4 Leadership Lessons From a $200 Million, Fast-Growing, Profitable Startup
Adapt your business model to scarce capital, build on your strengths, and overcome your weaknesses.
SONAR COVERAGE
The latest in integrated code quality and security coverage
News articles covering Sonar, AI coding, research from the Sonar R&D team, Sonar executive perspective, and more
TechStrong TV
Boosting Developer Innovation: Harry Wang on AI, Software Quality, and Security
Harry Wang, Sonar's Chief Growth Officer, discusses the impact of AI on software quality and security, how to successfully adopt and measure AI, and how AI is being used at Sonar.
Read now >
Security Week
Industry Reactions to Trump Cybersecurity Executive Order: Feedback Friday
Sonar's VP of Public Sector, Nathan Jones, offers insight on the new cybersecurity EO and why embedding security directly into the development process with a focus on quality is crucial.
Read now >
The New Stack
Using AI for Test Generation: Powerful Tool or Risky Shortcut?
Sonar Developer Advocate, Jonathan Vila Lopez, details how developers can use AI for test generation effectively, reaping its benefits without compromising code quality.
Read now >
The New Stack
Vibe Coding: Fad, Future or Folly?
Sonar Developer Advocate, Liz Acosta, digs into what vibe coding is, the allure and downside of it, and best practices for developers to harness the power of AI.
Read now >
Building Texas Business
Navigating Innovation and Culture with Clarissa O'Connell and Lynne Doherty
Sonar's CHRO and President of Field Operations sit down with Building Texas Business' host Chris Hanslik to talk about how Sonar is growing in Austin, the company's culture of CODE, Austin as a thriving tech city, and how Sonar is innovating in today's AI landscape.
Read now >
InfoWorld
7 ways to improve your AI coding results
Harry Wang, Chief Growth Officer at Sonar, provides insight on the importance of testing AI-generated code and what the future of software development will look like — human-defined, AI-developed, AI-verified, and human-approved.
Read now >
InfoWorld
What we know now about generative AI for software development
Sonar's CTO, Andrea Malagodi, shares why its importance to take a 'trust and verify' approach to ensure all code—AI-generated or human-written—meets quality and security requirements, and the user experience is not disrupted.
Read now >
Newsweek
Global Most Loved Workplaces 2025
Sonar is recognized as a top 100 global company company for its culture that has employees feeling respected, empowered and inspired to do their best work.
Read now >
InfoWorld
The tough task of making AI code production-ready
SonarQube is recognized as an AI-enhanced quality scanning tool, with its ability to flag and even automatically fix common coding issues before they merge into a project.
Read now >
Forbes
20 Expert Tips For Adopting DevSecOps In Regulated Industries
Sonar CEO Tariq Shaukat shares that, to enable developers to improve the quality and security of all code—human and AI-generated—during the coding process, you need to give developers the right tools. This vastly improves developer productivity and saves countless hours for security teams.
Read now >
AI Tech Park
AITech Interview with Harry Wang, Chief Growth Officer, Sonar
Sonar's Harry Wang details the AI accountability crisis and how Sonar is addressing this issue in the software development industry, how to balance the need for fast development with the importance of maintaining high-quality and secure code, and more.
Read now >
CRN
2025 Women of the Channel
Sonar's President of Field Operations is recognized as a CRN Woman of the Channel for her insight and influence to help drive channel success.
Read now >
CIO.com
Rethinking digital transformation for the agentic AI era
Sonar's Andrea Malagodi shares his perspective on where to evaluate the potential of generated AI.
Read now >
InfoWorld
Knowing when to use AI coding assistants
Sonar Chief Growth Officer Harry Wang shares perspective on AI coding assistants and how they can benefit developers by augmenting their routine and repetitive tasks.
Read now >
Security Boulevard
Data in Danger: Detecting Cross-Site Scripting in Grafana
Sonar Vulnerability Team discusses risks of Cross-Site Scripting (XSS) vulnerabilities within Grafana, reported by SonarQube, and outlines how to detect and mitigate these potential security threats to protect sensitive data.
Read now >
HostingAdvice
Good Vibes or Bad? Experts Weigh In on the AI Trend That Could Shake Hosting Security
Sr. Director of Product & Solutions at Sonar, Manish Kapur, shares insights on vibe coding with AI, emphasizing the need of validating AI-generated code for quality, security, and maintainability.
Read now >
The Edge Singapore
How AI-powered coding is revolutionising software development
Sonar's Marcus Low discusses how AI-powered coding tools are transforming software development by automating tasks, improving code quality, accelerating development cycles, and potentially reshaping the roles of developers.
Read now >
The New Stack
Seven Habits of Highly Effective AI Coding
Sonar CEO Tariq Shaukat writes about seven AI coding “habits” that organizations should adopt to ensure code security and long term maintainability.
Read now >
Fallthrough Podcast
Translating The Law for Software Engineers
Sonar VP of Legal Product & Policy, Luis Villa discusses about EU's Cyber Resilience Act, interpreting the law, legal complexities, artificial intelligence, and more.
Read now >
Built by People
Clarissa O'Connell, Chief Human Resources Officer at Sonar
Sonar CHRO Clarissa O'Connell sits down with host Dave D'Angelo to discuss her career journey, leadership approach, and practices.
Read now >
Open Source Security Podcast
CRA with Luis Villa
Sonar VP of Legal Product & Policy, Luis Villa shares insights on Cyber Resilience Act and the landscape of open source software development for developers.
Read now >
VentureBeat
The risks of AI-generated code are real — here’s how enterprises can manage the risk
Sonar CEO Tariq Shaukat shares insights on the challenge of AI-developed code for enterprises, as Sonar mentioned as a helpful SCA vendor.
Read now >
DEVOPSdigest
Sonar Announces SonarQube Advanced Security
Sonar's upcoming availability of SonarQube Advanced Security is the first step in integrating Sonar’s recent acquisition of Tidelift and its unique, proactive approach to improving third-party code quality and code security.
Read now >
VMblog
Sonar Extends Code Security Coverage with SonarQube Advanced Security
Sonar's new, enhanced security offering, SonarQube Advanced Security, gives developers unprecedented visibility to find and fix security issues as they code.
Read now >
Security Boulevard
Announcing SonarQube Advanced Security
Sonar now provides one integrated code quality and code security analysis solution for all code – first-party, third-party open source, and AI-generated code – with SonarQube Advanced Security.
Read now >
DBTA
Sonar Ushers in Support for Third-Party, Open Source Code Analysis and Security
Sonar unveils SonarQube Advanced Security, delivering the first fully integrated solution for developers to find and fix code quality and code security issues in the development phase of SDLC.
Read now >
DevOps.com
Sonar Combines SAST and SCA Tools in Single Offer
Sonar reveals an offering that combines its Static Application Security Testing (SAST) tool with the software composition analysis (SCA) tools it gained with the acquisition of Tidelift.
Read now >
GigaOm CEO Speaks Podcast
CEO Speaks with Tariq Shaukat
Sonar CEO Tariq Shaukat talks with host Ben Book about his journey in the industry, entrepreneurship, and what being leader in tech means today.
Read now >
SiliconANGLE
Sonar expands SonarQube with advanced security for third-party open-source code
Sonar announces the upcoming release of SonarQube Advanced Security, a new offering that will extend Sonar's analysis capabilities to include third-party open source code.
Read now >
NextTech Today
Sonar Acquires AutoCodeRover to Revolutionize Software Dev
Sonar acquired AutoCodeRover, an AI platform from NUS, to enhance software development with automation and reduced costs, enabling developers to work smarter, faster, and more efficiently.
Read now >
Mirage News
Sonar Acquires AutoCodeRover, Boosts AI Software Dev
AutoCodeRover, an autonomous AI agent platform for software development has been acquired by Sonar to enhance the capabilities and efficiency of software developers.
Read now >
AI Reporter America
Singapore’s NUS-Developed AI Platform AutoCodeRover Acquired by Sonar to Transform Software Development
Sonar's acquisition integrates AutoCodeRover’s AI agent technology into Sonar’s ecosystem, accelerating automated code remediation, enhancing developer efficiency, and creating new R&D jobs in Singapore.
Read now >
NUS NewsSO
NUS-spinoff technology AutoCodeRover acquired by Sonar, accelerating AI-driven software development
Sonar's acquisition of AutoCodeRover highlights the real-world impact of NUS’ research with the innovative platform boosting Sonar’s AI-agent-based code development, driving innovation in software engineering and agentic AI.
Read now >
ALM/Law.com
Fast-Growing DevOps Company Hires CLO With IPO Experience
Sonar hires Eyal Ben David as chief legal officer, bringing aboard a legal executive with deep experience in scaling legal teams.
Read now >
KrASIA
Deals in brief: Edge Tutor and Techcoop raise funding, Airtree Ventures backs Twine, GCL acquires stake in Nekcom Games, and more
Sonar's acquisition of AutoCodeRover strengthens its AI capabilities, enabling automation in debugging, issue remediation, and code refactoring.
Read now >
Forbes
The CEO’s Guide To Pricing: Balancing Value, Cost, And Customer Needs
Sonar CEO Tariq Shaukat shares insights on integrating a pathway with free offerings for customers to access advanced capabilities with free offerings and expanded services as their needs grow.
Read now >
Security Boulevard
8 Reasons to Try SonarQube Free Tier
Sonar highlights 8 features from the SonarQube Cloud Free tier, from extensive language support and advanced security analysis, that are designed to enhance developer experience.
Read now >
Forbes
Sonar Bets On AI Code Automation With AutoCodeRover Acquisition
Sonar’s acquisition of AutoCodeRover marks a strategic move to integrate agentic AI into enterprise software development.
Read now >
Solutions Review
Top Worktech News From the Week of February 21st: Updates from Planview, ECI Software Solutions, Sonar, and More
Sonar's acquisition of AutoCodeRover aims to enhance Sonar’s offering with a “sophisticated” foundation capable of automatically addressing real-world engineering issue.
Read now >
Tech Edition
Sonar acquires AutoCodeRover to boost AI-powered software development
Sonar acquires AutoCodeRover to enhance AI-powered coding, automate debugging, improve security, and speed up software development.
Read now >
AI Tech Park
Sonar Acquires AutoCodeRover to Supercharge Developers with AI Agents
Sonar acquires AutoCodeRover, an autonomous AI agent platform for software development, to amplify the impact of developers and AI agents together to build better, faster.
Read now >
National University of Singapore
The Future of AI in Software Development: How AutoCodeRover is Changing the Game
Abhik Roychoudhury shares his insights on AutoCodeRover, an AI system that not only writes code but also understands, improves, and debugs existing codebases in the changing landscape of software development.
Read now >
TNGlobal
Switzerland's Sonar acquires Singapore's autonomous AI agent platform AutoCodeRover
Sonar's acquisition of AutoCodeRover, one of the pioneering large language model (LLM) agents for coding and code maintenance, to help developers accelerate development with AI agents.
Read now >
Startup Rise
Sonar Acquires AutoCodeRover to Supercharge Developers with AI Agents
Sonar acquires Singapore-based AutoCodeRover to enhance Sonar's offerings in addressing real-world engineering issues such as debugging, issue remediation, and code refactoring.
