4 Leadership Lessons From a $200 Million, Fast-Growing, Profitable Startup
Adapt your business model to scarce capital, build on your strengths, and overcome your weaknesses.
SONAR COVERAGE
the latest in clean code coverage
News articles covering Sonar, Clean Code, research from the Sonar R&D team, Sonar executive perspective, and more
BetaNews
Secure software depends on clean code — AI-generated or not
Sonar Head of Developer Relations and Community, Peter McKee, writes about the need for Clean Code in order to create secure software and decrease bad code.
Read now >
The New Stack
How to Get Advantages of TypeScript in JavaScript
Sonar Developer Advocate, Phil Nash, details tips and tricks for how to take advantage of TypeScript in JavaScript.
Read now >
SecurityWeekly Podcast
VSCode Vulnerabilities – Thomas Chauchefoin, Paul Gerste – PSW #804
Sonar Vulnerability Researchers Thomas Chauchefoin and Paul Gerste discuss research conducted on the security of Visual Studio Code — the most popular code editor out there.
Listen now >
SiliconANGLE
Enterprise software developers prepare for generative AI's 'productivity revolution'
In this article, Olivier Gaudin - founder and co-CEO of Sonar - is quoted on his perspective that more experienced coders will see the bigger advantages from genAI.
Read now >
Dark Reading
North Korean State Actors Attack Critical Bug in TeamCity Server
Sonar vulnerability researcher, Stean Schiller, is quoted on JetBrains TeamCity vulnerability, discovered by the Sonar research team.
Read now >
The Hacker News
Critical Vulnerabilities Uncovered in Open Source CasaOS Cloud Software
Sonar Vulnerability Research team discovers two critical security flaws in the open source CasaOS personal cloud software.
Read now >
The New Stack
What You Need to Know about Carbon, Python and Val
Sonar Developer Advocate, Phil Nash, details what developers need to consider about programming languages Carbon, Python, and Hylo.
Read now >
Forbes
Why Switzerland Thinks It Can Be Europe’s Tech Start-Up Capital
Sonar receives mention for being a Switzerland-based Unicorn in this Forbes article about the Europe tech start-up landscape.
Read now >
Solutions Review
37 Cybersecurity Awareness Month Quotes from Industry Experts in 2023
Olivier Gaudin, founder and co-CEO of Sonar, shares his perspective on Clean Code as it relates to Cybersecurity Awareness Month and the increase of genAI in code development.
Read now >
Enterprise Security Tech
Impact of AI on Cybersecurity: Pros and Cons Analyzed By Experts
In this article, Olivier Gaudin, co-CEO and founder of Sonar, shares why the world needs Clean Code and to adapt a Clean as You Code approach.
Read now >
The Last Watchdog
Black Hat Fireside Chat: Why using ‘Clean Code’ is paramount in speedy software development
Sonar's Olivier Gaudin, co-CEO and founder, and Head of R&D, Johannes Dahse, speak on The Last Watchdog podcast about the importance of Clean Code in speedy software development with quality.
Read now >
CIO Influence
October Cybersecurity Awareness Month: Top 50 IT and Security Professionals Share their Strategies
Olivier Gaudin, co-CEO and founder of Sonar, shares his perspective on Clean Code for Cybersecurity Awareness Month.
Read now >
TechRepublic
Top Security Tools for Developers in 2023
In this article, SonarQube is acknowledged as a great choice for developers needing an open source static application security testing tool to enhance security and code quality.
Read now >
VMblog
Cybersecurity Awareness Month 2023: Industry Experts Share Their Thoughts
In this article, Sonar founder and co-CEO - Olivier Gaudin - shares why organizations need to understand and adopt a Clean as You Code approach this Cybersecurity Awareness Month.
Read now >
The Hacker Mind
EP 81: HACKING VISUAL STUDIO CODE EXTENSIONS
In this podcast episode, Sonar researchers Thomas Chauchefoin and Paul Gerste discuss the state of the art of Visual Studio Code's security with Hacker Mind host Robert Vamosi.
Listen now >
Dev-Insider
Best Practices für sauberen Code ohne technische Schulden Clean Coding – ein Mittel gegen Developer-Burnout?
