Sonar Blog

Quality

BLOG

Sonar's latest blog posts

Featured Post

Building Confidence and Trust in AI-Generated Code

To tackle the accountability and ownership challenge accompanying AI-generated code, we are introducing Sonar AI Code Assurance

Read More
https://assets-eu-01.kc-usercontent.com:443/093b835c-5333-0132-0526-5bdca2623961/0bd6c0bc-c921-485b-8570-8de7e1384983/AI%20Code%20Assurance_square-index%402x.png
https://assets-eu-01.kc-usercontent.com:443/093b835c-5333-0132-0526-5bdca2623961/8cf25ce0-1858-4367-8330-9e6b26eccf2c/Why%20Code%20Security%20Matters_landscape-index.png
Blog post

Why Code Security Matters - Even in Hardened Environments

This blog post showcases why fundamental code security is essential for an application despite all hardening measures applied in the underlying infrastructure.

Read article >

https://assets-eu-01.kc-usercontent.com:443/093b835c-5333-0132-0526-5bdca2623961/4b95b6e2-0011-473c-b492-b4e9f0d55dfd/dart%20support_landscape-index.webp
Blog post

Announcing Sonar's Support for Dart: Elevate Your Code Quality

Sonar now supports the Dart programming language

Read article >

Get new blogs delivered directly to your inbox!

Stay up-to-date with the latest Sonar content. Subscribe now to receive the latest blog articles.

By submitting this form, you agree to the storing and processing of your personal data as described in the Privacy Policy and Cookie Policy. You can withdraw your consent by unsubscribing at any time.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

https://assets-eu-01.kc-usercontent.com:443/093b835c-5333-0132-0526-5bdca2623961/296c23e0-fbfe-434e-8c6d-aa1c903bce5e/sq-10.7_blog-index.webp
Blog post

SonarQube 10.7 Release Announcement

Sonar introduces powerful AI-driven features, expanded support for new and existing languages and frameworks, and deeper security, all to elevate your code quality. These updates bring significant advancements for developers and teams.

Read article >

https://assets-eu-01.kc-usercontent.com:443/093b835c-5333-0132-0526-5bdca2623961/b317978f-6ceb-4b3f-8128-508d618596a9/AI%20Code%20Assurance_landscape-index.webp
Blog post

Building Confidence and Trust in AI-Generated Code

Sonar AI Code Assurance is a robust and streamlined process for validating AI-generated code through a structured and comprehensive analysis.

Read article >

https://assets-eu-01.kc-usercontent.com:443/093b835c-5333-0132-0526-5bdca2623961/1c383359-8f9f-4f59-ab7c-617e6942c954/AI%20CodeFix_landscape-index.webp
Blog post

Instant Code Fixes at Your Fingertips: Announcing Sonar AI CodeFix

Sonar AI CodeFix is a powerful capability that suggests code fixes for issues discovered by our code analysis solutions SonarQube and SonarCloud.

Read article >

Top Security Flaws hiding in your code
Blog post

Top Security Flaws hiding in your code right now - and how to fix them

Let's examine the three most common injection attack types—SQL injection, Deserialization Injection, and Logging Injection—and discuss ways to prevent them.

Read article >

https://assets-eu-01.kc-usercontent.com:443/093b835c-5333-0132-0526-5bdca2623961/f319fbfb-e548-4f2e-9d9c-59e1262c9619/iso-27001-compliance-landscape-index.webp
Blog post

How can Sonar help with ISO 27001 compliance?

Security standards such as ISO 27001 are crucial for businesses as they offer a structured framework for managing and safeguarding sensitive information.

Read article >

https://assets-eu-01.kc-usercontent.com:443/093b835c-5333-0132-0526-5bdca2623961/e503a8d1-03d9-4413-a51b-2e897698ac0c/pyspider_vulnerabilities_landscape_index.webp
Blog post

Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities

pyspider uses the convenient “basic HTTP authentication” method, but browsers don’t take the extra step to protect users from CSRF attacks. Learn more on how SonarCloud detected 2 vulnerabilities in this open-source project.

Read article >

https://assets-eu-01.kc-usercontent.com:443/093b835c-5333-0132-0526-5bdca2623961/2219edcc-ac15-4f18-a165-0c3286785dec/how-to-choose-an-llm-in-software-development-square-index.webp
Blog post

How to Choose an LLM in Software Development

With so many Large Language Models (LLMs) out there, selecting the right LLM is crucial for any organization looking to integrate AI into its operations.

Read article >

Logo of SonarCloud and SonarQube next to each other for comparison.
Blog post

SonarCloud or SonarQube, What's Right for Your Team?

Learn about the similarities and key differences between SonarCloud and SonarQube and which one is best for your use case.

Read Blog post >

https://assets-eu-01.kc-usercontent.com:443/093b835c-5333-0132-0526-5bdca2623961/4afae759-3f4e-4523-8b4a-61c0f741d839/on_demand_qcon_blog_index.webp
Blog post

[ON DEMAND] Watch Sonar Founder Olivier Gaudin Break Down the Need for and Impact of Clean Code at QCon London 2024

Olivier Gaudin discusses the value of quality, secure code from the start at top industry software conference. Check out his talk!

Read article >