Sonar's latest blog posts
Welcoming Gitar to Sonar
Sonar has acquired Gitar, adding a new, critical layer to its multilayer, zero-trust code verification platform. Gitar is an AI code review solution, and it doesn’t just flag issues; it also generates the fix, validates it against the CI, and commits to the branch.
Category
Now available: SonarQube plugin for Cursor
Learn how the SonarQube plugin for Cursor brings code quality coverage insights and security checks directly into agent workflows.
Read article >
Now available: SonarQube plugin for Codex
Learn how the SonarQube plugin for Codex adds real time code quality, security checks, and issue remediation directly into AI coding workflows.
Read article >
Get new blog posts delivered directly to your inbox!
Stay up-to-date with the latest Sonar content. Subscribe now to receive the latest blog articles.
Announcing Advanced Security for SonarQube Cloud Team plan
SonarQube Cloud Team plan now includes Advanced Security with SCA, malware detection, and dependency analysis to help teams reduce supply chain risk.
Read article >
AI is writing more of your Terraform
Learn how AI generated Terraform introduces security risks and how SonarQube helps detect misconfigurations before they reach production.
Read article >
What NIST should know when updating the SSDF for AI
Learn how AI changes secure software development and why NIST should update the SSDF for verification, review, and supply chain risk.
Read article >