Newsroom

Coverage

SONAR COVERAGE

the latest in clean code coverage

News articles covering Sonar, Clean Code, research from the Sonar R&D team, Sonar executive perspective, and more

INC.

4 Leadership Lessons From a $200 Million, Fast-Growing, Profitable Startup

Adapt your business model to scarce capital, build on your strengths, and overcome your weaknesses.

Read More
a man stands around a table with colleagues while he emphasizes his point by holding and pointing with his glasses. His coworkers feign interest.
Dark Reading

Joomla XSS Bugs Open Millions of Websites to RCE

Sonar Vulnerability Research Team discovered that one fundamental flaw, tracked as CVE-2024-21726, is at the heart of the issues affecting Joomla's core filter component.

Read now >

Reworked

Managers Need to Get Better at Discussing Employee Well-Being. Here's How

Sonar's CHRO, Clarissa O'Connell, shares her perspective on how middle managers can be supported with the right tools and resources in place.

Read now >

The New Stack

Unraveling the Costs of Bad Code in Software Development

Sonar's Liz Ryan shares that, while the consequences of bad code can’t be underestimated, they must be mitigated to ensure business success.

Read now >

DevOps.com

Software Development in the Age of AI: How to Balance Quality and Speed

As AI code generators gain popularity, Sonar's Peter McKee covers how companies have to put safeguards in place to harness the technology, for boosting productivity and quality outputs.

Read now >

SD Times

The Importance of Prevention: How Shifting Left, Static Analysis and Unit Testing Create Better Code Quality

Sonar Head of Developer Relations & Community, Peter McKee, shares how developer teams must take a shift-left on quality approach, employing both unit testing and static analysis.

Read now >

The Tech Trek

Software is Eating the World and AI is Accelerating It

In this Tech Trek podcast episode, Tariq Shaukat, co-CEO at Sonar, is interviewed about the impact of software and AI on companies.

Listen now >

Security Boulevard

Write cleaner React code with SonarQube 10.4

SonarQube 10.4 was recently released and, between 10.3 and 10.4, 48 new rules and one updated rule were released to help write clean code in React applications.

Read now >

InfoWorld

10 ways generative AI will transform software development

Peter McKee, Sonar Head of Developer Relations & Community, shares how a Clean as You Code approach ensures quality AI-generated code.

Read now >

BuiltIn Austin

US AI Safety Institute Consortium Established to Ensure Safe AI Innovation

Sonar joins over 200 AI stakeholders to support the development and deployment of safe, trustworthy AI.

Read now >

BuiltIn Austin

56 Software Companies in Austin You Should Know

Sonar is highlighted for its strides in enabling companies to develop Clean Code with its solutions SonarLint, SonarQube, and SonarCloud.

Read now >

Austin Business Journal

Austin tech companies made 20-plus key hires in January

New Sonar CHRO, Clarissa O'Connell, is featured amongst other hires at top Austin-based companies.

Read now >

Bilanz

These young Swiss companies are just taking off

Sonar is highlighted amongst other Switzerland based scale-ups for its successful growth as the Clean Code market leader.

Read now >

The New Stack

The Trouble with Nesting Ternaries in JavaScript

Sonar Developer Advocate and JavaScript expert, Phil Nash, covers why nesting ternaries is an issue and what developers can do to eliminate the practice to produce Clean Code.

Read now >

The New Stack

7 Java Mistakes to Conquer

Sonar Developer Advocate, Jonathan Vila, dives into the most common errors in Java projects.

Read now >

SecurityWeek

Critical Jenkins Vulnerability Leads to Remote Code Execution

A critical vulnerability in Jenkins’ built-in CLI, discovered by Sonar's Vulnerability Research team, allows remote attackers to obtain cryptographic keys and execute arbitrary code.

Read now >

The Hacker News

Critical Jenkins Vulnerability Exposes Servers to RCE Attacks - Patch ASAP!

Sonar Vulnerability Research team discovers several security flaws in Jenkins.

Read now >

insideBIGDATA

Heard on the Street – 1/25/2024 - insideBIGDATA

Sonar co-CEO Tariq Shaukat discusses the importance of taking a "trust, but verify" approach when using code generated by AI.

Read now >

SolutionsReview

Data Privacy Week 2024: The Definitive Roundup of Expert Quotes

Sonar CIO Andrea Malagodi shares how data privacy today is turning into an old challenge with "new clothes" thanks to AI.