Read now >
VMblog
Sonar Acquires AutoCodeRover to Supercharge Developers with AI Agents
Sonar announces acquisition of an autonomous AI agent platform for software development, AutoCodeRover, to invest in AI to help developers and organizations build high-quality, secure applications more effectively.
Read now >
DEVOPSdigest
Sonar Acquires AutoCodeRover
Sonar acquires AutoCodeRover, an LLM agents for coding and code maintenance with strong results on SWE-bench, to enhance Sonar's offerings to automatically address real-world engineering issues.
Read now >
e27
Sonar acquires NUS spin-off AutoCodeRover to automate code reviews and debugging
Sonar acquires AutoCodeRover to enhance developer productivity and improve software development processes using AI.
Read now >
TechStrong TV
Harry Wang on Sonar’s Acquisition of AutoCodeRover
Sonar VP of Growth and New Ventures, Harry Wang, speaks with TechStrong TV's Alan Shimel about the acquisition of AutoCodeRover and empowering developers in software development with AI agents.
Read now >
L‘Agefi
Sonar mise sur l'IA avec le rachat d'AutoCodeRover
Geneva Nugget Sonar acquires AutoCodeRover, a Singaporean start-up specializing in AI for bug correction, with integration into SonarQube offerings to improve code quality.
Read now >
CIO
Sonar analyzes code for quality, security metrics for developer teams
Harry Wang, VP of Growth and New Ventures at Sonar sits down with the host Keith Shaw to highlight key features of the SonarQube offerings, including quality gate, generative AI fix, and more.
Read now >
SiliconANGLE
Sonar buys AutoCodeRover to enhance its code quality tools with autonomous AI agents
Sonar acquires AutoCodeRover to integrate with SonarQube's AI-powered tools and enable its customers to automate tasks such as debugging and issue remediation with AI agents.
Read now >
Austin American-Statesman
Austin software development company Sonar acquires autonomous AI agent
Sonar CEO Tariq Shaukat discusses integrating AI agents to assist developers' code and better address engineering issues by acquiring AutoCodeRover.
Read now >
AI Today
AutoCodeRover Deal to Drive Sonar’s AI-Powered DevOps Growth
Sonar VP of Growth and New Ventures Harry Wang shares insights with ISMG's Michael Novinson on acquiring AutoCodeRover to embed AI-driven software remediation, address technical debt, and supercharge developers.
Read now >
Enterprise Times
Sonar acquires AutoCodeRover to boost code quality capabilities
Sonar announces the acquisition of AutoCodeRover, the autonomous AI agent platform for software development, to deliver strong AI capabilities for code quality and security.
Read now >
Security Boulevard
SonarQube Server Wins DEVIES Award for Code Testing & Quality Management
Sonar receives recognition from the 2025 DEVIES Award, with the SonarQube Server honored in the DevOps: ode Testing & Quality Management category for delivering top-tier code quality and security solution.
Read now >
Tracxn
List of 12 unicorn startups in Switzerland (Feb, 2025)
Sonar has been named one of Switzerland's highly innovative unicorn startups for applications and services providing automated code quality analysis and code review solutions.
Read now >
Security Boulevard
Sonar Earns SOC 2 Type II Compliance
Sonar has been certified as SOC (Service and Organization Controls) 2 Type II Compliance, assurance of security, confidentiality, and availability in meeting top industry data protection standards to maintain trust of our users.
Read now >
Security Boulevard
9 More Reasons to Upgrade to SonarQube Server 2025.1 LTA
Sonar details 9 features from the latest SonarQube Server LTA, from auto-provisioning to importing external issue reports, that can upgrade developers' experience.
Read now >
SC Media
1-click RCE possible by combining vulnerabilities in Voyager PHP
Sonar Vulnerability Research reports three flaws that could result in one-click remote code execution (RCE) in the Voyage open-source PHP admin panel, followed by discovering additional bugs in further research.
Read now >
The Hacker News
Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits
Sonar Vulnerability Researcher discovers three security flaws in the open PHP package Voyager that attackers could exploit to execute arbitrary orders on the server when an authenticated user clicks on a malicious link.
Read now >
VMblog
Sonar 2025 Predictions: Ensuring Code Quality in the Age of AI
Sonar CIO Andrea Malagodi shares perspectives on embracing automated testing tools and a "trust and verify" approach to ensure quality and security stay intact as they should take center stage for organizations under AI code generation in 2025.
Read now >
DBTA
Sonar Empowers Developers with SonarQube Server LTA Release to Integrate AI in the Software Development Lifecycle
Sonar introduces advanced features and enhancements in the SonarQube Server LTA, accelerating safe AI adoption in SDLC and enhancing security measures and analysis speed.
Read now >
AI Tech Park
Sonar Supercharges Developers with SonarQube Server LTA Release
Sonar delivers powerful AI capabilities, sophisticated security improvements, and streamlined developer productivity in its latest SonarQube Server 2025. 1 LTA to enhance code security and improve overall software quality.
Read now >
DEVOPSdigest
Sonar Introduces SonarQube Server LTA Release
Sonar's latest SonarQube Server 2025.1 LTA introduces a range of advanced features and enhancements, including AI capabilities, security measures, and language support, designed to integrate the use of AI in the Software Development Lifecycle (SDLC)
Read now >
Security Boulevard
SonarQube Server 2025.1 LTA Release Announcement
Sonar releases new SonarQube Server LTA to supercharge developer productivity with high-impact AI enhancements, security innovations, new language support and more.
Read now >
Weirdware
Code quality company Sonar to acquire Tidelift supply chain security
Sonar acquired Tidelift to incorporate open-source libraries into its coverage, delivering a complete solution for code quality and security.
Read now >
Built In
86 Software Companies in Austin You Should Know
Sonar is listed as a software company that helps developers and engineers accomplish tech innovations in Austin, providing tools to build software products that meet clean code standards.
Read now >
Built In
51 Top Tech Companies in Texas You Should Know
Sonar is recognized as a top tech company in Texas by Built In for its developer tools and open-source solutions that help reduce technical debt.
Read now >
DevOps.com
How CIOs can Implement and Execute an Effective AI Coding Strategy
Sonar's CIO, Andrew Malagodi, shares strategic approaches to using AI, including "trust and verify" and standardization, to enhance developers' productivity in software development and drive business success.
Read now >
Security Boulevard
SonarQube for IDE: Our journey this year, and sneak peek into 2025
The SonarQube for IDE team highlights the enhancements made in 2024 to improve the developer experience and more to come, such as new language analysis, in 2025.
Read now >
The New Stack
Code Quality Becomes Even More Vital in the AI Era
Sonar Developer Advocate, Jonathan Vila, shares advice on using automated tools and best practices, like the "start left" approach, to prevent bad code and enhance productivity and security in software development.
Read now >
SC Media
Cybersecurity in 2025: Agentic AI to change enterprise security and business operations in year ahead
Tariq Shaukat, CEO of Sonar, predicts that software will become a critical business asset as AI-generated software development continues to gain steam and how the "trust and verify" approach can help.
Read now >
Tech Times
Top 5 Best Static Code Analysis Tools in 2025
In this article, SonarQube is acknowledged as a top static code analysis tool for outstanding features designed to ensure high-quality code, including AI-powered tools and support for 30+ programming languages.
Read now >
SC Media
2025 Forecast: AI to supercharge attacks, quantum threats grow, SaaS security woes
Sonar CIO Andrea Malagodi shares insights on how AI-generated code and testing tools can amplify developers' productivity with a "trust and verify" approach.
Read now >
The New Stack
AI-Generated Code Requires a ‘Trust and Verify’ Approach
Sonar's Manish Kapur shares insights about integrating AI coding assistants into the developer workflow with the help of automated tools like SonarQube.
Read now >
DEVOPSdigest
2025 DevOps Predictions - Part 3
Sonar CEO Tariq Shaukat shares his prediction of how more organizational leaders will put "software as a critical business asset" to the top of their agenda.
Read now >
PitchBook
Global exit & IPO news for December 19, 2024
Sonar included in the daily global exit update for acquiring Tidelift, extending it's scope of coverage for improving the state of open source software and raising the bar for code quality and security everywhere.
Read now >
The CyberWire
Business Briefing for 12.18.24
Sonar's acquisition of Tidelift to extend coverage and improve open-source software mentioned in the weekly wrap-up of business news.
Read now >
Techzine
Google connects Gemini Code Assist to third-party code repositories
Sonar is incorporated as a partner with SonarQube in Google's Gemini Code Assist ecosystem.
Read now >
Fortune Term Sheet
Founder of travel tech startup Nuitée raised $48 million for its next phase; Sonar acquires Tidelift
Sonar's acquisition of Tidelift mentioned in the weekly Fortune Term Sheet newsletter.
Read now >
Newsweek
Newsweek Excellence Index 2025
Sonar is ranked in the Excellence 1000 Index 2025 by Newsweek and Best Practice Institute for leading business excellence and commitment to ethical practices in the Information Technology industry.
Read now >
InfoRiskToday
Sonar Expands to Third-Party Code Security with Tidelift Buy
Sonar's VP of Growth and New Venture, Harry Wang, shares how Sonar's ecosystem expands with the Tidelift acquisition, incorporating human-verified intelligence with the existing software development and security tools.
Read now >
SiliconANGLE
Sonar acquires open source security specialist Tidelift
Sonar acquires Tidelift to expand scope of coverage and bring human-verified open source software vulnerability intelligence to users.
Read now >
DEVOPSdigest
Sonar to Acquire Tidelift
Sonar CEO Tariq Shaukat discusses including open source software to improve code quality by acquiring Tidelift.
Read now >
DevOps.com
Sonar Acquires Tidelift to Extend DevSecOps Reach Into Open Source Software
Sonar's VP of Growth and New Venture, Harry Wang, shares insights on how the integration with Tidelift will support secure code production on AI platforms.
Read now >
InfoWorld
Gemini Code Assist tools target developer productivity from within IDEs
Sonar is collaborating with Google on the launch of new tools to support Gemini Code Assist.
Read now >
eWeek
Sonar’s Harry Wang on AI Software Development: “Trust and Verify”
Harry Wang, VP of Growth and New Ventures at Sonar, sits down with host James Maguire to discuss Sonar's "start-left" approach for code quality and the future for AI adoption in software development.
Read now >
DEVOPSdigest
Exploring the Power of AI in Software Development - Part 17: 2025 Predictions and Beyond
Sonar CIO Andrea Malagodi predicts the role of code-testing tools in software development and business goals in the coming year.
Read now >
Security Boulevard
Software and AI in 2025 — Sonar Perspectives on What’s to Come in the New Year
Sonar leaders share forecasts for the coming year regarding software development, from code security to business success, in the growing adoption of generative AI.
Read now >
Eye on AI Podcast
#224 Tariq Shaukat: How Safe Is AI-Assisted Coding?
Sonar CEO Tariq Shaukat speaks to Eye on AI host Craig Smith about the importance of AI-driven approaches and Sonar's efforts to address the challenges of AI-generated code for businesses.
Read now >
DEVOPSdigest
Exploring the Power of AI in Software Development - Part 15: 2025 Predictions and Beyond
Sonar CEO Tariq Shaukat shares his insights on code accountability and the " trust and verify" approach to working with AI in 2025.