In this article, Sonar's Peter McKee writes about how Clean Code methods reduce workload while ensuring security, compliance, and the highest code quality.
Read now >
CyberWire
Cybersecurity Awareness Month: advice for tech companies.
In this article, Sonar founder and co-CEO - Olivier Gaudin - makes "a call for Clean Code" as organizations rethink their security this Cybersecurity Awareness Month.
Read now >
TechRepublic
3 Best DevSecOps Tools in 2023
In this article, the SonarQube solution is highlighted as a top DevSecOps tool for its support for multiple programming languages to improve code quality and enhance security.
Read now >
BuiltIn ATX
Built In Austin’s 9 Featured Companies of the Month
In this article, Sonar is recognized for its accomplishments and success as an innovative company in Austin, Texas.
Read now >
HackRead
JetBrains Patches Severe TeamCity Flaw Allowing RCE and Server Hijacking
Sonar researcher Stefan Schiller is acknowledged for discovery of a critical-severity authentication bypass vulnerability in the TeamCity CI/CD server.
Read now >
SC Media
Server hijacking likely with exploitation of critical TeamCity vulnerability
In this article, a critical TeamCity vulnerability is detailed, as discovered by Sonar's vulnerability research team.
Read now >
Hacker News
Critical JetBrains TeamCity Flaw Could Expose Source Code and Build Pipelines to Attackers
In this article, Sonar researchers share their discovering of a critical vulnerability in JetBrains TeamCity.
Read now >
SecurityWeek
In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover
A critical vulnerability in the TeamCity CI/CD server, discovered by the Sonar Vulnerability Research team could allow unauthenticated attackers to execute code and take over vulnerable servers.
Read now >
Decipher
TeamCity users urged to apply fix for Critical Flaw
Sonar researchers discovered a critical security vulnerability in TeamCity, a popular Continuous Integration and Continuous Deployment (CI/CD) server from JetBrains.
Read now >
L'Agefi
SonarSource, inflation, BNS: les trois mots-clés de la semaine
Sonar's appointment of new co-CEO, Tariq Shaukat, is covered in L'Agefi's top three news moments from the week.
Read now >
DBTA
SonarCloud Debuts Open Source, Zero-Configuration, Automatic Analysis for C and C++ Projects
Sonar, the Clean Code solution provider, is announcing a new capability for its SonarCloud platform: Zero-configuration, automatic analysis for programming languages C and C++.
Read now >
VMblog
Sonar Delivers Zero-Configuration Analysis of C and C++ Projects
New zero-configuration, automatic analysis for programming languages C and C++ within SonarCloud enables GitHub hosted projects to be analyzed in one click, and it works with all compilers.
Read now >
DEVOPSdigest
Sonar Announces Zero-Configuration Analysis of C and C++ Projects
Sonar announced zero-configuration, automatic analysis for programming languages C and C++ within SonarCloud, enabling C and C++ projects hosted on GitHub to be analyzed by SonarCloud in one click.
Read now >
L'Agefi
With the ex-president of Bumble, SonarSource aims for a billion in turnover
The Geneva unicorn has recruited a co-CEO who combines commercial and software skills in order to accelerate its development. Tariq Shaukat was at the helm of the dating app when it debuted on the Nasdaq.
Read now >
Bloomberg Markets
Expect More Durable Companies to Come to Market: Shaukat
Co-CEO of Sonar, Tariq Shaukat, discusses IPO tech landscape and the importance of growing profitability with durability.
Watch now >
Bloomberg Markets
Bloomberg Markets: The Close 09/12/2023
Recently appointed co-CEO of Sonar, Tariq Shaukat, joins Bloomberg Markets "The Close" to discuss his new role and the IPO tech market (at 25-minute mark).
Watch now >
Austin Business Journal
After helping Bumble IPO, Tariq Shaukat named co-CEO of $4B coding company
Tariq Shaukat joins Sonar as co-CEO to work alongside Founder and CEO, Olivier Gaudin, to take company through next phase of growth.