Read now >

The New Stack

The Case for 'Shifting Right'

What shifting right means and the importance of balancing shift left and shift right

Read now >

DEVOPSdigest

2024 DevSecOps Predictions - Part 2

Sonar team members share their perspectives on what is to come this year with DevSecOps trends.

Read now >

VMblog

Data Privacy Week 2024 - Cybersecurity Experts Share Security Tips

Sonar CIO Andrea Malagodi shares his perspective on what companies should keep in mind for 2024 Data Privacy Week.

Read now >

Datanami

2024 GenAI Predictions: Part Deux

Sonar Developer Advocate Phil Nash is quoted on his prediction that this year, the industry will see an overconfidence in GenAI code that will lead to generated AI vulnerabilities.

Read now >

Agenda

New EU AI Rules Will Have Global Impact

Sonar co-CEO Tariq Shaukat is quoted on the subject of the need for every company to have an AI acceptable use policy.

Read now >

Hackernoon

Unlocking Developer Productivity: The Key Is AI + Clean Code

Sonar's Head of Developer Relations & Community, Peter McKee, covers how AI is affecting software development and how to mitigate risks with it.

Read now >

BuiltIn

100 Best Places to Work in Austin, TX in 2024

Sonar is highlighted by BuiltIn in the top 100 Best Places to Work in Austin, Tx.

Read now >

SD Times

A guide to security testing tools

In this article, Sonar and its solutions SonarLint, SonarQube, and SonarCloud are highlighted for their ability to ensure Clean Code.

Read now >

Security Boulevard

Securing Networks: Addressing pfSense Vulnerabilities

In this article, recent findings by Sonar's vulnerabilities research team within the widely-used open-source Netgate pfSense firewall solution, are covered.

Read now >

LeadDev

Effectively managing junior developers on remote teams

In this article, Sonar's Head of Developer Relations & Community, Peter McKee, shares his advice on how to support junior developers grow their careers in a remote environment.

Read now >

eSecurity Planet

5 Major Cybersecurity Trends to Know for 2024

In this article, Sonar Developer Advocate Phil Nash shares his prediction for what's to come with AI in 2024.

Read now >

Safety Detectives

Interview With Fabrice Bellingard - VP of Product at Sonar

SafetyDetectives recently interviewed Fabrice Bellingard, the VP of Product at Sonar, delving into the key features of SonarLint, SonarQube, and SonarCloud.

Read now >

Database Trends and Applications

Sonar Debuts Secrets Detection for Mitigating Sensitive Information Leaks

In this article, Sonar's announcement of Secrets Detection for SonarLint, SonarQube, and SonarCloud is covered.

Read now >

IT Brew

Asking around: How will generative AI impact the workplace?

In this article, Sonar Developer Advocate Quazi Nafiul Islam shares his thoughts on the impact of generative AI in the workplace.

Read now >

DEVOPSdigest

2024 DevOps Predictions - Part 8

In this article, Sonar Developer Advocates share their predictions for 2024 trends.

Read now >

Bleeping Computer

Over 1,450 pfSense servers exposed to RCE attacks via bug chain

Sonar researchers with the aid of SonarCloud discovered three flaws impacting pfSense 2.7.0 and older and pfSense Plus 23.05.01 and older.

Read now >

Forbes

6 Predictions About Cybersecurity Challenges In 2024

In this article, Sonar Vulnerability Researcher Stefan Schiller is quoted for his 2024 prediction around hackers leveraging AI.

Read now >

The New Stack

Arming Developers with the Power of Clean Code

In this article, the benefits of following Clean Code standards to ensure a reliable, maintainable, and secure codebase are covered.

Read now >

Solutions Review

59 Data Protection Predictions from 33 Experts for 2024

In this article, Sonar Vulnerability Researcher Thomas Chauchefoin shares his 2024 prediction - AI-Assisted attacks to become more sophisticated and automated.

Read now >

Solutions Review

The Definitive Guide to Artificial Intelligence Predictions for 2024

In this article, several predictions from Sonar team members are highlighted amongst other industry experts on topic such as AI-generated code and cybersecurity.

Read now >

Unite.AI

Peter McKee, Head of Developer Relations at Sonar – Interview Series

In this article, the benefits of genAI and drawbacks to consider are covered, and the need to apply Clean Code best practices to AI-generated code.

