Code security
Using dashboards in SonarQube Cloud
Visualizing key code quality and security metrics for your SonarQube Cloud projects just became easier with the general availability of customizable project dashboards.
Read article >
Stop malicious packages in your CI/CD pipeline with SonarQube
“Malware”, short for “malicious software” has been around for decades, starting with the first computer viruses of the 1990s. Early malware was mostly experimentation and pranks.
Read article >
How to choose your LLM without ruining your Java code
When evaluating a new AI model, ensuring the code compiles and executes is only the baseline. Experienced developers know that functionality is just the first step; the true standard for production-ready software is code that is reliable, maintainable, and secure.
Read article >
The AI trust gap: Why code verification matters
In this second chapter of our State of Code Developer Survey report, we dig deeper into the developer psyche to answer a critical question: Do developers actually trust the code that AI systems are generating?
Read article >
Why prioritizing code quality is the fastest way to reduce security risks
The common perception is that a security vulnerability is a rare, complex attack pattern. In reality, the journey of most flaws begins much earlier and much more simply: as a code quality issue. For both developers and security practitioners, understanding this lifecycle is crucial to building secure, reliable, and maintainable software.
Read article >
Vibe, then verify: How to navigate the risks of AI-generated code
AI is rewriting the traditional software development playbook. Developers are adopting AI on the ground, output is exploding, and leaders are being asked to convert promise into predictable velocity.
Read article >