Read now >
insideHPC
Former Google Cloud President Tariq Shaukat Joins Sonar as Co-CEO
Sonar announced that Tariq Shaukat has joined the company as co-CEO and a member of the Board of Directors. The company said Shaukat will lead the company with founder and CEO Olivier Gaudin.
Read now >
TechStrong TV
Insecure Code: Software Makers May Be Held Liable with New Legislation
Peter McKee, Head of Developer Relations & Community at Sonar, speaks with TechStrong TV's Alan Shimel about the future of DevOps and the importance of Clean Code.
Listen now >
Forbes
What Large Models Cost You – There Is No Free AI Lunch
The cost of generative AI is hitting businesses. Building and training LLMs can be prohibitively expensive. Sonar's Olivier Gaudin says “LLMs get bigger, not smarter."
Read now >
SD Times
Insecure Code: Software Makers May Be Held Liable with New Legislation
Sonar CMO Manish Gupta covers the Biden National Cybersecurity Strategy, how it places more legal responsibility on software makers, and how Clean Code can help.
Read now >
GovInfoSecurity
Securing Applications, Accelerating DevOps With Clean Code
In this video interview, Sonar CEO & co-founder Olivier Gaudin discusses Clean Code strategies for addressing dirty code and legacy issues, and how to increase output and quality of DevOps teams.
Listen now >
SecurityGuyTV
Discovering Hidden Security Issues in Code with Sonar; Deeper SAST
In this interview, Sonar CEO & co-founder Olivier Gaudin, and Sonar Head of R&D Johannes Dahse, discuss the announcement of deeper SAST and what is Clean Code.
Listen now >
CRN
20 Hottest New Cybersecurity Tools At Black Hat 2023
In this article, vendors showcasing new products are highlighted. Sonar's deeper SAST is featured at number 12.
Read more >
Help Net Security
New infosec products of the week: August 4, 2023
In this article, Help Net Security takes a look at the most interesting products from the week of August 4th, including Sonar's deeper SAST.
Read more >
VMblog
Sonar's New, Powerful Deep-Analysis Capability Finds Hidden Code Level Security Issues
Sonar announced a significant advancement of its Clean Code offering - developers can now automatically discover and fix code security issues with deeper SAST.
Read more >
SD Times
Sonar new SAST tool includes support for thousands of open-source libraries
In this article, Sonar's announcement of deeper SAST is featured. The update to the Sonar platform makes it easier for developers to write Clean Code.
Read more >
Help Net Security
Sonar's new deep-analysis capability discovers and fixes code security issues
Sonar announced a significant advancement of its Clean Code offering – developers can now automatically discover and fix code security issues arising from interactions between user source code and third-party, open-source libraries.
Read more >
The New Stack
Bad Code Stalls Developer Velocity
Sonar's Head of Developer Relations, Peter McKee, covers how a Clean as You Code approach ensures quality cod is developed quickly, without having to backtrack to remediate old errors.
Read more >
The New Stack
What is Clean Code?
Sonar VP of Product, Fabrice Bellingard, details how embracing Clean Code principles enables organizations to enhance the efficiency of their DevOps workflow.
Read more >
Security Week
OpenMeetings Flaws Allow Hackers to Hijack Instances, Execute Code on Servers
Three vulnerabilities in Apache OpenMeetings could be exploited by attackers to take over an administrator account and execute arbitrary code remotely, according to Sonar's vulnerability research team.
Read more >
Dark Reading
Meet the Finalists for the 2023 Pwnie Awards
Sonar vulnerability researchers Thomas Chauefoin and Stefan Schiller receive Pwnie Awards nominations for research on vulnerabilities in Check_mk, and the security of the PHP supply chain and Composer.
Read more >
The Cyberwire
It pays to malvertise. MOVEit vulnerability remediation. Ransomware trends. FSB cyberespionage. Influence operators taken down.
The Cyberwire Daily Briefing newsletter highlights new original research from Sonar that spotlights the millions of dollars businesses lose when they fail to implement an optimal approach for software development.
Read more >
Dark Reading
Apache OpenMeetings Wide Open to Account Takeover, Code Execution
Sonar threat researcher Stefan Schiller shares insights on the three security vulnerabilities found in Apache OpenMeetings.