Read now >
TechStrong TV
AI Integration in Software Development with Harry Wang at AWS re:Invent 2024
Sonar speaks with TechStrong TV about adapting to AI-generated code, improving issue resolution, and maintaining high code quality standards during development.
Read now >
DataBreach Today
Code Fast, Verify First: The Developer's Dilemma
Sonar's Manish Kapur discusses strategies for developers to integrate generative AI coding assistants while maintaining code quality.
Read now >
Security Boulevard
The new SonarQube free tier is here
Sonar offers free tier for SonarQube, allowing developers to discover key features contributing to clean code with easy integration and broad language support.
Read now >
Security Boulevard
SonarQube Server 10.8 Release Announcement
SonarQube Server 10.8 release brings new and exciting capabilities such as powerful AI enhancements for code quality, different operating modes to match business needs, and more.
Read now >
Dev Interrupted
The AI Shift: Preparing for What’s Next
Sonar's VP of Product, Fabrice Bellingard, discusses the tools and approaches necessary to reshape developer workflows in the age of AI.
Read now >
HostingAdvice
Introducing New AI Tools from a Leader in Code Quality (And Yes, It’s Designed to Make the Dev Process Even Easier)
Sonar CEO Tariq Shaukat and VP of Product Fabrice Bellingard share new SonarQube capabilities that support leveraging genAI.
Read now >
CIO
5 dead-end IT skills — and how to avoid becoming obsolete
Sonar CIO Andrea Malagodi shares his insights on the IT landscape and how AI is affecting everything.
Read now >
SiliconANGLE
Safety and reliability concerns temper agentic AI mania
Sonar's Harry Wang, VP of Growth and New Ventures, shares his perspective on if we are at the autonomous stage yet of AI agents.
Read now >
Bloomberg Disruptors Podcast
Sonar's Opportunity in Clean Code For Business
Sonar CEO Tariq Shaukat speaks with Bloomberg Intelligence analyst Niraj Patel to dive into the details of Sonar’s scale in handling trillions of lines of coding, its addressable market size, disruptions from genAI, and more.
Read now >
Security Boulevard
How to Trust AI Contributions to Your Codebase
As AI becomes more integrated into the SDLC, maintaining trust in your codebase requires new strategies and tools. Sonar's Anirban Chaterjee details how to build AI accountability and how Sonar can help.
Read now >
DevOps
DevOps Dozen 2024 – Tools & Services Finalists
Sonar has been announced as a finalist in two categories of the DevOps Dozen awards, in the Best application of AI in DevOps Tool/Platform for its new AI capabilities and in the Best Testing Service/Tool for SonarQube.
Read now >
InfoWorld
Foundry announces the 2024 InfoWorld Technology of the Year Award finalists
Sonar has been announced as a finalist for the InfoWorld Technology of the Year Awards, in the Devops: Code Quality category.
Read now >
Business World
AI-generated code may expose businesses to security issues
GM & VP of APJ at Sonar, shares how, to mitigate risks with AI, code generation tools must be used responsibly with proper human oversight.
Read now >
The Manila Times
Alleviating concerns in adopting generative AI code
Marcus Low, GM & VP of APJ at Sonar, discusses Sonar's new AI capabilities for code assurance, the risks associated with autonomous AI agents generating code, and more.
Read now >
BFM 89.9
Building Strong Software Foundations with Clean Code
Marcus Low, GM & VP of APJ at Sonar, shares the unique challenges Malaysian developers face in implementing Clean Code practices and the evolving role of software companies in Malaysia’s economy.
Read now >
IT Brew
AI usage in software development a double-edged sword, experts tell IT Brew
Harry Wang, VP of Growth and New Ventures, provides insight on the direction of the software tooling space and the potential AI presents.
Read now >
DEVOPSdigest
Exploring the Power of AI in Software Development - Part 8: Adoption
Harry Wang, VP of Growth and New Ventures, shares his prediction on the impact of AI coding assistants.
Read now >
DEVOPSdigest
Exploring the Power of AI in Software Development - Part 7: Maturity
Sonar Head of R&D, Johannes Dahse, shares how quality checks and assurances will need to be in place next year as the use of AI-generated code grows.
Read now >
Built In
Code Quality Company Sonar Hires VP of Federal Government Sales
Sonar appoints Nathan Jones to VP of Federal Government, to lead the companies federal business and expand the team in D.C.
Read now >
Built In
20 Companies Where Product Teams Are Leading Innovation
Sonar's product team receives recognition for driving innovation and new SonarQube offering capabilities, AI Code Assurance and AI CodeFix.
Read now >
Newsweek
UK's Most Loved Workplaces 2024 - Newsweek Rankings
Sonar receives acknowledgment in the Newsweek UK's Most Loved Workplaces for the year.
Read now >
DEVOPSdigest
Exploring the Power of AI in Software Development - Part 4: Challenges
Andrea Malagodi, CIO of Sonar, gives his thoughts on how we will see an increased focus on code quality and security as AI produces more lines of code quickly.
Read now >
DEVOPSdigest
Exploring the Power of AI in Software Development - Part 3: Advantages
Sonar Developer Advocate, Jonathan Vila, shares his prediction on how AI coding assistants will affect software development next year.
Read now >
TechRound
Meet Harry Wang, PhD, Vice President Growth & New Ventures at Sonar
Sonar speaks with TechRound about what differentiates Sonar and how, in the age of AI, it is more critical than ever that companies invest in code quality and security.
Read now >
The New Stack
C# Logging Key Considerations with .NET
Sonar Product Manager Denis Troller discusses the importance of C# logging, the most common mistakes, and how to avoid them.
Read now >
AI Tech Park
Nathan Jones Joins Sonar as VP of Federal Government
New VP of Federal Government at Sonar, Nathan Jones, to lead enablement of Federal organizations and their development teams to accelerate code quality and security efforts.
Read now >
ChannelE2E
Channel Brief: Pia Launches AI Features for MSPs
Sonar appoints Nathan Jones to VP of Federal Government to lead expansion of the business space and expand the company's dedicated team in the D.C. area.
Read now >
BBC
The green software that could make big carbon savings
Sonar CEO, Tariq Shaukat, shares his thoughts on sustainable software development.
Read now >
DevOps
Sonar Details OpenAPI Generator Flaw That Creates Source Code Vulnerability
Sonar Vulnerability Research team discovered a flaw in OpenAPI that makes it possible for cybercriminals to both read and delete files and files stored in a write directory.
Read now >
The Stack Overflow Podcast
The new pair programming: an AI agent that cleans your code as you write
Sonar CEO Tariq Shaukat speaks to Stack Overflow host Ben Popper about AI coding tools’ potential to boost developer productivity—and how to balance it against code quality and security concerns.
Read now >
The New Stack
Encoding Differentials: Why Charset Matters
Sonar Vulnerability Researcher details why charset differentials matter when it comes to security.
Read now >
DEVOPSdigest
Sonar Acquires Structure101
Sonar acquired Structure101 to further the company's promise of enabling all developers and organizations to improve the quality and security of their code, whether AI-generated or human-written.
Read now >
DEVOPSdigest
Sonar Releases SonarQube 10.7
Sonar released SonarQube 10.7 with AI-driven features and expanded support for new and existing languages and frameworks.
Read now >
HostingAdvice.com
The Ultimate Guide to Writing Software Without Losing Your Mind
With Sonar's suite of solutions, developers can ensure they deliver high-quality code that is reliable, maintainable, and secure.
Read now >
Back End News
GenAI transforms software development but keeps human coders essential
Sonar's Marcus Low, GM & VP of APJ, shares his insights around how generative AI is impacting software development.
Read now >
ETCIO SEA
AI's Impact on Software Development: Prioritise Code Quality and Security
How can companies accelerate software development and coding capabilities while ensuring quality, secure code? Sonar's GM & VP of APJ, Marcus Low, shares how adopting a "start left" approach can help.
Read now >
InfoRisk Today
Sonar Adds Code Architecture Insights With Structure101 Buy
Sonar acquires Structure101 to help address structural design problems that affect long-term maintainability of software for organizations.
Read now >
DBTA
Sonar Boosts Code Reliability, Maintainability, and Security with Latest Acquisition
Sonar announces the acquisition of Structure101, a pioneer in code structure analysis, to enhance its offering with the identification of potential structural issues as code is written.
Read now >
FutureCIO
Sonar released new product capabilities to support software development
Designed to support better software development in the age of AI, Sonar introduces AI Code Assurance and AI CodeFix.
Read now >
ComputerWeekly
Sonar: AI-assisted code or not, developers must ‘start left’
As the software landscape continues to evolve, how can companies ensure that their code is clean, secure, and without bugs? Manish Kapur, Sr. Director of Product & Solutions, writes about the need to 'start left'.
Read now >
The New Stack
Deno 2.0, Angular Updates, Anthropic for Devs, and More
Sonar's announcement of new capabilities, AI Code Assurance and AI CodeFix, mentioned in weekly news roundup for helping to address growing code accountability issue.
Read now >
CIO.com
6 enterprise DevOps mistakes to avoid
DevOps success in complex enterprise environments can be elusive. Sonar's CIO, Andrea Malagodi, shares his perspective on this, with the increased use of genAI.
Read now >
ComputerWeekly
Sonar: AI-assisted code or not, developers must ‘start left’
More code is being written, but how can companies ensure that it is clean, secure and without bugs? Sonar's Manish Kapur writes about taking 'shift left' a step further, to 'start left'.
Read now >
FutureCIO
Sonar released new product capabilities to support software development
Sonar launched two new product capabilities, Sonar AI Code Assurance and Sonar AI CodeFix, designed to support better software development.
Read now >
Wall Street Journal
California’s AI Safety Bill Is Dead, but the Regulation Debate Lives On
Sonar CIO, Andrea Malagodi, provides perspective that there is to be reasonable friction expected between innovation and safety with generative AI.
Read now >
Enterprise AI World
Sonar Introduces New Capabilities to Improve the Quality of AI-Generated Code
Sonar introduces AI Code Assurance to help organizations ensure the quality of genAI code and AI CodeFix to enable developers to seamlessly resolve issues detected by Sonar's code analysis engine with a single click.
Read now >
SecurityBoulevard
Announcing Sonar Support for Dart: Elevate Your Code Quality
Sonar provides new support for the Dart programming language, empowering Dart developers to build mobile apps with Flutter or web applications.
Read now >
Built In
Hiring in Austin: 4 Teams Who Value Learning and Growing Together
Lauren Janetatos, Director of Learning, Growth and Culture at Sonar, shares her perspective on company culture and why she defines it as "driven".
Read now >
RT Insights
Real-time Analytics News for the Week Ending October 5
Acknowledgment of Sonar's announcement of new capabilities, AI Code Assurance and AI CodeFix, for SonarQube Server to ensure quality, secure code.
Read now >
SecurityBoulevard
SonarQube Server 10.7 Release Announcement
Sonar releases SonarQube Server 10.7 with new AI capabilities, STIG and CASA security reports, early access for Dart language rules, new PyTorch Library and Jupyter Notebooks support, and more.
Read now >
Marktechpost
Top 20 Code Review Tools for Software Developers
SonarQube Server is listed as a top solution for its continuous inspection of code quality, with support for over 30 programming languages.
