoCode Challenge Paris 2024 |
Fabrice Bellingard |
Jun. 20, 2024 |
542 |
- |
Re-moo-te Code Execution in Mailcow: Always Sanitize Error Messages |
Paul Gerste |
Jun. 17, 2024 |
1978 |
- |
Integrating SonarCloud with Amazon CodeCatalyst for Code Analysis |
Manish Kapur |
Jun. 10, 2024 |
668 |
- |
An Open Letter to Sonar[Qube] Users |
Lynne Doherty |
Jun. 06, 2024 |
558 |
- |
mXSS: The Vulnerability Hiding in Your Code |
Yaniv Nizry |
May. 27, 2024 |
2965 |
1 |
Sonar Named Leader in G2 Spring Report |
Zoe Bell |
May. 20, 2024 |
331 |
- |
Find Deeply Hidden Security Vulnerabilities with Deeper SAST by Sonar |
Johannes Dahse |
May. 15, 2024 |
1054 |
- |
Parallel Code Security: The Challenge of Concurrency |
Stefan Schiller |
May. 14, 2024 |
2946 |
- |
Code Interoperability: The Hazards of Technological Variety |
Stefan Schiller |
May. 07, 2024 |
3428 |
- |
Leveraging SonarQube, SonarCloud, and SonarLint for Effective Shift Left Practices |
Manish Kapur |
May. 01, 2024 |
1240 |
- |
Driving DevOps Transformation: Leveling Up CI/CD with Static Code Analysis |
Tony Graham |
Apr. 30, 2024 |
876 |
- |
Legacy Codebases are a DevOps Issue |
Ben Dechrai |
Apr. 18, 2024 |
1346 |
- |
SonarQube 10.5 Release Announcement |
Robert Curlee |
Apr. 16, 2024 |
415 |
- |
Dangerous Import: SourceForge Patches Critical Code Vulnerability |
Stefan Schiller |
Apr. 16, 2024 |
1192 |
- |
Sonar Named a Leader in G2 Grid Report for Sixteenth Consecutive Quarter |
Zoe Bell |
Jul. 23, 2024 |
420 |
- |
Uncovering hidden security vulnerabilities with deeper SAST |
Johannes Dahse |
Aug. 08, 2023 |
1507 |
- |
AutoConfig: C++ Code Analysis Redefined |
Abbas Sabra |
Jul. 17, 2024 |
1143 |
- |
SonarQube 10.6 Release Announcement |
Robert Curlee |
Jun. 25, 2024 |
601 |
- |
Announcing SonarQube 9.9 LTS! |
Kirti Joshi |
Feb. 07, 2023 |
744 |
- |
What Code Issues Caused the CrowdStrike Outage? |
Sonar |
Jul. 25, 2024 |
1229 |
- |
Securing Developer Tools: Unpatched Code Vulnerabilities in Gogs (2/2) |
Thomas Chauchefoin, Paul Gerste |
Jul. 09, 2024 |
2344 |
- |
Government Emails at Risk: Critical Cross-Site Scripting Vulnerability in Roundcube Webmail |
Oskar Zeino-Mahmalat |
Aug. 05, 2024 |
580 |
- |
Using and Understanding SonarQube for Code Coverage |
Manish Kapur |
Jul. 08, 2024 |
1093 |
- |
[ON DEMAND] Watch Sonar Founder Olivier Gaudin Break Down the Need for and Impact of Clean Code at QCon London 2024 |
Arden Gonzales |
Aug. 15, 2024 |
743 |
- |
Encoding Differentials: Why Charset Matters |
Stefan Schiller |
Jul. 15, 2024 |
2136 |
3 |
Now Introducing, SonarCloud Enterprise and SonarCloud Team |
Andrew Osborne |
Jul. 31, 2024 |
692 |
- |
The True Cost of Bad Code in Software Development |
Liz Ryan |
Jun. 27, 2024 |
678 |
- |
Deliver high-quality ASP.NET Core web apps with Sonar. |
Denis Troller |
Jul. 24, 2024 |
1121 |
- |
Front-End Frameworks: When Bypassing Built-in Sanitization Might Backfire |
Stefan Schiller |
Aug. 13, 2024 |
1357 |
- |
How Sonar Helps Meeting NIST SSDF Code Security Requirements |
Robert Curlee |
Aug. 07, 2024 |
679 |
- |
Securing Developer Tools: Unpatched Code Vulnerabilities in Gogs (1/2) |
Thomas Chauchefoin, Paul Gerste |
Jul. 02, 2024 |
2279 |
2 |
How to Choose an LLM in Software Development |
Manish Kapur |
Aug. 27, 2024 |
1687 |
- |
Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities |
Yaniv Nizry |
Sep. 02, 2024 |
1268 |
- |
How can Sonar help with ISO 27001 compliance? |
Mark Clements |
Sep. 03, 2024 |
684 |
- |
Top security flaws hiding in your code - and how to fix them |
Jonathan Vila |
Sep. 09, 2024 |
1311 |
- |
Instant Code Fixes at Your Fingertips: Announcing Sonar AI CodeFix |
Manish Kapur |
Oct. 03, 2024 |
751 |
- |
Building Confidence and Trust in AI-Generated Code |
Manish Kapur |
Oct. 03, 2024 |
930 |
- |
SonarQube 10.7 Release Announcement |
Robert Curlee |
Oct. 04, 2024 |
759 |
- |
Announcing Sonar's Support for Dart: Elevate Your Code Quality |
Andrew Osborne |
Oct. 07, 2024 |
710 |
- |
Why Code Security Matters - Even in Hardened Environments |
Stefan Schiller |
Oct. 08, 2024 |
2681 |
- |
The Power of Taint Analysis: Uncovering Critical Code Vulnerability in OpenAPI Generator |
Stefan Schiller |
Oct. 22, 2024 |
1401 |
- |
Sanitize Client-Side: Why Server-Side HTML Sanitization is Doomed to Fail |
Yaniv Nizry |
Nov. 05, 2024 |
1835 |
- |
Our commitment to you – and an update on severity ratings for software quality |
Tom Howlett |
Nov. 13, 2024 |
708 |
- |
How to Trust AI Contributions to Your Codebase |
Anirban Chatterjee |
Nov. 14, 2024 |
1319 |
- |
A better (free) SonarQube experience |
Fabrice Bellingard |
Nov. 19, 2024 |
717 |
- |