Read more >
The Hacker News
Apache OpenMeetings Web Conferencing Tool Exposed to Critical Vulnerabilities
Sonar research team finds multiple security flaws in Apache OpenMeetings that could be potentially exploited to seize control of admin accounts and run malicious code on susceptible servers.
Read more >
RT Insights
In the Era of Modern Apps, Clean Code is Key to Customer Satisfaction
Sonar VP of Products, Fabrice Bellingard, shares how embracing Clean Code practices guarantees that developers can create modern apps that deliver.
Read more >
DZone
Why ORMs and Prepared Statements Can't (Always) Win
Sonar Vulnerability Researcher, Thomas Chauchefoin, writes about several SQL injection vulnerabilities discovered in Soko, a software deployed on the Gentoo Linux infrastructure.
Read more >
The Hacker News
Critical SQL Injection Flaws Expose Gentoo Soko to Remote Code Execution
Sonar research team uncovers multiple SQL injection vulnerabilities in Gentoo Soko that could lead to remote code execution (RCE) on vulnerable systems.
Read more >
Security Affairs
Critical SQL Injection flaws in Gentoo Soko can lead to Remote Code Execution
Sonar researchers identify two SQL injection vulnerabilities in Gentoo Soko that can be exploited by a remote attacker to execute arbitrary code on vulnerable systems.
Read more >
DevOps Digest
Clean Code and Software Development: Maximizing Efficiency and Maintainability in Uncertain Times
Sonar's Head of R&D, Johannes Dahse, details two ways that Clean Code can help address current challenges developers face today.
Read more >
InformationWeek
DOS Won’t Hunt: Is AI Better Than Low Code/No Code for Developers?
Sonar CEO Olivier Gaudin brings up some points to consider as generative AI becomes part of the software development cycle.
Read more >
DEVOPSdigest
Cleaning as You Code Is the Only Way to Truly Shift Left
In this article, Sonar's Head of R&D covers how to truly shift left, developers must be able to clean-as-they-code.
Read more >
SecurityWeek
Pimcore Platform Flaws Exposed Users to Code Execution
In this article, Sonar's R&D team warns that newly patched vulnerabilities in the Pimcore platform bring code execution risks.
Read more >
DZone
How the Wrong Content Type Introduced a Vulnerability in Odoo
In this article, Sonar's R&D team provides an overview of content types and how a minor error resulted in a vulnerability in Odoo.
Read more >
BuiltIn ATX
Companies Fostering a Sense of Belonging During Onboarding
BuiltIn Austin asked SonarSource, LogicMonitor, Tecovas, Episode Six and Semrush how they make new hires feel welcome.
Read more >
Agile Noir
Clean as You Code with SonarQube
In part three of this series for the Agile Noir podcast, Lance Kind speaks with Sonar VP of Products, Fabrice Bellingard about the importance of code quality and how SonarQube can help developers maintain clean code.
Read more >
DZone
Empowering Weak Primitives: File Truncation to Code Execution With Git
In this article, SonarSource's R and D team discusses how they discovered a code vulnerability that allows you to truncate arbitrary files to execute arbitrary commands.
Read more >
BuiltIn ATX
Hiring Now: Sonar Is Building a Team That’s Passionate About Clean Code
This Austin company is building out a team of tech professionals who are passionate about clean code.
Read more >
Agile Noir
SonarQube Helps Development Teams Clean their Code
In part two of this series for the Agile Noir podcast, Lance Kind speaks with Sonar VP of Products, Fabrice Bellingard about how SonarQube helps developers clean their code.
Listen Now >
Agile Noir
Why 7 million developers have their code analyzed by SonarQube
In part one of this series for the Agile Noir podcast, Lance Kind speaks with Sonar VP of Products, Fabrice Bellingard about why developers have their code analyzed by SonarQube.
Listen Now >
DZone
Malicious Message Leading To E-Commerce Takeover
In this article, Sonar's research and development team presents the root cause analysis of two Cross-Site Scripting bugs.
Read More >
Devops
Avoiding Developer Burnout With Clean Code Best Practices
Employee burnout is common in the tech industry, especially for developers. In fact, 83% of software developers feel burnt out from their work and of those, nearly half of them feel...