Read now >
ChannelE2E
Channel Brief: Salesforce Launches Tableau Einstein Alliance, Reltio Intros New Partner Program
Sonar adds two new AI-driven clean code features to improve the quality of code produced by generative AI and enhance its offering with AI to deliver a better developer experience, respectively.
Read now >
insideAI News
Sonar to Improve the Quality of AI-Generated Code, Provide Automated Fix Recommendations
With Sonar's new capability AI Code Assurance, organizations ensure that AI written code receives the high level of quality and security review that you would expect from your developers.
Read now >
aiTechPark
Sonar announced two new product capabilities
Sonar AI Code Assurance and Sonar AI CodeFix deepen the company's commitment to the delivery of high-quality, secure code and increasing developer productivity.
Read now >
DEVOPSdigest
Sonar Introduces AI Code Assurance and AI CodeFix
New capabilities available in SonarQube Server, Sonar AI Code Assurance and Sonar AI CodeFix, improve the quality of code produced by genAI and enhance Sonar’s offering with AI to deliver better DevEx, respectively.
Read now >
Unite.AI
Sonar Unveils AI Code Assurance and AI CodeFix: Elevating Security and Productivity for AI-Generated Code
Sonar has unveiled two new capabilities for SonarQube Server — AI Code Assurance and AI CodeFix — designed to help organizations safely harness the power of AI coding assistants.
Read now >
AiThroity
Sonar to Improve the Quality of AI-Generated Code, Provide Automated Fix Recommendations
Sonar announces two new product capabilities for today’s AI-driven software development ecosystem, AI Code Assurance and AI CodeFix.
Read now >
BetaNews
New tools help ensure quality of AI-generated code
Sonar releases AI Code Assurance and AI CodeFix, deepening the company's commitment to improving DevEx and increasing productivity to support the delivery of better code.
Read now >
DevOps.com
Sonar Adds AI Tools to Identify Issues and Fix Code Created by Machines and Humans
Sonar launches AI Code Assurance to analyze issues in code generated by coding assistants, and AI CodeFix to provide AI-powered resolution recommendation for flagged code.
Read now >
World of Software
Sonar now inspects AI-generated code for glitches – News
Sonar addresses the rapidly growing market for AI code assistants by launching AI Code Assurance for inspecting genAI code and AI CodeFix for solution suggestions to flagged issues.
Read now >
SiliconANGLE
Sonar now inspects AI-generated code for glitches
Sonar launches two new capabilities respecitively for SonarQube Server – AI Code Assurance and AI CodeFix – to ensure quality, secure code whether AI-generated or written by developers.
Read now >
Newsweek
Global Most Loved Workplaces® 2024
Newsweek, per a partnership with the Best Practices Institute, acknowledges the top 100 most loved global companies, including Sonar.
Read now >
ChannelE2E
Sonar’s Jim DeCarlo: ‘Less Complexity, More Profitability’
Sonar VP of Channel for the Americas, Jim DeCarlo, shares insights on the channel and how partners are well positioned to support customers that are integrating genAI.
Read now >
TechTarget
8 KPIs to reduce technical debt
How can project stakeholders and IT leaders manage and reduce technical debt? Setting KPIs and having the right tools, like SonarQube Server, to assess and measure are critical.
Read now >
BetaNews
It’s time to treat software -- and its code -- as a critical business asset
The cost of bad code is enormous and leaders must consider its impact on their business success, particularly with the rise of AI coding assistants.
Read now >
SD Times
Dirty code still runs, and that’s not a good thing
Sonar VP of Product, Fabrice Bellingard, covers how the right testing and analysis ensures a solid software foundation of quality, secure code.
Read now >
TechRepublic
Two-Thirds of Security Leaders Consider Banning AI-Generated Code, Report Finds
AI coding assistants help improve developer experience and productivity, but organizations still need to ensure proper security checks to prevent issues and outages.
Read now >
TechRepublic
AI-Generated Code is Causing Outages and Security Issues in Businesses
Sonar CEO, Tariq Shaukat, shares insights on AI code reviews, why verifying AI-generated code is critical, and the need for business leaders to take this seriously.
Read now >
The "Dear Future CRO" Podcast
From Developer to Sales Leader: Lynne Doherty's Unconventional Path to Success
Sonar's President of Field Operations chats about her career from developer to sales leader and how she advocates for creative disruption and accountability.
Read now >
ComputerWeekly
How Sonar is elevating code quality in the age of AI
Expanding into the Asian market, Sonar’s code quality platform helps developers maintain secure, high-quality code amid the rise of AI-based coding assistants.
Read now >
The New Stack
Take the ‘Shift Left’ Approach a Step Further by ‘Starting Left’
Performing analysis and code reviews earlier in development is a popular mindset, but it should be to “start left,” not impose the burden later on.
Read now >
TechRound
Top 7 Unicorns in Switzerland
Sonar is named a top unicorn in Switzerland
Read now >
McKinsey
The gen AI skills revolution: Rethinking your talent strategy
The skills and practices needed for software teams to succeed are changing with AI. Having the right tools in place, such as SonarQube Server, is critical for reducing potential risk.
Read now >
GovInfo Security
SQL Injection: A High-Value Target for Attackers
Sonar Vulnerability Researcher Paul Gerste sits down with ISMG's Michael Novinson on the need for developer training to combat SQL injection.
Read now >
Dev Interrupted Podcast
Finding the Best Gen AI Use Case for Your Dev Team
Host Dan Lines sits down with Sonar's VP of Developer Relations and Community to discuss benefits and risks associated with GenAI and how impactful it is for junior and senior developers.
Read now >
The New Stack
Level Up Your Software Quality With Static Code Analysis
How can companies have confidence in their software? Sonar's Robert Curlee details how to level up code development with static code analysis.
Read now >
InformationWeek
3 Ways Organizations Can Measure and Monitor the Impact of AI
Sonar CIO, Andrea Malagodi, writes about the need for organizations to understand how AI is contributing to workflows and their business.
Read now >
Cyber Security News
10 Best Code Security Tools in 2024
Sonar's solution, SonarQube Server, is ranked at two out of 10 for best code security tools of the year.
Read now >
Built In
44 Top Tech Companies in Texas You Should Know
Sonar is recognized as a top tech company in Texas, by Built In, for its innovation and growth.
Read now >
DevOps Tool Chain Podcast
Leveraging AI for Secure DevOps
Sonar VP of Developer Relations and Community talks about how to achieve secure, quality code whether generated by AI or written by developers.
Read now >
The Wall Street Journal
Why AI Risks Are Keeping Board Members Up at Night
Sonar CEO Tariq Shaukat shares how it's critical to understand AI
Read now >
Continuous Delivery Podcast
Empowered Developers Write Clean Code, Tom Howlett, Head of Product at Sonar
Tom Howlett, Head of Product Management at Sonar, discusses the idea of 'start left', AI in software development, static code analysis, and more.
Read now >
Built In
80 Software Companies in Austin You Should Know
Sonar receives acknowledgment as an Austin software company 'to know' for its developer-centric solution that enables quality and secure code development.
Read now >
Forbes
Successful CEOs Lead To Serve
Sonar founder Olivier Gaudin shares his perspective on why its critical that your mission aligns with the community you serve.
Read now >
Help Net Security
Roundcube flaws allow easy email account compromise (CVE-2024-42009, CVE-2024-42008)
Sonar vulnerability researcher Oskar Zeino-Mahmalat shares his insights on two cross-site scripting vulnerabilities affecting Roundcube that could be exploited by attackers.
Read now >
Tech Coffee House
Sonar Launches New SonarQube Cloud Plans to Empower Developers with Clean Code Solutions
Sonar expands its SonarQube Cloud offering with the introduction of two new plans: SonarQube Cloud Enterprise and SonarQube Cloud Team; fully managed SaaS solutions to enhance the quality and security of code.
Read now >
The SalesStar Podcast
Episode 208: B2B revenue and GTM practices with Lynne Doherty, President of Field Operations at Sonar
Lynne Doherty, President of Field Operations at Sonar, joins the SalesStar podcast in this episode to chat about a few proven B2B revenue and GTM practices.
Read now >
Built In
22 DevOps Companies to Know
Sonar is ranked among Built In's list of top 22 DevOps companies to know.
Read now >
InformationWeek
Should Today’s Developers Be More or Less Specialized?
Sonar CIO Andrea Malagodi comments on how having a broader skillset can be an advantage in building a software development career.
Read now >
DEVOPSdigest
Sonar Introduces SonarQube Cloud Enterprise and Team Plans
New SonarQube Cloud plans ensure developer teams can leverage it as their needs grow, to continuously reduce risk exposure at all levels and sustain software performance, growing business through systematic development and delivery.
Read now >
Security Boulevard
Now Introducing, SonarQube Cloud Enterprise and SonarQube Cloud Team
Sonar launches Enterprise and Team plans for its SaaS offering SonarQube Cloud, empowering development teams of all sizes to deliver Clean Code with confidence.
Read now >
Expert Insights
The Top 10 Application Security Testing Solutions
Sonar is listed as a top 10 solution for its ability to enhance readability of both AI-generated and human-written code, as well as its integration capabilities.
Read now >
InfoWorld
How to choose the right low-code, no-code, or process automation platform
Sonar's VP of Developer Relations and Community comments on using low- or no-code platforms for software development.
Read now >
DZone
AI vs. Human: Who Detects Bugs Better?
SonarQube Server is noted as a popular solution to detect bugs in AI-generated code with its static code analysis capabilities.
Read now >
The New Stack
Back to the Basics: Understanding Source Code
Sonar Product Manager, Robert Curlee, covers the importance of quality, secure code and the logic and design patterns of coding principles.
Read now >
CIO
5 IT risks CIOs should be paranoid about
Sonar's CIO, Andera Malagodi, comments on how AI risks can worsen the problem of bad code by not prioritizing quality.
Read now >
Software Engineering Daily
C++ Static Analysis with Abbas Sabra
Sonar Principal Engineer Abbas Sabra talks with the host of Software Engineering Daily about static code analysis and C++ and new Sonar features such as auto-configuration.
Read now >
InformationWeek
Is GenAI an Existential Risk to Low Code/No Code?
Sonar's VP of Developer Relations and Community comments on the power of LLMs and Artificial General Intelligence (AGI).
Read now >
Built In
What Is an Integrated Development Environment (IDE)?
Sonar Developer Advocate Quazi Nafiul takes it back to basics, covering what is an IDE and how to pick the right one.
Read now >
The Hacker News
Critical Unpatched Flaws Disclosed in Popular Gogs Open-Source Git Service
Sonar Vulnerability Research team unveils four discovered security flaws in Gogs that could permit an attacker to execute arbitrary commands.
Read now >
SC Media
Gogs vulnerabilities may put your source code at risk
While analyzing the Gogs for self-hosting source code, Sonar Vulnerability Research team discovered four flaws that could enable attackers to steal, modify or delete valuable source code.
Read now >
The New Stack
5 Clean Code Tips for Reducing Complexity
Sonar product manager John Clifton covers how reducing cognitive complexity is key to helping write secure, maintainable, and reliable code.
Read now >
The Channel Pro Network
Channel Career Tracker: Q2 2024
Sonar's President of Field Operations, Lynne Doherty, is highlighted among other channel industry leaders, noted for her outstanding record leading high-performing GTM organizations.
