Newsroom

Coverage

SONAR COVERAGE

The latest in clean code coverage

News articles covering Sonar, Clean Code, research from the Sonar R&D team, Sonar executive perspective, and more

INC.

4 Leadership Lessons From a $200 Million, Fast-Growing, Profitable Startup

Adapt your business model to scarce capital, build on your strengths, and overcome your weaknesses.

Read more
a man stands around a table with colleagues while he emphasizes his point by holding and pointing with his glasses. His coworkers feign interest.
The New Stack

Encoding Differentials: Why Charset Matters

Sonar Vulnerability Researcher details why charset differentials matter when it comes to security.

Read now >

DEVOPSdigest

Sonar Acquires Structure101

Sonar acquired Structure101 to further the company's promise of enabling all developers and organizations to improve the quality and security of their code, whether AI-generated or human-written.

Read now >

DEVOPSdigest

Sonar Releases SonarQube 10.7

Sonar released SonarQube 10.7 with AI-driven features and expanded support for new and existing languages and frameworks.

Read now >

HostingAdvice.com

The Ultimate Guide to Writing Software Without Losing Your Mind

With Sonar's suite of solutions, developers can ensure they deliver high-quality code that is reliable, maintainable, and secure.

Read now >

Back End News

GenAI transforms software development but keeps human coders essential

Sonar's Marcus Low, GM & VP of APJ, shares his insights around how generative AI is impacting software development.

Read now >

ETCIO SEA

AI's Impact on Software Development: Prioritise Code Quality and Security

How can companies accelerate software development and coding capabilities while ensuring quality, secure code? Sonar's GM & VP of APJ, Marcus Low, shares how adopting a "start left" approach can help.

Read now >

InfoRisk Today

Sonar Adds Code Architecture Insights With Structure101 Buy

Sonar acquires Structure101 to help address structural design problems that affect long-term maintainability of software for organizations.

Read now >

DBTA

Sonar Boosts Code Reliability, Maintainability, and Security with Latest Acquisition

Sonar announces the acquisition of Structure101, a pioneer in code structure analysis, to enhance its offering with the identification of potential structural issues as code is written.

Read now >

FutureCIO

Sonar released new product capabilities to support software development

Designed to support better software development in the age of AI, Sonar introduces AI Code Assurance and AI CodeFix.

Read now >

ComputerWeekly

Sonar: AI-assisted code or not, developers must ‘start left’

As the software landscape continues to evolve, how can companies ensure that their code is clean, secure, and without bugs? Manish Kapur, Sr. Director of Product & Solutions, writes about the need to 'start left'.

Read now >

The New Stack

Deno 2.0, Angular Updates, Anthropic for Devs, and More

Sonar's announcement of new capabilities, AI Code Assurance and AI CodeFix, mentioned in weekly news roundup for helping to address growing code accountability issue.

Read now >

CIO.com

6 enterprise DevOps mistakes to avoid

DevOps success in complex enterprise environments can be elusive. Sonar's CIO, Andrea Malagodi, shares his perspective on this, with the increased use of genAI.

Read now >

ComputerWeekly

Sonar: AI-assisted code or not, developers must ‘start left’

More code is being written, but how can companies ensure that it is clean, secure and without bugs? Sonar's Manish Kapur writes about taking 'shift left' a step further, to 'start left'.

Read now >

FutureCIO

Sonar released new product capabilities to support software development

Sonar launched two new product capabilities, Sonar AI Code Assurance and Sonar AI CodeFix, designed to support better software development.

Read now >

Wall Street Journal

California’s AI Safety Bill Is Dead, but the Regulation Debate Lives On

Sonar CIO, Andrea Malagodi, provides perspective that there is to be reasonable friction expected between innovation and safety with generative AI.

Read now >

Enterprise AI World

Sonar Introduces New Capabilities to Improve the Quality of AI-Generated Code

Sonar introduces AI Code Assurance to help organizations ensure the quality of genAI code and AI CodeFix to enable developers to seamlessly resolve issues detected by Sonar's code analysis engine with a single click.

Read now >

SecurityBoulevard

Announcing Sonar Support for Dart: Elevate Your Code Quality

Sonar provides new support for the Dart programming language, empowering Dart developers to build mobile apps with Flutter or web applications.

Read now >

Built In

Hiring in Austin: 4 Teams Who Value Learning and Growing Together

Lauren Janetatos, Director of Learning, Growth and Culture at Sonar, shares her perspective on company culture and why she defines it as "driven".