Read now >

The New Stack

AI Will Create Demand and Empower Developers, Not Replace Them

In this article, the benefits of genAI and drawbacks to consider are covered, and the need to apply Clean Code best practices to AI-generated code.

Read now >

VMblog

Sonar 2024 Predictions: 6 Experts on the Future of Coding in the Age of AI

In this article, several predictions from Sonar team members are highlighted on topics such as genAI, security, and coding languages.

Read now >

The New Stack

The Highs and Lows of Low-Code Tools

In this article, pros and cons of low code are discussed, and the need to always keep Clean Code best practices in mind.

Read now >

DevOps.com

DevOps Dozen² 2023 Finalists Announced

Sonar is announced as a finalist for the DevOps Dozen Awards in the Best Testing Service/Tool category.

Read now >

Futuriom

FUTURIOM 50: THE 2023 STANDOUTS

Sonar is included on Futuriom's 50 list of the strongest private companies in key markets for cloud and communications infrastructure.

Read now >

DZone

Security Vulnerabilities in CasaOS

Sonar's Vulnerability Research team uncovered two critical code vulnerabilities in the personal cloud system CasaOS.

Read now >

Dice

'Tech Connects' Podcast: The Future of Clean Code

Tariq Shaukat, Sonar co-CEO, speaks with 'Tech Connects' host about how more companies are becoming software companies and the impact of genAI.

Listen now >

Digital Journal

This month the code word is ‘cybersecurity’

Sonar founder and co-CEO, Olivier Gaudin, is quoted about the need for business leaders to prioritize Clean Code as they reflect on Cybersecurity Month.

Read now >

BetaNews

Secure software depends on clean code — AI-generated or not

Sonar Head of Developer Relations and Community, Peter McKee, writes about the need for Clean Code in order to create secure software and decrease bad code.

Read now >

The New Stack

How to Get Advantages of TypeScript in JavaScript

Sonar Developer Advocate, Phil Nash, details tips and tricks for how to take advantage of TypeScript in JavaScript.

Read now >

SecurityWeekly Podcast

VSCode Vulnerabilities – Thomas Chauchefoin, Paul Gerste – PSW #804

Sonar Vulnerability Researchers Thomas Chauchefoin and Paul Gerste discuss research conducted on the security of Visual Studio Code — the most popular code editor out there.

Listen now >

SiliconANGLE

Enterprise software developers prepare for generative AI's 'productivity revolution'

In this article, Olivier Gaudin - founder and co-CEO of Sonar - is quoted on his perspective that more experienced coders will see the bigger advantages from genAI.

Read now >

Dark Reading

North Korean State Actors Attack Critical Bug in TeamCity Server

Sonar vulnerability researcher, Stean Schiller, is quoted on JetBrains TeamCity vulnerability, discovered by the Sonar research team.

Read now >

The Hacker News

Critical Vulnerabilities Uncovered in Open Source CasaOS Cloud Software

Sonar Vulnerability Research team discovers two critical security flaws in the open source CasaOS personal cloud software.

Read now >

The New Stack

What You Need to Know about Carbon, Python and Val

Sonar Developer Advocate, Phil Nash, details what developers need to consider about programming languages Carbon, Python, and Hylo.

Read now >

Forbes

Why Switzerland Thinks It Can Be Europe’s Tech Start-Up Capital

Sonar receives mention for being a Switzerland-based Unicorn in this Forbes article about the Europe tech start-up landscape.

Read now >

Solutions Review

37 Cybersecurity Awareness Month Quotes from Industry Experts in 2023

Olivier Gaudin, founder and co-CEO of Sonar, shares his perspective on Clean Code as it relates to Cybersecurity Awareness Month and the increase of genAI in code development.

Read now >

Enterprise Security Tech

Impact of AI on Cybersecurity: Pros and Cons Analyzed By Experts

In this article, Olivier Gaudin, co-CEO and founder of Sonar, shares why the world needs Clean Code and to adapt a Clean as You Code approach.

Read now >

The Last Watchdog

Black Hat Fireside Chat: Why using ‘Clean Code’ is paramount in speedy software development

Sonar's Olivier Gaudin, co-CEO and founder, and Head of R&D, Johannes Dahse, speak on The Last Watchdog podcast about the importance of Clean Code in speedy software development with quality.