Read now >
Built In
40 Software Companies in London to Know
Sonar is noted by Built In as a London software company that's driving progress across industries.
Read now >
Security Boulevard
The True Cost of Bad Code in Software Development
How does bad code impact organizations and how can it be overcome? Proactive measures and the right solutions, such as SonarQube Server.
Read now >
The New Stack
Technical Debt Continues To Mount – Here’s How To Solve It
How can technical debt be addressed? With a culture of clean code – promote continuous improvement that streamlines workflows and gives stakeholders insight to make informed decisions.
Read now >
Security Boulevard
SonarQube Server 10.6 Release Announcement
SonarQube Server 10.6 release includes significant changes such as autoscaling in Kubernetes, C and C++ projects are auto-configurable, the ability to run the solution in a FIPS-enforced environment, and more.
Read now >
Built In
21 Tech Companies in Singapore to Know
Built In recognizes Sonar as a prominent company in Singapore, along with other well-known companies, such as Amazon and Razer.
Read now >
InformationWeek
Delving Into the Risks and Rewards of the Open-Source Ecosystem
Open source software fuels the digital world, but how can enterprises manage its risks? Sonar Developer Advocate comments on how open source technologies are the foundations of the digital world.
Read now >
SC Media
Arbitrary code execution likely with Mailcow vulnerabilities
Two medium-severity vulnerabilities were found in Mailcow by Sonar's Vulnerability Research team.
Read now >
The Hacker News
Mailcow Mail Server Flaws Expose Servers to Remote Code Execution
Sonar Vulnerability Research team discovers two security vulnerabilities in the Mailcow open source mail server suite that could be exploited by malicious actors.
Read now >
TechStrong.ai
AI Leadership Insights: Clean Code
Sonar Head of Developer Relations and Community shares insight around the value of Clean Code in the age of AI.
Read now >
TechZine
Sonar developer lead: Programming past the pitfalls with AI-generated code
Sonar Head of Developer Relations and Community discusses how AI can unlock developer bandwidth, but only when generated code is properly checked.
Read now >
Cloud Native Now
Docker Survey Surfaces Complex Application Development Landscape
Survey by Docker finds that SonarQube Server is one of the most widely used security tools for application development.
Read now >
SDxCentral
Sonar and AWS Expand Collaboration to Drive Adoption of Clean Code Practices
Sonar has furthered its AWS partnership with the integration of SonarQube Cloud to Amazon Code Catalyst, in addition to achieving AWS FTR certification.
Read now >
SD Times
SonarQube Cloud integrates with Amazon CodeCatalyst to promote Clean Code practices
SonarQube Cloud is integrated with Amazon CodeCatalyst to help improve the development process for cloud-based applications.
Read now >
InfoWorld
Advanced CI/CD: 6 steps to better CI/CD pipelines
Sonar Head of Developer Relations and Community comments on the need to combine unit testing and static code analysis for better DevOps.
Read now >
CIOReview
Sonar Delivers Clean Code Solution SonarQube Server Through Google Cloud Marketplace
Sonar makes its self-managed solution SonarQube Server available on Google Cloud marketplace, enabling companies to accelerate DevOps transformation in the cloud and more.
Read now >
DEVOPSdigest
SonarQube Server Now Available on Google Cloud Marketplace
SonarQube Server is now available on Google Cloud Marketplace, enabling organizations to accelerate DevOps, modernize software development workflows, and deliver higher-quality, secure applications.
Read now >
Tech World with Milan
Enabling High-Quality Code in .NET
SonarQube Server is listed as a go-to tool for ensuring high-quality code.
Read now >
Built In
Sonar Makes SonarQube Server Available on Google Cloud Marketplace
SonarQube Server becomes available on Google Cloud Marketplace to support developers in their pursuit of continuous Clean Code, whether human-written or AI-generated.
Read now >
Built In
20 Featured Companies Moving Ahead in 2024
Recent Sonar updates are highlighted, including SonarQube Server 10.5 and being involved in the Department of Commerce consortium on AI safety.
Read now >
ChannelE2E
Sonar Puts Focus on Channel with New Executive
Sonar President of Field Operations, Lynne Doherty, talks about Sonar's shift from product-led growth to GTM.
Read now >
CMSwire
Can Traditional Web Development Survive AI?
Sonar Head of Developer Relations & Community, Peter McKee, comments on the impact of genAI in web development.
Read now >
Security Boulevard
Sonar Named Leader in G2 Spring Report
Sonar receives recognition as a LEADER in Static Code Analysis by G2.
Read now >
Built In
25 Companies Hiring Software Engineers
Sonar is featured for the number of engineering job openings in several departments.
Read now >
InfoWorld
12 principles for improving devsecops
Sonar Head of Developer Relations and Community, Peter McKee, comments on why developers should integrate static code analysis into their workflow to bolster QA efforts.
Read now >
CIOReview
Sonar: The Clean Code Leader
Sonar's CIO, Andrea Malagodi, discusses Sonar's philosophy and its Clean Code methodology.
Read now >
The New Stack
Spring Framework Has Three Major Pitfalls — Here’s What To Do
Jonathan Vila, Sonar Developer Advocate, covers Spring features that aid in the development process, and why it’s vital to understand the framework's limitations and drawbacks.
Read now >
SC Media
Why quality source code has become more important than ever in the AI era
Harry Wang, Sonar's VP of Strategic Partnerships, writes about how companies can ensure their software adheres to new standards and legal requirements by looking closely at their source code.
Read now >
Corporate Board Magazine
What To Ask About AI
Tariq Shaukat, co-CEO of Sonar, shares his views on AI and the need for companies to have acceptable use-case policies.
Read now >
Austin Monthly
Austin Is Becoming a Major Player in AI Innovation and Regulation
Sonar co-CEO, Tariq Shaukat, is quoted on the importance of putting gaurdrails around AI without stifling innovation.
Read now >
InfoWorld
10 principles for creating a great developer experience
Sonar Developer Advocate Jonathan Vila comments on the necessity of checking code generated by AI before adding it to repositories to ensure the best value is extracted from AI without compromising the codebase.
Read now >
The New Stack
7 Tips for Fostering Stronger Communication in Outsourced Projects
Sonar's Liz Ryan writes about the importance of proper communication in projects and seven key approaches teams can take.
Read now >
L'Agefi
Lynne Doherty nommée responsable des opérations chez Sonar
Lynne Doherty joins Sonar as President of Field Operations.
Read now >
Built In
Sonar Appoints New President of Field Operations
Lynne Doherty is interviewed about her role as Sonar's President of Field Operations.
Read now >
Channel Futures
Sumo Logic Vet Hits 'Job Lottery' with Role at Sonar
Sonar's President of Field Operations, Lynne Doherty, discusses her plans in her role and how joining the Clean Code leader is a 'full circle' moment for her having started her career as a developer.
Read now >
The New Stack
Preventing Scope Creep: Guide for Managing Outsourced Teams
Strategies businesses can use to prevent scope creep and achieve success for all parties involved.
Read now >
Built In
Leadership Transitions Have Huge Impact on Long-Term Productivity. Here’s How Two Austin Companies are Navigating the Change.
Sonar's CHRO, Clarissa O'Connell, talks about her role and how she's supporting the company in its mission to change the development world.
Read now >
InformationWeek
How Developers of All Skill Levels Can Best Leverage AI
Sonar's Head of Developer Relations and Community writes about the need to use coding assistants wisely, being mindful of skill level.
Read now >
HR Executive
The HR strategies this tech CHRO says will drive global growth
Sonar's CHRO, Clarissa O'Connell, shares how she leads her team and is revamping how HR is done.
Read now >
Built In
63 Cloud Companies You Should Know
Sonar is listed as a cloud company to know.
Read now >
The New Stack
How Generative AI Coding Assistants Increase Developer Velocity
Sonar's Manish Kapur covers how generative AI coding assistants have the power to transform the development process when used correctly with a Clean Code approach.
Read now >
IEEE Spectrum
AI Coding Is Going From Copilot to Autopilot
Sonar Developer Advocate comments on generative AI coding assistants and the benefits they can bring to developers.
Read now >
The New Stack
AI Code Generation: 6 FAQs for Developers
AI code generation is useful, but what's the catch? Sonar's Manish Kapur writes on this and the need for static code analysis.
Read now >
InfoWorld
Avoiding the dangers of AI-generated code
Sonar Developer Advocate discusses generative AI and the importance of ensuring that all code is analyzed, tested, and reviewed.
Read now >
The New Stack
How to Prevent Secrets from Creeping into Code
In this article, Sonar's Robert Curlee shares why its best to catch secrets at the very beginning of the development workflow (in the IDE), and how Sonar can help.
Read now >
Forbes
Using GenAI For Coding? How To Leverage It Wisely And Well
In this article, Sonar founder and co-CEO Olivier Gaudin gives his thoughts on why AI-generated code must be given the same scrutiny as human-written code.
Read now >
Techopedia
CISA’s Attestation Form: What Software Suppliers Can Do to Meet Compliance
In this article, Sonar VP of Strategic Partnerships and other industry leaders share their perspectives on the new attestation form for software suppliers introduced by CISA.
Read now >
CIO.com
How CIOs navigate generative AI in the enterprise
In this article, Sonar CIO Andrea Malagodi shares his perspective on AI - alongside other industry leaders - saying how CIOs and CTOs must take the necessary steps to ensure AI-generated code is clean.
Read now >
DZone
The Cost of Ignoring Static Code Analysis
Peter McKee, Sonar Head of Developer Relations & Community, shares why unit testing and static code analysis together play a vital role in creating quality software.
Read now >
Corporate Board Member
Get Your People AI Ready: 3 Key Ideas
In this article, highlights are shared from the Directors Forum in Dallas with speakers, Tariq Shaukat, Sonar co-CEO, and Florin Rotar, Chief AI Officer of Avanade.
Read now >
Beta News
How clean code can bridge the developer and security divide
Stefan Schiller, Sonar Vulnerability Researcher, details how marrying a “shift left” mentality with the “Clean as You Code” methodology can better satisfy demands on developers and SecOps alike to both work faster, ship more features, and address security issues.
Read now >
The New Stack
How Static Analysis Can Save Your Software
How using static analysis, especially in C++ projects, can help your team achieve success and ensure top quality software.
Read now >
Techopedia
Pros & Cons of AI Coding Assistants: Speed vs Quality
Peter McKee, Sonar Head of Developer Relations & Community, suggests developers may need to introduce code-scanning tools into their development journey to mitigate potential GenAI coding errors.
Read now >
Financial Times
FT 1000: the eighth annual ranking of Europe’s fastest-growing companies
Sonar receives inclusion in the Financial Times 1,000, which highlights Europe-based companies showing the strongest revenue growth over a three-year period.
Read now >
Forbes
How We’ll Be Interacting With AI As It Takes On More Work
Sonar Head of Developer Relations & Community, Peter McKee, shares his perspective about how AI is an "under-the-covers knowledge foundation."
Read now >
The New Stack
5 Risks of Outsourcing Development and How to Avoid Them
A look at some of the most significant outsourcing-based pitfalls and how companies can best mitigate them to continue producing high-quality, business-critical software at top speed and lower cost.
Read now >
Dark Reading
Joomla XSS Bugs Open Millions of Websites to RCE
Sonar Vulnerability Research Team discovered that one fundamental flaw, tracked as CVE-2024-21726, is at the heart of the issues affecting Joomla's core filter component.