Read now >

RT Insights

Real-time Analytics News for the Week Ending October 5

Acknowledgment of Sonar's announcement of new capabilities, AI Code Assurance and AI CodeFix, for SonarQube Server to ensure quality, secure code.

Read now >

SecurityBoulevard

SonarQube Server 10.7 Release Announcement

Sonar releases SonarQube Server 10.7 with new AI capabilities, STIG and CASA security reports, early access for Dart language rules, new PyTorch Library and Jupyter Notebooks support, and more.

Read now >

Marktechpost

Top 20 Code Review Tools for Software Developers

SonarQube Server is listed as a top solution for its continuous inspection of code quality, with support for over 30 programming languages.

Read now >

ChannelE2E

Channel Brief: Salesforce Launches Tableau Einstein Alliance, Reltio Intros New Partner Program

Sonar adds two new AI-driven clean code features to improve the quality of code produced by generative AI and enhance its offering with AI to deliver a better developer experience, respectively.

Read now >

insideAI News

Sonar to Improve the Quality of AI-Generated Code, Provide Automated Fix Recommendations

With Sonar's new capability AI Code Assurance, organizations ensure that AI written code receives the high level of quality and security review that you would expect from your developers.

Read now >

aiTechPark

Sonar announced two new product capabilities

Sonar AI Code Assurance and Sonar AI CodeFix deepen the company's commitment to the delivery of high-quality, secure code and increasing developer productivity.

Read now >

DEVOPSdigest

Sonar Introduces AI Code Assurance and AI CodeFix

New capabilities available in SonarQube Server, Sonar AI Code Assurance and Sonar AI CodeFix, improve the quality of code produced by genAI and enhance Sonar’s offering with AI to deliver better DevEx, respectively.

Read now >

Unite.AI

Sonar Unveils AI Code Assurance and AI CodeFix: Elevating Security and Productivity for AI-Generated Code

Sonar has unveiled two new capabilities for SonarQube Server — AI Code Assurance and AI CodeFix — designed to help organizations safely harness the power of AI coding assistants.

Read now >

AiThroity

Sonar to Improve the Quality of AI-Generated Code, Provide Automated Fix Recommendations

Sonar announces two new product capabilities for today’s AI-driven software development ecosystem, AI Code Assurance and AI CodeFix.

Read now >

BetaNews

New tools help ensure quality of AI-generated code

Sonar releases AI Code Assurance and AI CodeFix, deepening the company's commitment to improving DevEx and increasing productivity to support the delivery of better code.

Read now >

DevOps.com

Sonar Adds AI Tools to Identify Issues and Fix Code Created by Machines and Humans

Sonar launches AI Code Assurance to analyze issues in code generated by coding assistants, and AI CodeFix to provide AI-powered resolution recommendation for flagged code.

Read now >

World of Software

Sonar now inspects AI-generated code for glitches – News

Sonar addresses the rapidly growing market for AI code assistants by launching AI Code Assurance for inspecting genAI code and AI CodeFix for solution suggestions to flagged issues.

Read now >

SiliconANGLE

Sonar now inspects AI-generated code for glitches

Sonar launches two new capabilities respecitively for SonarQube Server – AI Code Assurance and AI CodeFix – to ensure quality, secure code whether AI-generated or written by developers.

Read now >

Newsweek

Global Most Loved Workplaces® 2024

Newsweek, per a partnership with the Best Practices Institute, acknowledges the top 100 most loved global companies, including Sonar.

Read now >

ChannelE2E

Sonar’s Jim DeCarlo: ‘Less Complexity, More Profitability’

Sonar VP of Channel for the Americas, Jim DeCarlo, shares insights on the channel and how partners are well positioned to support customers that are integrating genAI.

Read now >

TechTarget

8 KPIs to reduce technical debt

How can project stakeholders and IT leaders manage and reduce technical debt? Setting KPIs and having the right tools, like SonarQube Server, to assess and measure are critical.

Read now >

BetaNews

It’s time to treat software -- and its code -- as a critical business asset

The cost of bad code is enormous and leaders must consider its impact on their business success, particularly with the rise of AI coding assistants.

Read now >

SD Times

Dirty code still runs, and that’s not a good thing

Sonar VP of Product, Fabrice Bellingard, covers how the right testing and analysis ensures a solid software foundation of quality, secure code.

Read now >

TechRepublic

Two-Thirds of Security Leaders Consider Banning AI-Generated Code, Report Finds

AI coding assistants help improve developer experience and productivity, but organizations still need to ensure proper security checks to prevent issues and outages.