Read now >

CIO Influence

October Cybersecurity Awareness Month: Top 50 IT and Security Professionals Share their Strategies

Olivier Gaudin, co-CEO and founder of Sonar, shares his perspective on Clean Code for Cybersecurity Awareness Month.

Read now >

TechRepublic

Top Security Tools for Developers in 2023

In this article, SonarQube is acknowledged as a great choice for developers needing an open source static application security testing tool to enhance security and code quality.

Read now >

VMblog

Cybersecurity Awareness Month 2023: Industry Experts Share Their Thoughts

In this article, Sonar founder and co-CEO - Olivier Gaudin - shares why organizations need to understand and adopt a Clean as You Code approach this Cybersecurity Awareness Month.

Read now >

The Hacker Mind

EP 81: HACKING VISUAL STUDIO CODE EXTENSIONS

In this podcast episode, Sonar researchers Thomas Chauchefoin and Paul Gerste discuss the state of the art of Visual Studio Code's security with Hacker Mind host Robert Vamosi.

Listen now >

Dev-Insider

Best Practices für sauberen Code ohne technische Schulden Clean Coding – ein Mittel gegen Developer-Burnout?

In this article, Sonar's Peter McKee writes about how Clean Code methods reduce workload while ensuring security, compliance, and the highest code quality.

Read now >

CyberWire

Cybersecurity Awareness Month: advice for tech companies.

In this article, Sonar founder and co-CEO - Olivier Gaudin - makes "a call for Clean Code" as organizations rethink their security this Cybersecurity Awareness Month.

Read now >

TechRepublic

3 Best DevSecOps Tools in 2023

In this article, the SonarQube solution is highlighted as a top DevSecOps tool for its support for multiple programming languages to improve code quality and enhance security.

Read now >

BuiltIn ATX

Built In Austin’s 9 Featured Companies of the Month

In this article, Sonar is recognized for its accomplishments and success as an innovative company in Austin, Texas.

Read now >

HackRead

JetBrains Patches Severe TeamCity Flaw Allowing RCE and Server Hijacking

Sonar researcher Stefan Schiller is acknowledged for discovery of a critical-severity authentication bypass vulnerability in the TeamCity CI/CD server.

Read now >

SC Media

Server hijacking likely with exploitation of critical TeamCity vulnerability

In this article, a critical TeamCity vulnerability is detailed, as discovered by Sonar's vulnerability research team.

Read now >

Hacker News

Critical JetBrains TeamCity Flaw Could Expose Source Code and Build Pipelines to Attackers

In this article, Sonar researchers share their discovering of a critical vulnerability in JetBrains TeamCity.

Read now >

SecurityWeek

In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover

A critical vulnerability in the TeamCity CI/CD server, discovered by the Sonar Vulnerability Research team could allow unauthenticated attackers to execute code and take over vulnerable servers.

Read now >

Decipher

TeamCity users urged to apply fix for Critical Flaw

Sonar researchers discovered a critical security vulnerability in TeamCity, a popular Continuous Integration and Continuous Deployment (CI/CD) server from JetBrains.

Read now >

L'Agefi

SonarSource, inflation, BNS: les trois mots-clés de la semaine

Sonar's appointment of new co-CEO, Tariq Shaukat, is covered in L'Agefi's top three news moments from the week.

Read now >

DBTA

SonarCloud Debuts Open Source, Zero-Configuration, Automatic Analysis for C and C++ Projects

Sonar, the Clean Code solution provider, is announcing a new capability for its SonarCloud platform: Zero-configuration, automatic analysis for programming languages C and C++.

Read now >

VMblog

Sonar Delivers Zero-Configuration Analysis of C and C++ Projects

New zero-configuration, automatic analysis for programming languages C and C++ within SonarCloud enables GitHub hosted projects to be analyzed in one click, and it works with all compilers.

Read now >

DEVOPSdigest

Sonar Announces Zero-Configuration Analysis of C and C++ Projects

Sonar announced zero-configuration, automatic analysis for programming languages C and C++ within SonarCloud, enabling C and C++ projects hosted on GitHub to be analyzed by SonarCloud in one click.

Read now >

L'Agefi

With the ex-president of Bumble, SonarSource aims for a billion in turnover

The Geneva unicorn has recruited a co-CEO who combines commercial and software skills in order to accelerate its development. Tariq Shaukat was at the helm of the dating app when it debuted on the Nasdaq.