Read now >
Reworked
Managers Need to Get Better at Discussing Employee Well-Being. Here's How
Sonar's CHRO, Clarissa O'Connell, shares her perspective on how middle managers can be supported with the right tools and resources in place.
Read now >
The New Stack
Unraveling the Costs of Bad Code in Software Development
Sonar's Liz Ryan shares that, while the consequences of bad code can’t be underestimated, they must be mitigated to ensure business success.
Read now >
DevOps.com
Software Development in the Age of AI: How to Balance Quality and Speed
As AI code generators gain popularity, Sonar's Peter McKee covers how companies have to put safeguards in place to harness the technology, for boosting productivity and quality outputs.
Read now >
SD Times
The Importance of Prevention: How Shifting Left, Static Analysis and Unit Testing Create Better Code Quality
Sonar Head of Developer Relations & Community, Peter McKee, shares how developer teams must take a shift-left on quality approach, employing both unit testing and static analysis.
Read now >
The Tech Trek
Software is Eating the World and AI is Accelerating It
In this Tech Trek podcast episode, Tariq Shaukat, co-CEO at Sonar, is interviewed about the impact of software and AI on companies.
Listen now >
Security Boulevard
Write cleaner React code with SonarQube Server 10.4
SonarQube Server 10.4 was recently released and, between 10.3 and 10.4, 48 new rules and one updated rule were released to help write clean code in React applications.
Read now >
InfoWorld
10 ways generative AI will transform software development
Peter McKee, Sonar Head of Developer Relations & Community, shares how a Clean as You Code approach ensures quality AI-generated code.
Read now >
BuiltIn Austin
US AI Safety Institute Consortium Established to Ensure Safe AI Innovation
Sonar joins over 200 AI stakeholders to support the development and deployment of safe, trustworthy AI.
Read now >
BuiltIn Austin
56 Software Companies in Austin You Should Know
Sonar is highlighted for its strides in enabling companies to develop Clean Code with its solutions SonarQube for IDE, SonarQube Server, and SonarQube Cloud.
Read now >
Austin Business Journal
Austin tech companies made 20-plus key hires in January
New Sonar CHRO, Clarissa O'Connell, is featured amongst other hires at top Austin-based companies.
Read now >
Bilanz
These young Swiss companies are just taking off
Sonar is highlighted amongst other Switzerland based scale-ups for its successful growth as the Clean Code market leader.
Read now >
The New Stack
The Trouble with Nesting Ternaries in JavaScript
Sonar Developer Advocate and JavaScript expert, Phil Nash, covers why nesting ternaries is an issue and what developers can do to eliminate the practice to produce Clean Code.
Read now >
The New Stack
7 Java Mistakes to Conquer
Sonar Developer Advocate, Jonathan Vila, dives into the most common errors in Java projects.
Read now >
SecurityWeek
Critical Jenkins Vulnerability Leads to Remote Code Execution
A critical vulnerability in Jenkins’ built-in CLI, discovered by Sonar's Vulnerability Research team, allows remote attackers to obtain cryptographic keys and execute arbitrary code.
Read now >
The Hacker News
Critical Jenkins Vulnerability Exposes Servers to RCE Attacks - Patch ASAP!
Sonar Vulnerability Research team discovers several security flaws in Jenkins.
Read now >
insideBIGDATA
Heard on the Street – 1/25/2024 - insideBIGDATA
Sonar co-CEO Tariq Shaukat discusses the importance of taking a "trust, but verify" approach when using code generated by AI.
Read now >
SolutionsReview
Data Privacy Week 2024: The Definitive Roundup of Expert Quotes
Sonar CIO Andrea Malagodi shares how data privacy today is turning into an old challenge with "new clothes" thanks to AI.
Read now >
The New Stack
The Case for 'Shifting Right'
What shifting right means and the importance of balancing shift left and shift right
Read now >
DEVOPSdigest
2024 DevSecOps Predictions - Part 2
Sonar team members share their perspectives on what is to come this year with DevSecOps trends.
Read now >
VMblog
Data Privacy Week 2024 - Cybersecurity Experts Share Security Tips
Sonar CIO Andrea Malagodi shares his perspective on what companies should keep in mind for 2024 Data Privacy Week.
Read now >
Datanami
2024 GenAI Predictions: Part Deux
Sonar Developer Advocate Phil Nash is quoted on his prediction that this year, the industry will see an overconfidence in GenAI code that will lead to generated AI vulnerabilities.
Read now >
Agenda
New EU AI Rules Will Have Global Impact
Sonar co-CEO Tariq Shaukat is quoted on the subject of the need for every company to have an AI acceptable use policy.
Read now >
Hackernoon
Unlocking Developer Productivity: The Key Is AI + Clean Code
Sonar's Head of Developer Relations & Community, Peter McKee, covers how AI is affecting software development and how to mitigate risks with it.
Read now >
BuiltIn
100 Best Places to Work in Austin, TX in 2024
Sonar is highlighted by BuiltIn in the top 100 Best Places to Work in Austin, Tx.
Read now >
SD Times
A guide to security testing tools
In this article, Sonar and its solutions SonarQube for IDE, SonarQube Server, and SonarQube Cloud are highlighted for their ability to ensure Clean Code.
Read now >
Security Boulevard
Securing Networks: Addressing pfSense Vulnerabilities
In this article, recent findings by Sonar's vulnerabilities research team within the widely-used open-source Netgate pfSense firewall solution, are covered.
Read now >
LeadDev
Effectively managing junior developers on remote teams
In this article, Sonar's Head of Developer Relations & Community, Peter McKee, shares his advice on how to support junior developers grow their careers in a remote environment.
Read now >
eSecurity Planet
5 Major Cybersecurity Trends to Know for 2024
In this article, Sonar Developer Advocate Phil Nash shares his prediction for what's to come with AI in 2024.
Read now >
Safety Detectives
Interview With Fabrice Bellingard - VP of Product at Sonar
SafetyDetectives recently interviewed Fabrice Bellingard, the VP of Product at Sonar, delving into the key features of SonarQube for IDE, SonarQube Server, and SonarQube Cloud.
Read now >
Database Trends and Applications
Sonar Debuts Secrets Detection for Mitigating Sensitive Information Leaks
In this article, Sonar's announcement of Secrets Detection for SonarQube for IDE, SonarQube Server, and SonarQube Cloud is covered.
Read now >
IT Brew
Asking around: How will generative AI impact the workplace?
In this article, Sonar Developer Advocate Quazi Nafiul Islam shares his thoughts on the impact of generative AI in the workplace.
Read now >
DEVOPSdigest
2024 DevOps Predictions - Part 8
In this article, Sonar Developer Advocates share their predictions for 2024 trends.
Read now >
Bleeping Computer
Over 1,450 pfSense servers exposed to RCE attacks via bug chain
Sonar researchers with the aid of SonarQube Cloud discovered three flaws impacting pfSense 2.7.0 and older and pfSense Plus 23.05.01 and older.
Read now >
Forbes
6 Predictions About Cybersecurity Challenges In 2024
In this article, Sonar Vulnerability Researcher Stefan Schiller is quoted for his 2024 prediction around hackers leveraging AI.
Read now >
The New Stack
Arming Developers with the Power of Clean Code
In this article, the benefits of following Clean Code standards to ensure a reliable, maintainable, and secure codebase are covered.
Read now >
Solutions Review
59 Data Protection Predictions from 33 Experts for 2024
In this article, Sonar Vulnerability Researcher Thomas Chauchefoin shares his 2024 prediction - AI-Assisted attacks to become more sophisticated and automated.
Read now >
Solutions Review
The Definitive Guide to Artificial Intelligence Predictions for 2024
In this article, several predictions from Sonar team members are highlighted amongst other industry experts on topic such as AI-generated code and cybersecurity.
Read now >
Unite.AI
Peter McKee, Head of Developer Relations at Sonar – Interview Series
In this article, the benefits of genAI and drawbacks to consider are covered, and the need to apply Clean Code best practices to AI-generated code.
Read now >
The New Stack
AI Will Create Demand and Empower Developers, Not Replace Them
In this article, the benefits of genAI and drawbacks to consider are covered, and the need to apply Clean Code best practices to AI-generated code.
Read now >
VMblog
Sonar 2024 Predictions: 6 Experts on the Future of Coding in the Age of AI
In this article, several predictions from Sonar team members are highlighted on topics such as genAI, security, and coding languages.
Read now >
The New Stack
The Highs and Lows of Low-Code Tools
In this article, pros and cons of low code are discussed, and the need to always keep Clean Code best practices in mind.
Read now >
DevOps.com
DevOps Dozen² 2023 Finalists Announced
Sonar is announced as a finalist for the DevOps Dozen Awards in the Best Testing Service/Tool category.
Read now >
Futuriom
FUTURIOM 50: THE 2023 STANDOUTS
Sonar is included on Futuriom's 50 list of the strongest private companies in key markets for cloud and communications infrastructure.
Read now >
DZone
Security Vulnerabilities in CasaOS
Sonar's Vulnerability Research team uncovered two critical code vulnerabilities in the personal cloud system CasaOS.
Read now >
Dice
'Tech Connects' Podcast: The Future of Clean Code
Tariq Shaukat, Sonar co-CEO, speaks with 'Tech Connects' host about how more companies are becoming software companies and the impact of genAI.
Listen now >
Digital Journal
This month the code word is ‘cybersecurity’
Sonar founder and co-CEO, Olivier Gaudin, is quoted about the need for business leaders to prioritize Clean Code as they reflect on Cybersecurity Month.
Read now >
BetaNews
Secure software depends on clean code — AI-generated or not
Sonar Head of Developer Relations and Community, Peter McKee, writes about the need for Clean Code in order to create secure software and decrease bad code.
Read now >
The New Stack
How to Get Advantages of TypeScript in JavaScript
Sonar Developer Advocate, Phil Nash, details tips and tricks for how to take advantage of TypeScript in JavaScript.
Read now >
SecurityWeekly Podcast
VSCode Vulnerabilities – Thomas Chauchefoin, Paul Gerste – PSW #804
Sonar Vulnerability Researchers Thomas Chauchefoin and Paul Gerste discuss research conducted on the security of Visual Studio Code — the most popular code editor out there.
Listen now >
SiliconANGLE
Enterprise software developers prepare for generative AI's 'productivity revolution'
In this article, Olivier Gaudin - founder and co-CEO of Sonar - is quoted on his perspective that more experienced coders will see the bigger advantages from genAI.
Read now >
Dark Reading
North Korean State Actors Attack Critical Bug in TeamCity Server
Sonar vulnerability researcher, Stean Schiller, is quoted on JetBrains TeamCity vulnerability, discovered by the Sonar research team.
Read now >
The Hacker News
Critical Vulnerabilities Uncovered in Open Source CasaOS Cloud Software
Sonar Vulnerability Research team discovers two critical security flaws in the open source CasaOS personal cloud software.
Read now >
The New Stack
What You Need to Know about Carbon, Python and Val
Sonar Developer Advocate, Phil Nash, details what developers need to consider about programming languages Carbon, Python, and Hylo.
