Featured Post
Uncovering hidden security vulnerabilities with deeper SAST
Security vulnerabilities can be hidden in your third-party dependency code. Uncover them with deeper SAST.
Read more -->
Blog
Featured Post
Security vulnerabilities can be hidden in your third-party dependency code. Uncover them with deeper SAST.
Read more -->Understanding how Cognitive Complexity works will help guide you on where to focus your time. This blog dives into how this Sonar-exclusive metric was formulated to accurately measure the relative understandability of methods.
Read article >
Our Vulnerability Research team discovered a critical vulnerability in the popular CI/CD server TeamCity, which attackers could use to steal source code and poison build artifacts.
Read article >
Our Research team discovered critical code vulnerabilities in Proton Mail, Skiff, and Tutanota. This post covers an XSS vulnerability in Tutanota Desktop and how it can be prevented.
Read article >
Let's check what the new Java JDK21 LTS brings
Read blog post >
With SonarQube, organizations can readily deploy workflows integrated directly into their pipelines to build on their teams’ skill sets and create resiliency to new risks.
Read article >
TypeScript already understands JavaScript, but you can get more out of it when you add types to your JavaScript with JSDoc or TypeScript declaration files
Read blog post >
Our Research team discovered critical code vulnerabilities in Proton Mail, Skiff, and Tutanota. This post covers the technical details of the XSS vulnerability in Skiff.
Read article >
Sonar CEO, Olivier Gaudin, and Head of Research and Development, Johannes Dahse, meet with Security Guy TV’s Chuck Harold to discuss deeper SAST and the importance of Clean Code.
Read article >
Let's dive into what you can do to get more and more of TypeScript's benefits in your JavaScript projects.
Read blog post >
Discover the new features in SonarQube 10.2!
Read article >
The Sonar Research team discovered critical code vulnerabilities in Proton Mail, Skiff and Tutanota. This post covers the technical details of the XSS vulnerability in Proton Mail.
Read article >
Our security researchers recently discovered two critical vulnerabilities in Moodle that leverage the use of not impactful bugs.
Read article >