Read now >

Bloomberg Markets

Expect More Durable Companies to Come to Market: Shaukat

Co-CEO of Sonar, Tariq Shaukat, discusses IPO tech landscape and the importance of growing profitability with durability.

Watch now >

Bloomberg Markets

Bloomberg Markets: The Close 09/12/2023

Recently appointed co-CEO of Sonar, Tariq Shaukat, joins Bloomberg Markets "The Close" to discuss his new role and the IPO tech market (at 25-minute mark).

Watch now >

Austin Business Journal

After helping Bumble IPO, Tariq Shaukat named co-CEO of $4B coding company

Tariq Shaukat joins Sonar as co-CEO to work alongside Founder and CEO, Olivier Gaudin, to take company through next phase of growth.

Read now >

insideHPC

Former Google Cloud President Tariq Shaukat Joins Sonar as Co-CEO

Sonar announced that Tariq Shaukat has joined the company as co-CEO and a member of the Board of Directors. The company said Shaukat will lead the company with founder and CEO Olivier Gaudin.

Read now >

TechStrong TV

Insecure Code: Software Makers May Be Held Liable with New Legislation

Peter McKee, Head of Developer Relations & Community at Sonar, speaks with TechStrong TV's Alan Shimel about the future of DevOps and the importance of Clean Code.

Listen now >

Forbes

What Large Models Cost You – There Is No Free AI Lunch

The cost of generative AI is hitting businesses. Building and training LLMs can be prohibitively expensive. Sonar's Olivier Gaudin says “LLMs get bigger, not smarter."

Read now >

SD Times

Insecure Code: Software Makers May Be Held Liable with New Legislation

Sonar CMO Manish Gupta covers the Biden National Cybersecurity Strategy, how it places more legal responsibility on software makers, and how Clean Code can help.

Read now >

GovInfoSecurity

Securing Applications, Accelerating DevOps With Clean Code

In this video interview, Sonar CEO & co-founder Olivier Gaudin discusses Clean Code strategies for addressing dirty code and legacy issues, and how to increase output and quality of DevOps teams.

Listen now >

SecurityGuyTV

Discovering Hidden Security Issues in Code with Sonar; Deeper SAST

In this interview, Sonar CEO & co-founder Olivier Gaudin, and Sonar Head of R&D Johannes Dahse, discuss the announcement of deeper SAST and what is Clean Code.

Listen now >

CRN

20 Hottest New Cybersecurity Tools At Black Hat 2023

In this article, vendors showcasing new products are highlighted. Sonar's deeper SAST is featured at number 12.

Read more >

Help Net Security

New infosec products of the week: August 4, 2023

In this article, Help Net Security takes a look at the most interesting products from the week of August 4th, including Sonar's deeper SAST.

Read more >

VMblog

Sonar's New, Powerful Deep-Analysis Capability Finds Hidden Code Level Security Issues

Sonar announced a significant advancement of its Clean Code offering - developers can now automatically discover and fix code security issues with deeper SAST.

Read more >

SD Times

Sonar new SAST tool includes support for thousands of open-source libraries

In this article, Sonar's announcement of deeper SAST is featured. The update to the Sonar platform makes it easier for developers to write Clean Code.

Read more >

Help Net Security

Sonar's new deep-analysis capability discovers and fixes code security issues

Sonar announced a significant advancement of its Clean Code offering – developers can now automatically discover and fix code security issues arising from interactions between user source code and third-party, open-source libraries.

Read more >

The New Stack

Bad Code Stalls Developer Velocity

Sonar's Head of Developer Relations, Peter McKee, covers how a Clean as You Code approach ensures quality cod is developed quickly, without having to backtrack to remediate old errors.

Read more >

The New Stack

What is Clean Code?

Sonar VP of Product, Fabrice Bellingard, details how embracing Clean Code principles enables organizations to enhance the efficiency of their DevOps workflow.

Read more >

Security Week

OpenMeetings Flaws Allow Hackers to Hijack Instances, Execute Code on Servers

Three vulnerabilities in Apache OpenMeetings could be exploited by attackers to take over an administrator account and execute arbitrary code remotely, according to Sonar's vulnerability research team.

Read more >

Dark Reading

Meet the Finalists for the 2023 Pwnie Awards

Sonar vulnerability researchers Thomas Chauefoin and Stefan Schiller receive Pwnie Awards nominations for research on vulnerabilities in Check_mk, and the security of the PHP supply chain and Composer.