Read More >
CyberNews
Southwest Airlines incidents prove companies need to deal with technical debt – now
Thousands of US organizations are running on outdated software. This kind of failure to address technical debt is a recipe for a disaster – and it’s already costing trillions. Clean as You Code to the rescue.
Read More >
Website Planet
Meet SonarSource: Top-Class Solutions For Code Quality Management
Check out this interview with Manish Gupta, CMO at SonarSource, a leading provider of clean code solutions. The interview covers the company’s story, the benefits of using clean code when building websites, and what’s in the future of coders with the recent developments in AI technology.
Read More >
Venture Beat
Source Code Must Become a C-level Priority
Organizations have long realized how important their software is to their business. But they’re now fully realizing just how critical their software’s source code is. Sonar's CEO, Olivier Gaudin, explains.
Read More >
Help Net Security
SonarQube 9.9 LTS Empowers Organizations to Boost the Quality of Their Code
Sonar has launched SonarQube 9.9 Long-Term Support (LTS) that empowers organizations to achieve the Clean Code state securely and at scale.
Read More >
VM Blog
Sonar Launches SonarQube 9.9 LTS to Help Organizations Achieve a State of Clean Code
Sonar has launched SonarQube 9.9 Long-Term Support (LTS). The new release empowers organizations to achieve the Clean Code state quickly, securely, and at scale.
Read More >
Journal of Cyber Policy
Sonar Launches SonarQube 9.9 LTS to Help Organizations Achieve a State of Clean Code
SonarQube 9.9 LTS offers accelerated pull request analysis, support for building and deploying secure cloud-native applications, sophisticated enterprise-grade capabilities, and many innovations related to the detection engine and contextual education.
Read More >
DevOps Digest
SonarSource Launches SonarQube 9.9 LTS
Sonar’s latest 9.9 LTS release introduces key capabilities to enable enterprises to build better software in a sustained manner - with accelerated pull request analysis, support for building and deploying secure cloud-native applications, sophisticated enterprise-grade capabilities, and many innovations related to the detection engine and contextual education.
Read More >
SD Times
SonarQube 9.9 LTS Helps Organizations Produce Clean Code
Sonar’s release of SonarQube 9.9 Long-Term Support (LTS) aims to help organizations clean their code quickly with accelerated pull request analysis, support for building and deploying secure cloud-native applications, and more.
Read More >
Spiceworks
Retain Your Development Talent with The Power of Clean Code
Employee burnout is very common in the technology industry, especially for developers. However, companies can avoid developer burnout with the power of clean code practices, explains Fabrice Bellingard, VP of products at SonarSource.
Read More >
Make Use Of
What Is SonarQube? 5 Key Features for Programmers
Many tools and platforms are available in the programming world, and here’s one you should add to your toolbox: SonarQube. The following key features of SonarQube will help you to overcome your coding difficulties and improve your programming skills.
Read More >
App Developer Magazine
Why Sonar is Growing So Much
Announcing record growth in developer and enterprise customer adoption in FY22, Sonar has added 5,000 paying customers in 11 months, supporting 21,000 enterprise customers including over 75% of Fortune 100 and nearly half of Fortune 500 companies.
Read More >
CPO Magazine
Protect Developer Tools Against Growing Vulnerability Threat
Over the past couple of years, developers have been increasingly targeted by attackers, with dozens of events occurring. These bad actors are targeting devs with the tools they depend on to build code.
Read More >
The Empathetic Marketer
[Podcast] Increasing Audience Reach Using Effective Marketing Strategies with Manish Gupta
Listen as Manish Gupta, Chief Marketing Officer at Sonar, talks about creating intent-based campaigns to get your message across to audiences that are increasingly sensitive to overused marketing ploys.
Listen Now >
Techstrong
[Video] Critical Vulnerabilities in the IT Monitoring Tool
Watch as Stefan Schiller, a vulnerability researcher at SonarSource, explains how SonarSource determined an attacker can escalate to the Checkmk automation user by exploiting an authenticated arbitrary file read in NagVis.
Read More >
Devopsdigest
2023 DevOps Predictions - Part 3
Industry experts offer thoughtful, insightful, and often controversial predictions on how DevOps and related technologies will evolve and impact business in 2023 - including source code as a key strategic asset.