Read now >
Forbes
Why Switzerland Thinks It Can Be Europe’s Tech Start-Up Capital
Sonar receives mention for being a Switzerland-based Unicorn in this Forbes article about the Europe tech start-up landscape.
Read now >
Solutions Review
37 Cybersecurity Awareness Month Quotes from Industry Experts in 2023
Olivier Gaudin, founder and co-CEO of Sonar, shares his perspective on Clean Code as it relates to Cybersecurity Awareness Month and the increase of genAI in code development.
Read now >
Enterprise Security Tech
Impact of AI on Cybersecurity: Pros and Cons Analyzed By Experts
In this article, Olivier Gaudin, co-CEO and founder of Sonar, shares why the world needs Clean Code and to adapt a Clean as You Code approach.
Read now >
The Last Watchdog
Black Hat Fireside Chat: Why using ‘Clean Code’ is paramount in speedy software development
Sonar's Olivier Gaudin, co-CEO and founder, and Head of R&D, Johannes Dahse, speak on The Last Watchdog podcast about the importance of Clean Code in speedy software development with quality.
Read now >
CIO Influence
October Cybersecurity Awareness Month: Top 50 IT and Security Professionals Share their Strategies
Olivier Gaudin, co-CEO and founder of Sonar, shares his perspective on Clean Code for Cybersecurity Awareness Month.
Read now >
TechRepublic
Top Security Tools for Developers in 2023
In this article, SonarQube Server is acknowledged as a great choice for developers needing an open source static application security testing tool to enhance security and code quality.
Read now >
VMblog
Cybersecurity Awareness Month 2023: Industry Experts Share Their Thoughts
In this article, Sonar founder and co-CEO - Olivier Gaudin - shares why organizations need to understand and adopt a Clean as You Code approach this Cybersecurity Awareness Month.
Read now >
The Hacker Mind
EP 81: HACKING VISUAL STUDIO CODE EXTENSIONS
In this podcast episode, Sonar researchers Thomas Chauchefoin and Paul Gerste discuss the state of the art of Visual Studio Code's security with Hacker Mind host Robert Vamosi.
Listen now >
Dev-Insider
Best Practices für sauberen Code ohne technische Schulden Clean Coding – ein Mittel gegen Developer-Burnout?
In this article, Sonar's Peter McKee writes about how Clean Code methods reduce workload while ensuring security, compliance, and the highest code quality.
Read now >
CyberWire
Cybersecurity Awareness Month: advice for tech companies.
In this article, Sonar founder and co-CEO - Olivier Gaudin - makes "a call for Clean Code" as organizations rethink their security this Cybersecurity Awareness Month.
Read now >
TechRepublic
3 Best DevSecOps Tools in 2023
In this article, the SonarQube Server solution is highlighted as a top DevSecOps tool for its support for multiple programming languages to improve code quality and enhance security.
Read now >
BuiltIn ATX
Built In Austin’s 9 Featured Companies of the Month
In this article, Sonar is recognized for its accomplishments and success as an innovative company in Austin, Texas.
Read now >
HackRead
JetBrains Patches Severe TeamCity Flaw Allowing RCE and Server Hijacking
Sonar researcher Stefan Schiller is acknowledged for discovery of a critical-severity authentication bypass vulnerability in the TeamCity CI/CD server.
Read now >
SC Media
Server hijacking likely with exploitation of critical TeamCity vulnerability
In this article, a critical TeamCity vulnerability is detailed, as discovered by Sonar's vulnerability research team.
Read now >
Hacker News
Critical JetBrains TeamCity Flaw Could Expose Source Code and Build Pipelines to Attackers
In this article, Sonar researchers share their discovering of a critical vulnerability in JetBrains TeamCity.
Read now >
SecurityWeek
In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover
A critical vulnerability in the TeamCity CI/CD server, discovered by the Sonar Vulnerability Research team could allow unauthenticated attackers to execute code and take over vulnerable servers.
Read now >
Decipher
TeamCity users urged to apply fix for Critical Flaw
Sonar researchers discovered a critical security vulnerability in TeamCity, a popular Continuous Integration and Continuous Deployment (CI/CD) server from JetBrains.
Read now >
L'Agefi
SonarSource, inflation, BNS: les trois mots-clés de la semaine
Sonar's appointment of new co-CEO, Tariq Shaukat, is covered in L'Agefi's top three news moments from the week.
Read now >
DBTA
SonarQube Cloud Debuts Open Source, Zero-Configuration, Automatic Analysis for C and C++ Projects
Sonar, the Clean Code solution provider, is announcing a new capability for its SonarQube Cloud platform: Zero-configuration, automatic analysis for programming languages C and C++.
Read now >
VMblog
Sonar Delivers Zero-Configuration Analysis of C and C++ Projects
New zero-configuration, automatic analysis for programming languages C and C++ within SonarQube Cloud enables GitHub hosted projects to be analyzed in one click, and it works with all compilers.
Read now >
DEVOPSdigest
Sonar Announces Zero-Configuration Analysis of C and C++ Projects
Sonar announced zero-configuration, automatic analysis for programming languages C and C++ within SonarQube Cloud, enabling C and C++ projects hosted on GitHub to be analyzed by SonarQube Cloud in one click.
Read now >
L'Agefi
With the ex-president of Bumble, SonarSource aims for a billion in turnover
The Geneva unicorn has recruited a co-CEO who combines commercial and software skills in order to accelerate its development. Tariq Shaukat was at the helm of the dating app when it debuted on the Nasdaq.
Read now >
Bloomberg Markets
Expect More Durable Companies to Come to Market: Shaukat
Co-CEO of Sonar, Tariq Shaukat, discusses IPO tech landscape and the importance of growing profitability with durability.
Watch now >
Bloomberg Markets
Bloomberg Markets: The Close 09/12/2023
Recently appointed co-CEO of Sonar, Tariq Shaukat, joins Bloomberg Markets "The Close" to discuss his new role and the IPO tech market (at 25-minute mark).
Watch now >
Austin Business Journal
After helping Bumble IPO, Tariq Shaukat named co-CEO of $4B coding company
Tariq Shaukat joins Sonar as co-CEO to work alongside Founder and CEO, Olivier Gaudin, to take company through next phase of growth.
Read now >
insideHPC
Former Google Cloud President Tariq Shaukat Joins Sonar as Co-CEO
Sonar announced that Tariq Shaukat has joined the company as co-CEO and a member of the Board of Directors. The company said Shaukat will lead the company with founder and CEO Olivier Gaudin.
Read now >
TechStrong TV
Insecure Code: Software Makers May Be Held Liable with New Legislation
Peter McKee, Head of Developer Relations & Community at Sonar, speaks with TechStrong TV's Alan Shimel about the future of DevOps and the importance of Clean Code.
Listen now >
Forbes
What Large Models Cost You – There Is No Free AI Lunch
The cost of generative AI is hitting businesses. Building and training LLMs can be prohibitively expensive. Sonar's Olivier Gaudin says “LLMs get bigger, not smarter."
Read now >
SD Times
Insecure Code: Software Makers May Be Held Liable with New Legislation
Sonar CMO Manish Gupta covers the Biden National Cybersecurity Strategy, how it places more legal responsibility on software makers, and how Clean Code can help.
Read now >
GovInfoSecurity
Securing Applications, Accelerating DevOps With Clean Code
In this video interview, Sonar CEO & co-founder Olivier Gaudin discusses Clean Code strategies for addressing dirty code and legacy issues, and how to increase output and quality of DevOps teams.
Listen now >
SecurityGuyTV
Discovering Hidden Security Issues in Code with Sonar; Deeper SAST
In this interview, Sonar CEO & co-founder Olivier Gaudin, and Sonar Head of R&D Johannes Dahse, discuss the announcement of deeper SAST and what is Clean Code.
Listen now >
CRN
20 Hottest New Cybersecurity Tools At Black Hat 2023
In this article, vendors showcasing new products are highlighted. Sonar's deeper SAST is featured at number 12.
Read more >
Help Net Security
New infosec products of the week: August 4, 2023
In this article, Help Net Security takes a look at the most interesting products from the week of August 4th, including Sonar's deeper SAST.
Read more >
VMblog
Sonar's New, Powerful Deep-Analysis Capability Finds Hidden Code Level Security Issues
Sonar announced a significant advancement of its Clean Code offering - developers can now automatically discover and fix code security issues with deeper SAST.
Read more >
SD Times
Sonar new SAST tool includes support for thousands of open-source libraries
In this article, Sonar's announcement of deeper SAST is featured. The update to the Sonar platform makes it easier for developers to write Clean Code.
Read more >
Help Net Security
Sonar's new deep-analysis capability discovers and fixes code security issues
Sonar announced a significant advancement of its Clean Code offering – developers can now automatically discover and fix code security issues arising from interactions between user source code and third-party, open-source libraries.
Read more >
The New Stack
Bad Code Stalls Developer Velocity
Sonar's Head of Developer Relations, Peter McKee, covers how a Clean as You Code approach ensures quality cod is developed quickly, without having to backtrack to remediate old errors.
Read more >
The New Stack
What is Clean Code?
Sonar VP of Product, Fabrice Bellingard, details how embracing Clean Code principles enables organizations to enhance the efficiency of their DevOps workflow.
Read more >
Security Week
OpenMeetings Flaws Allow Hackers to Hijack Instances, Execute Code on Servers
Three vulnerabilities in Apache OpenMeetings could be exploited by attackers to take over an administrator account and execute arbitrary code remotely, according to Sonar's vulnerability research team.
Read more >
Dark Reading
Meet the Finalists for the 2023 Pwnie Awards
Sonar vulnerability researchers Thomas Chauefoin and Stefan Schiller receive Pwnie Awards nominations for research on vulnerabilities in Check_mk, and the security of the PHP supply chain and Composer.
Read more >
The Cyberwire
It pays to malvertise. MOVEit vulnerability remediation. Ransomware trends. FSB cyberespionage. Influence operators taken down.
The Cyberwire Daily Briefing newsletter highlights new original research from Sonar that spotlights the millions of dollars businesses lose when they fail to implement an optimal approach for software development.
Read more >
Dark Reading
Apache OpenMeetings Wide Open to Account Takeover, Code Execution
Sonar threat researcher Stefan Schiller shares insights on the three security vulnerabilities found in Apache OpenMeetings.
Read more >
The Hacker News
Apache OpenMeetings Web Conferencing Tool Exposed to Critical Vulnerabilities
Sonar research team finds multiple security flaws in Apache OpenMeetings that could be potentially exploited to seize control of admin accounts and run malicious code on susceptible servers.
Read more >
RT Insights
In the Era of Modern Apps, Clean Code is Key to Customer Satisfaction
Sonar VP of Products, Fabrice Bellingard, shares how embracing Clean Code practices guarantees that developers can create modern apps that deliver.
Read more >
DZone
Why ORMs and Prepared Statements Can't (Always) Win
Sonar Vulnerability Researcher, Thomas Chauchefoin, writes about several SQL injection vulnerabilities discovered in Soko, a software deployed on the Gentoo Linux infrastructure.
Read more >
The Hacker News
Critical SQL Injection Flaws Expose Gentoo Soko to Remote Code Execution
Sonar research team uncovers multiple SQL injection vulnerabilities in Gentoo Soko that could lead to remote code execution (RCE) on vulnerable systems.
