We are happy to announce the rollout of our new rules format which helps you quickly and efficiently fix vulnerabilities in your code. This new format focuses on giving you the what, why and how (to fix) info around the issue so you can fix it and learn some new tricks for your developer toolkit!

• Get step-by-step instructions with just the information you need right now, in context, to solve the issue fast
• Dig into in-depth, educational and contextualized guidance to avoid similar issues in future
• Learn about and understand new vulnerability types

…all in the same tool and workflow you are already using every day. 

We have started with the top 15 security vulnerabilities - more to come soon! Learn more

Make the most of the C++20's `std::format` feature! Use SonarQube Cloud's static analysis which now includes 13 coding rules dedicated to this feature. Learn more

Set your analysis up in seconds by adding a few lines to your pipeline configuration! A new GitHub action has been released to analyze your C, C++, and Objective-C code. Learn more

Analyze the inline JavaSript and TypeScript code inside YAML for AWS::Lambda::Function and AWS::Serverless::Function and get your AWS CDK code more secure! Learn more

Access to the wrong list or the wrong dictionary will make your application crash with KeyError or IndexError exceptions. SonarQube Cloud will now help you prevent such a case.  Learn more

Identify Encryption at Rest and at Transit problems in your code when using Python with the AWS Cloud Development Kit. Also, support for domains such as Public Access, Network, Firewall, Permission, and Access Control is coming soon. Learn more