Read more >

The Cyberwire

It pays to malvertise. MOVEit vulnerability remediation. Ransomware trends. FSB cyberespionage. Influence operators taken down.

The Cyberwire Daily Briefing newsletter highlights new original research from Sonar that spotlights the millions of dollars businesses lose when they fail to implement an optimal approach for software development.

Read more >

Dark Reading

Apache OpenMeetings Wide Open to Account Takeover, Code Execution

Sonar threat researcher Stefan Schiller shares insights on the three security vulnerabilities found in Apache OpenMeetings.

Read more >

The Hacker News

Apache OpenMeetings Web Conferencing Tool Exposed to Critical Vulnerabilities

Sonar research team finds multiple security flaws in Apache OpenMeetings that could be potentially exploited to seize control of admin accounts and run malicious code on susceptible servers.

Read more >

RT Insights

In the Era of Modern Apps, Clean Code is Key to Customer Satisfaction

Sonar VP of Products, Fabrice Bellingard, shares how embracing Clean Code practices guarantees that developers can create modern apps that deliver.

Read more >

DZone

Why ORMs and Prepared Statements Can't (Always) Win

Sonar Vulnerability Researcher, Thomas Chauchefoin, writes about several SQL injection vulnerabilities discovered in Soko, a software deployed on the Gentoo Linux infrastructure.

Read more >

The Hacker News

Critical SQL Injection Flaws Expose Gentoo Soko to Remote Code Execution

Sonar research team uncovers multiple SQL injection vulnerabilities in Gentoo Soko that could lead to remote code execution (RCE) on vulnerable systems.

Read more >

Security Affairs

Critical SQL Injection flaws in Gentoo Soko can lead to Remote Code Execution

Sonar researchers identify two SQL injection vulnerabilities in Gentoo Soko that can be exploited by a remote attacker to execute arbitrary code on vulnerable systems.

Read more >

DevOps Digest

Clean Code and Software Development: Maximizing Efficiency and Maintainability in Uncertain Times

Sonar's Head of R&D, Johannes Dahse, details two ways that Clean Code can help address current challenges developers face today.

Read more >

InformationWeek

DOS Won’t Hunt: Is AI Better Than Low Code/No Code for Developers?

Sonar CEO Olivier Gaudin brings up some points to consider as generative AI becomes part of the software development cycle.

Read more >

DEVOPSdigest

Cleaning as You Code Is the Only Way to Truly Shift Left

In this article, Sonar's Head of R&D covers how to truly shift left, developers must be able to clean-as-they-code.

Read more >

SecurityWeek

Pimcore Platform Flaws Exposed Users to Code Execution

In this article, Sonar's R&D team warns that newly patched vulnerabilities in the Pimcore platform bring code execution risks.

Read more >

DZone

How the Wrong Content Type Introduced a Vulnerability in Odoo

In this article, Sonar's R&D team provides an overview of content types and how a minor error resulted in a vulnerability in Odoo.

Read more >

BuiltIn ATX

Companies Fostering a Sense of Belonging During Onboarding

BuiltIn Austin asked SonarSource, LogicMonitor, Tecovas, Episode Six and Semrush how they make new hires feel welcome.

Read more >

Agile Noir

Clean as You Code with SonarQube

In part three of this series for the Agile Noir podcast, Lance Kind speaks with Sonar VP of Products, Fabrice Bellingard about the importance of code quality and how SonarQube can help developers maintain clean code.

Read more >

DZone

Empowering Weak Primitives: File Truncation to Code Execution With Git

In this article, SonarSource's R and D team discusses how they discovered a code vulnerability that allows you to truncate arbitrary files to execute arbitrary commands.

Read more >

BuiltIn ATX

Hiring Now: Sonar Is Building a Team That’s Passionate About Clean Code

This Austin company is building out a team of tech professionals who are passionate about clean code.

Read more >

Agile Noir

SonarQube Helps Development Teams Clean their Code

In part two of this series for the Agile Noir podcast, Lance Kind speaks with Sonar VP of Products, Fabrice Bellingard about how SonarQube helps developers clean their code.

Listen Now >

Agile Noir

Why 7 million developers have their code analyzed by SonarQube

In part one of this series for the Agile Noir podcast, Lance Kind speaks with Sonar VP of Products, Fabrice Bellingard about why developers have their code analyzed by SonarQube.