Read more >
Security Affairs
Critical SQL Injection flaws in Gentoo Soko can lead to Remote Code Execution
Sonar researchers identify two SQL injection vulnerabilities in Gentoo Soko that can be exploited by a remote attacker to execute arbitrary code on vulnerable systems.
Read more >
DevOps Digest
Clean Code and Software Development: Maximizing Efficiency and Maintainability in Uncertain Times
Sonar's Head of R&D, Johannes Dahse, details two ways that Clean Code can help address current challenges developers face today.
Read more >
InformationWeek
DOS Won’t Hunt: Is AI Better Than Low Code/No Code for Developers?
Sonar CEO Olivier Gaudin brings up some points to consider as generative AI becomes part of the software development cycle.
Read more >
DEVOPSdigest
Cleaning as You Code Is the Only Way to Truly Shift Left
In this article, Sonar's Head of R&D covers how to truly shift left, developers must be able to clean-as-they-code.
Read more >
SecurityWeek
Pimcore Platform Flaws Exposed Users to Code Execution
In this article, Sonar's R&D team warns that newly patched vulnerabilities in the Pimcore platform bring code execution risks.
Read more >
DZone
How the Wrong Content Type Introduced a Vulnerability in Odoo
In this article, Sonar's R&D team provides an overview of content types and how a minor error resulted in a vulnerability in Odoo.
Read more >
BuiltIn ATX
Companies Fostering a Sense of Belonging During Onboarding
BuiltIn Austin asked SonarSource, LogicMonitor, Tecovas, Episode Six and Semrush how they make new hires feel welcome.
Read more >
Agile Noir
Clean as You Code with SonarQube Server
In part three of this series for the Agile Noir podcast, Lance Kind speaks with Sonar VP of Products, Fabrice Bellingard about the importance of code quality and how SonarQube Server can help developers maintain clean code.
Read more >
DZone
Empowering Weak Primitives: File Truncation to Code Execution With Git
In this article, SonarSource's R and D team discusses how they discovered a code vulnerability that allows you to truncate arbitrary files to execute arbitrary commands.
Read more >
BuiltIn ATX
Hiring Now: Sonar Is Building a Team That’s Passionate About Clean Code
This Austin company is building out a team of tech professionals who are passionate about clean code.
Read more >
Agile Noir
SonarQube Server Helps Development Teams Clean their Code
In part two of this series for the Agile Noir podcast, Lance Kind speaks with Sonar VP of Products, Fabrice Bellingard about how SonarQube Server helps developers clean their code.
Listen Now >
Agile Noir
Why 7 million developers have their code analyzed by SonarQube Server
In part one of this series for the Agile Noir podcast, Lance Kind speaks with Sonar VP of Products, Fabrice Bellingard about why developers have their code analyzed by SonarQube Server.
Listen Now >
DZone
Malicious Message Leading To E-Commerce Takeover
In this article, Sonar's research and development team presents the root cause analysis of two Cross-Site Scripting bugs.
Read More >
Devops
Avoiding Developer Burnout With Clean Code Best Practices
Employee burnout is common in the tech industry, especially for developers. In fact, 83% of software developers feel burnt out from their work and of those, nearly half of them feel...
Read More >
CyberNews
Southwest Airlines incidents prove companies need to deal with technical debt – now
Thousands of US organizations are running on outdated software. This kind of failure to address technical debt is a recipe for a disaster – and it’s already costing trillions. Clean as You Code to the rescue.
Read More >
Website Planet
Meet SonarSource: Top-Class Solutions For Code Quality Management
Check out this interview with Manish Gupta, CMO at SonarSource, a leading provider of clean code solutions. The interview covers the company’s story, the benefits of using clean code when building websites, and what’s in the future of coders with the recent developments in AI technology.
Read More >
Venture Beat
Source Code Must Become a C-level Priority
Organizations have long realized how important their software is to their business. But they’re now fully realizing just how critical their software’s source code is. Sonar's CEO, Olivier Gaudin, explains.
Read More >
Help Net Security
SonarQube Server 9.9 LTS Empowers Organizations to Boost the Quality of Their Code
Sonar has launched SonarQube Server 9.9 Long-Term Support (LTS) that empowers organizations to achieve the Clean Code state securely and at scale.
Read More >
VM Blog
Sonar Launches SonarQube Server 9.9 LTS to Help Organizations Achieve a State of Clean Code
Sonar has launched SonarQube Server 9.9 Long-Term Support (LTS). The new release empowers organizations to achieve the Clean Code state quickly, securely, and at scale.
Read More >
Journal of Cyber Policy
Sonar Launches SonarQube Server 9.9 LTS to Help Organizations Achieve a State of Clean Code
SonarQube Server 9.9 LTS offers accelerated pull request analysis, support for building and deploying secure cloud-native applications, sophisticated enterprise-grade capabilities, and many innovations related to the detection engine and contextual education.
Read More >
DevOps Digest
SonarSource Launches SonarQube Server 9.9 LTS
Sonar’s latest 9.9 LTS release introduces key capabilities to enable enterprises to build better software in a sustained manner - with accelerated pull request analysis, support for building and deploying secure cloud-native applications, sophisticated enterprise-grade capabilities, and many innovations related to the detection engine and contextual education.
Read More >
SD Times
SonarQube Server 9.9 LTS Helps Organizations Produce Clean Code
Sonar’s release of SonarQube Server 9.9 Long-Term Support (LTS) aims to help organizations clean their code quickly with accelerated pull request analysis, support for building and deploying secure cloud-native applications, and more.
Read More >
Spiceworks
Retain Your Development Talent with The Power of Clean Code
Employee burnout is very common in the technology industry, especially for developers. However, companies can avoid developer burnout with the power of clean code practices, explains Fabrice Bellingard, VP of products at SonarSource.
Read More >
Make Use Of
What Is SonarQube Server? 5 Key Features for Programmers
Many tools and platforms are available in the programming world, and here’s one you should add to your toolbox: SonarQube Server. The following key features of SonarQube Server will help you to overcome your coding difficulties and improve your programming skills.
Read More >
App Developer Magazine
Why Sonar is Growing So Much
Announcing record growth in developer and enterprise customer adoption in FY22, Sonar has added 5,000 paying customers in 11 months, supporting 21,000 enterprise customers including over 75% of Fortune 100 and nearly half of Fortune 500 companies.
Read More >
CPO Magazine
Protect Developer Tools Against Growing Vulnerability Threat
Over the past couple of years, developers have been increasingly targeted by attackers, with dozens of events occurring. These bad actors are targeting devs with the tools they depend on to build code.
Read More >
The Empathetic Marketer
[Podcast] Increasing Audience Reach Using Effective Marketing Strategies with Manish Gupta
Listen as Manish Gupta, Chief Marketing Officer at Sonar, talks about creating intent-based campaigns to get your message across to audiences that are increasingly sensitive to overused marketing ploys.
Listen Now >
Techstrong
[Video] Critical Vulnerabilities in the IT Monitoring Tool
Watch as Stefan Schiller, a vulnerability researcher at SonarSource, explains how SonarSource determined an attacker can escalate to the Checkmk automation user by exploiting an authenticated arbitrary file read in NagVis.
Read More >
Devopsdigest
2023 DevOps Predictions - Part 3
Industry experts offer thoughtful, insightful, and often controversial predictions on how DevOps and related technologies will evolve and impact business in 2023 - including source code as a key strategic asset.
Read More >
The New Stack
Interest Growing in Dart and Flutter for Mobile
Dart and Flutter are finally getting their day as more software engineers explore using Flutter for mobile app development.
Read More >
Enterprise Security Tech
Exec Threat Overview: CVE-2022-30129
Johannes Dahse, Head of R&D at Sonar, explains a Remote Code Execution vulnerability (CVE-2022-30129) that was discovered in one of the most popular IDEs: Visual Studio Code.
Read More >
Console.Dev
Interview with Olivier Gaudin
CEO of Sonar, Olivier Gaudin, speaks to console.dev about getting into software, the beginnings of Sonar, the company structure, development challenges, tools, clean code, and more!
Read More >
Computer Weekly
SonarSource: Google’s Carbon language is a successor, not a replacement, for C++
Phil Nash explains that, despite popular belief, Google’s open source Carbon programming language is not a strict replacement for C++. The important distinction is that it is intended to be used alongside C++.
Read More >
DZone
JavaOne 2022: Java Continues to Evolve
The Java development team looks at the evolution of hardware and software to innovate and maintain its relationships with the developer community, and insights from the 2022 JavaOne conference.
Read More >
BetaNews
[Q&A] How Clean Code Can Help Developers Prevent Vulnerabilities
Every year, thousands of code vulnerabilities are discovered, patched, and publicly disclosed to improve security for current and potential users. What can developers do to write better code that prevents vulnerabilities from entering their apps and services in the first place?
Read More >
Techstrong
[Video] C++ and the Carbon Programming Language
Watch as Phil Nash, one of the original authors of the C++ test framework and a software engineer for SonarSource, explains how the Carbon programming language created by Google intertwines with C++
Read More >
CRN
Sonar expands the Clean Code movement to Asia Pacific
The leading platform for Clean Code will grow its user community and customer base across the entire region including ASEAN, ANZ, South Korea, China, and India.
Read More >
Dev Insider
[German] 10 unbekannte Sicherheitslücken in Python
Viele Entwickler nutzen Python und vertrauen darauf, dass es einen soliden Security-Level bietet.
Read More >
Bleeping Computer
Zimbra Bug Allows Stealing Email Logins with No User Interaction
Technical details have emerged on a high-severity vulnerability affecting certain versions of the Zimbra email solution that hackers could exploit to steal logins without authentication or user interaction.
Read More >
TechZone360
5 Development Tools Every Tech Engineer Should Have Access To
As a tech engineer, it is vital to have access to the right tools so you can create innovative products that make our lives easier. This blog post will discuss five development tools that every tech engineer should access!
Read More >
Techcrunch
Sonar raises $412M to scan codebases for bugs and vulnerabilities
Sonar, whose technology detects reliability and vulnerability issues in code, announced a funding round leading to a $4.7 billion valuation.
Read More >
Reuters
Coding platform Sonar valued at $4.7 bln after latest funding
Sonar intends to use the funds to double its salesforce this year and expand the company's marketing team across its international offices...
Read More >
MA RTS
[French] La start-up genevoise Sonar lève 412 millions et devient "quadruple licorne"
L'entreprise informatique genevoise Sonar a annoncé une capitalisation de 4,7 milliards de dollars, avec l'arrivée de nouveaux investisseurs américains.
Read More >
Austin American-Statesman
Software company has big plans for Austin, aims to double employee count
Sonar, which operates its U.S. headquarters in Austin, says it is gearing up for growth in Austin after landing a significant infusion of capital...
Read More >
SecurityWeek
CISA Warns of Attacks Exploiting Recent Vulnerabilities in Zabbix Monitoring Tool
The United States Cybersecurity and Infrastructure Security Agency (CISA) this week expanded its Known Exploited Vulnerabilities Catalog with two critical flaws in the Zabbix enterprise monitoring solution.
Read More >
The Record
Unpatched bug allows takeover of Horde webmail accounts, servers
Discovered by Sonar vulnerability researcher Simon Scannell, the vulnerability has existed in the Horde webmail app since late 2012...
Read More >