Read More >
The New Stack
Interest Growing in Dart and Flutter for Mobile
Dart and Flutter are finally getting their day as more software engineers explore using Flutter for mobile app development.
Read More >
Enterprise Security Tech
Exec Threat Overview: CVE-2022-30129
Johannes Dahse, Head of R&D at Sonar, explains a Remote Code Execution vulnerability (CVE-2022-30129) that was discovered in one of the most popular IDEs: Visual Studio Code.
Read More >
Console.Dev
Interview with Olivier Gaudin
CEO of Sonar, Olivier Gaudin, speaks to console.dev about getting into software, the beginnings of Sonar, the company structure, development challenges, tools, clean code, and more!
Read More >
Computer Weekly
SonarSource: Google’s Carbon language is a successor, not a replacement, for C++
Phil Nash explains that, despite popular belief, Google’s open source Carbon programming language is not a strict replacement for C++. The important distinction is that it is intended to be used alongside C++.
Read More >
DZone
JavaOne 2022: Java Continues to Evolve
The Java development team looks at the evolution of hardware and software to innovate and maintain its relationships with the developer community, and insights from the 2022 JavaOne conference.
Read More >
BetaNews
[Q&A] How Clean Code Can Help Developers Prevent Vulnerabilities
Every year, thousands of code vulnerabilities are discovered, patched, and publicly disclosed to improve security for current and potential users. What can developers do to write better code that prevents vulnerabilities from entering their apps and services in the first place?
Read More >
Techstrong
[Video] C++ and the Carbon Programming Language
Watch as Phil Nash, one of the original authors of the C++ test framework and a software engineer for SonarSource, explains how the Carbon programming language created by Google intertwines with C++
Read More >
CRN
Sonar expands the Clean Code movement to Asia Pacific
The leading platform for Clean Code will grow its user community and customer base across the entire region including ASEAN, ANZ, South Korea, China, and India.
Read More >
Dev Insider
[German] 10 unbekannte Sicherheitslücken in Python
Viele Entwickler nutzen Python und vertrauen darauf, dass es einen soliden Security-Level bietet.
Read More >
Bleeping Computer
Zimbra Bug Allows Stealing Email Logins with No User Interaction
Technical details have emerged on a high-severity vulnerability affecting certain versions of the Zimbra email solution that hackers could exploit to steal logins without authentication or user interaction.
Read More >
TechZone360
5 Development Tools Every Tech Engineer Should Have Access To
As a tech engineer, it is vital to have access to the right tools so you can create innovative products that make our lives easier. This blog post will discuss five development tools that every tech engineer should access!
Read More >
Techcrunch
Sonar raises $412M to scan codebases for bugs and vulnerabilities
Sonar, whose technology detects reliability and vulnerability issues in code, announced a funding round leading to a $4.7 billion valuation.
Read More >
Reuters
Coding platform Sonar valued at $4.7 bln after latest funding
Sonar intends to use the funds to double its salesforce this year and expand the company's marketing team across its international offices...
Read More >
MA RTS
[French] La start-up genevoise Sonar lève 412 millions et devient "quadruple licorne"
L'entreprise informatique genevoise Sonar a annoncé une capitalisation de 4,7 milliards de dollars, avec l'arrivée de nouveaux investisseurs américains.
Read More >
Austin American-Statesman
Software company has big plans for Austin, aims to double employee count
Sonar, which operates its U.S. headquarters in Austin, says it is gearing up for growth in Austin after landing a significant infusion of capital...
Read More >
SecurityWeek
CISA Warns of Attacks Exploiting Recent Vulnerabilities in Zabbix Monitoring Tool
The United States Cybersecurity and Infrastructure Security Agency (CISA) this week expanded its Known Exploited Vulnerabilities Catalog with two critical flaws in the Zabbix enterprise monitoring solution.
Read More >
The Record
Unpatched bug allows takeover of Horde webmail accounts, servers
Discovered by Sonar vulnerability researcher Simon Scannell, the vulnerability has existed in the Horde webmail app since late 2012...
Read More >