Listen Now >

DZone

Malicious Message Leading To E-Commerce Takeover

In this article, Sonar's research and development team presents the root cause analysis of two Cross-Site Scripting bugs.

Read More >

Devops

Avoiding Developer Burnout With Clean Code Best Practices

Employee burnout is common in the tech industry, especially for developers. In fact, 83% of software developers feel burnt out from their work and of those, nearly half of them feel...

Read More >

CyberNews

Southwest Airlines incidents prove companies need to deal with technical debt – now

Thousands of US organizations are running on outdated software. This kind of failure to address technical debt is a recipe for a disaster – and it’s already costing trillions. Clean as You Code to the rescue.

Read More >

Website Planet

Meet SonarSource: Top-Class Solutions For Code Quality Management

Check out this interview with Manish Gupta, CMO at SonarSource, a leading provider of clean code solutions. The interview covers the company’s story, the benefits of using clean code when building websites, and what’s in the future of coders with the recent developments in AI technology.

Read More >

Venture Beat

Source Code Must Become a C-level Priority

Organizations have long realized how important their software is to their business. But they’re now fully realizing just how critical their software’s source code is. Sonar's CEO, Olivier Gaudin, explains.

Read More >

Help Net Security

SonarQube 9.9 LTS Empowers Organizations to Boost the Quality of Their Code

Sonar has launched SonarQube 9.9 Long-Term Support (LTS) that empowers organizations to achieve the Clean Code state securely and at scale.

Read More >

VM Blog

Sonar Launches SonarQube 9.9 LTS to Help Organizations Achieve a State of Clean Code

Sonar has launched SonarQube 9.9 Long-Term Support (LTS). The new release empowers organizations to achieve the Clean Code state quickly, securely, and at scale.

Read More >

Journal of Cyber Policy

Sonar Launches SonarQube 9.9 LTS to Help Organizations Achieve a State of Clean Code

SonarQube 9.9 LTS offers accelerated pull request analysis, support for building and deploying secure cloud-native applications, sophisticated enterprise-grade capabilities, and many innovations related to the detection engine and contextual education.

Read More >

DevOps Digest

SonarSource Launches SonarQube 9.9 LTS

Sonar’s latest 9.9 LTS release introduces key capabilities to enable enterprises to build better software in a sustained manner - with accelerated pull request analysis, support for building and deploying secure cloud-native applications, sophisticated enterprise-grade capabilities, and many innovations related to the detection engine and contextual education.

Read More >

SD Times

SonarQube 9.9 LTS Helps Organizations Produce Clean Code

Sonar’s release of SonarQube 9.9 Long-Term Support (LTS) aims to help organizations clean their code quickly with accelerated pull request analysis, support for building and deploying secure cloud-native applications, and more.

Read More >

Spiceworks

Retain Your Development Talent with The Power of Clean Code

Employee burnout is very common in the technology industry, especially for developers. However, companies can avoid developer burnout with the power of clean code practices, explains Fabrice Bellingard, VP of products at SonarSource.

Read More >

Make Use Of

What Is SonarQube? 5 Key Features for Programmers

Many tools and platforms are available in the programming world, and here’s one you should add to your toolbox: SonarQube. The following key features of SonarQube will help you to overcome your coding difficulties and improve your programming skills.

Read More >

App Developer Magazine

Why Sonar is Growing So Much

Announcing record growth in developer and enterprise customer adoption in FY22, Sonar has added 5,000 paying customers in 11 months, supporting 21,000 enterprise customers including over 75% of Fortune 100 and nearly half of Fortune 500 companies.

Read More >

CPO Magazine

Protect Developer Tools Against Growing Vulnerability Threat

Over the past couple of years, developers have been increasingly targeted by attackers, with dozens of events occurring. These bad actors are targeting devs with the tools they depend on to build code.

Read More >

The Empathetic Marketer

[Podcast] Increasing Audience Reach Using Effective Marketing Strategies with Manish Gupta

Listen as Manish Gupta, Chief Marketing Officer at Sonar, talks about creating intent-based campaigns to get your message across to audiences that are increasingly sensitive to overused marketing ploys.

Listen Now >

Techstrong

[Video] Critical Vulnerabilities in the IT Monitoring Tool

Watch as Stefan Schiller, a vulnerability researcher at SonarSource, explains how SonarSource determined an attacker can escalate to the Checkmk automation user by exploiting an authenticated arbitrary file read in NagVis.

