Code security
What is secrets detection?
Secrets detection is the crucial process of identifying and flagging credentials and sensitive information that have been inadvertently committed or introduced into source code and configuration files.
Learn more >
Beyond repository based secrets scanning
Effective secrets scanning and detection is about prevention, not just discovery. The moment a secret reaches a Git repository, your organization has already entered a cycle of costly remediation.
Learn more >
Avoid the trojan horse in your pom.xml: SonarQube Advanced Security (Part 3)
In this guide, we show how SonarQube Advanced Security helps you identify and neutralize these hidden threats before they reach production.
Learn more >
Common vulnerabilities and exposures in software development
A Common Vulnerabilities and Exposures (CVE) entry is a unique identifier assigned to a publicly known cybersecurity vulnerability in software or firmware.
Learn more >
What is SCA scanning?
Software Composition Analysis (SCA) is an automated process used in software development to identify, analyze, and manage open source components within an application.
Learn more >