Read More >

Devopsdigest

2023 DevOps Predictions - Part 3

Industry experts offer thoughtful, insightful, and often controversial predictions on how DevOps and related technologies will evolve and impact business in 2023 - including source code as a key strategic asset.

Read More >

The New Stack

Interest Growing in Dart and Flutter for Mobile

Dart and Flutter are finally getting their day as more software engineers explore using Flutter for mobile app development.

Read More >

Enterprise Security Tech

Exec Threat Overview: CVE-2022-30129

Johannes Dahse, Head of R&D at Sonar, explains a Remote Code Execution vulnerability (CVE-2022-30129) that was discovered in one of the most popular IDEs: Visual Studio Code.

Read More >

Console.Dev

Interview with Olivier Gaudin

CEO of Sonar, Olivier Gaudin, speaks to console.dev about getting into software, the beginnings of Sonar, the company structure, development challenges, tools, clean code, and more!

Read More >

Computer Weekly

SonarSource: Google’s Carbon language is a successor, not a replacement, for C++

Phil Nash explains that, despite popular belief, Google’s open source Carbon programming language is not a strict replacement for C++. The important distinction is that it is intended to be used alongside C++.

Read More >

DZone

JavaOne 2022: Java Continues to Evolve

The Java development team looks at the evolution of hardware and software to innovate and maintain its relationships with the developer community, and insights from the 2022 JavaOne conference.

Read More >

BetaNews

[Q&A] How Clean Code Can Help Developers Prevent Vulnerabilities

Every year, thousands of code vulnerabilities are discovered, patched, and publicly disclosed to improve security for current and potential users. What can developers do to write better code that prevents vulnerabilities from entering their apps and services in the first place?

Read More >

Techstrong

[Video] C++ and the Carbon Programming Language

Watch as Phil Nash, one of the original authors of the C++ test framework and a software engineer for SonarSource, explains how the Carbon programming language created by Google intertwines with C++

Read More >

CRN

Sonar expands the Clean Code movement to Asia Pacific

The leading platform for Clean Code will grow its user community and customer base across the entire region including ASEAN, ANZ, South Korea, China, and India.

Read More >

Dev Insider

[German] 10 unbekannte Sicherheitslücken in Python

Viele Entwickler nutzen Python und vertrauen darauf, dass es einen soliden Security-Level bietet.

Read More >

Bleeping Computer

Zimbra Bug Allows Stealing Email Logins with No User Interaction

Technical details have emerged on a high-severity vulnerability affecting certain versions of the Zimbra email solution that hackers could exploit to steal logins without authentication or user interaction.

Read More >

TechZone360

5 Development Tools Every Tech Engineer Should Have Access To

As a tech engineer, it is vital to have access to the right tools so you can create innovative products that make our lives easier. This blog post will discuss five development tools that every tech engineer should access!

Read More >

Techcrunch

Sonar raises $412M to scan codebases for bugs and vulnerabilities

Sonar, whose technology detects reliability and vulnerability issues in code, announced a funding round leading to a $4.7 billion valuation.

Read More >

Reuters

Coding platform Sonar valued at $4.7 bln after latest funding

Sonar intends to use the funds to double its salesforce this year and expand the company's marketing team across its international offices...

Read More >

MA RTS

[French] La start-up genevoise Sonar lève 412 millions et devient "quadruple licorne"

L'entreprise informatique genevoise Sonar a annoncé une capitalisation de 4,7 milliards de dollars, avec l'arrivée de nouveaux investisseurs américains.

Read More >

Austin American-Statesman

Software company has big plans for Austin, aims to double employee count

Sonar, which operates its U.S. headquarters in Austin, says it is gearing up for growth in Austin after landing a significant infusion of capital...

Read More >

SecurityWeek

CISA Warns of Attacks Exploiting Recent Vulnerabilities in Zabbix Monitoring Tool

The United States Cybersecurity and Infrastructure Security Agency (CISA) this week expanded its Known Exploited Vulnerabilities Catalog with two critical flaws in the Zabbix enterprise monitoring solution.

Read More >

The Record

Unpatched bug allows takeover of Horde webmail accounts, servers

Discovered by Sonar vulnerability researcher Simon Scannell, the vulnerability has existed in the Horde webmail app since late 2012...

Read More >