Read now >

TechRepublic

AI-Generated Code is Causing Outages and Security Issues in Businesses

Sonar CEO, Tariq Shaukat, shares insights on AI code reviews, why verifying AI-generated code is critical, and the need for business leaders to take this seriously.

Read now >

The "Dear Future CRO" Podcast

From Developer to Sales Leader: Lynne Doherty's Unconventional Path to Success

Sonar's President of Field Operations chats about her career from developer to sales leader and how she advocates for creative disruption and accountability.

Read now >

ComputerWeekly

How Sonar is elevating code quality in the age of AI

Expanding into the Asian market, Sonar’s code quality platform helps developers maintain secure, high-quality code amid the rise of AI-based coding assistants.

Read now >

The New Stack

Take the ‘Shift Left’ Approach a Step Further by ‘Starting Left’

Performing analysis and code reviews earlier in development is a popular mindset, but it should be to “start left,” not impose the burden later on.

Read now >

TechRound

Top 7 Unicorns in Switzerland

Sonar is named a top unicorn in Switzerland

Read now >

McKinsey

The gen AI skills revolution: Rethinking your talent strategy

The skills and practices needed for software teams to succeed are changing with AI. Having the right tools in place, such as SonarQube Server, is critical for reducing potential risk.

Read now >

GovInfo Security

SQL Injection: A High-Value Target for Attackers

Sonar Vulnerability Researcher Paul Gerste sits down with ISMG's Michael Novinson on the need for developer training to combat SQL injection.

Read now >

Dev Interrupted Podcast

Finding the Best Gen AI Use Case for Your Dev Team

Host Dan Lines sits down with Sonar's VP of Developer Relations and Community to discuss benefits and risks associated with GenAI and how impactful it is for junior and senior developers.

Read now >

The New Stack

Level Up Your Software Quality With Static Code Analysis

How can companies have confidence in their software? Sonar's Robert Curlee details how to level up code development with static code analysis.

Read now >

InformationWeek

3 Ways Organizations Can Measure and Monitor the Impact of AI

Sonar CIO, Andrea Malagodi, writes about the need for organizations to understand how AI is contributing to workflows and their business.

Read now >

Cyber Security News

10 Best Code Security Tools in 2024

Sonar's solution, SonarQube Server, is ranked at two out of 10 for best code security tools of the year.

Read now >

Built In

44 Top Tech Companies in Texas You Should Know

Sonar is recognized as a top tech company in Texas, by Built In, for its innovation and growth.

Read now >

DevOps Tool Chain Podcast

Leveraging AI for Secure DevOps

Sonar VP of Developer Relations and Community talks about how to achieve secure, quality code whether generated by AI or written by developers.

Read now >

The Wall Street Journal

Why AI Risks Are Keeping Board Members Up at Night

Sonar CEO Tariq Shaukat shares how it's critical to understand AI

Read now >

Continuous Delivery Podcast

Empowered Developers Write Clean Code, Tom Howlett, Head of Product at Sonar

Tom Howlett, Head of Product Management at Sonar, discusses the idea of 'start left', AI in software development, static code analysis, and more.

Read now >

Built In

80 Software Companies in Austin You Should Know

Sonar receives acknowledgment as an Austin software company 'to know' for its developer-centric solution that enables quality and secure code development.

Read now >

Forbes

Successful CEOs Lead To Serve

Sonar founder Olivier Gaudin shares his perspective on why its critical that your mission aligns with the community you serve.

Read now >

Help Net Security

Roundcube flaws allow easy email account compromise (CVE-2024-42009, CVE-2024-42008)

Sonar vulnerability researcher Oskar Zeino-Mahmalat shares his insights on two cross-site scripting vulnerabilities affecting Roundcube that could be exploited by attackers.

Read now >

Tech Coffee House

Sonar Launches New SonarQube Cloud Plans to Empower Developers with Clean Code Solutions

Sonar expands its SonarQube Cloud offering with the introduction of two new plans: SonarQube Cloud Enterprise and SonarQube Cloud Team; fully managed SaaS solutions to enhance the quality and security of code.

Read now >

The SalesStar Podcast

Episode 208: B2B revenue and GTM practices with Lynne Doherty, President of Field Operations at Sonar

Lynne Doherty, President of Field Operations at Sonar, joins the SalesStar podcast in this episode to chat about a few proven B2B revenue and GTM practices.

Read now >

Built In

22 DevOps Companies to Know

Sonar is ranked among Built In's list of top 22 DevOps companies to know.

Read now >

InformationWeek

Should Today’s Developers Be More or Less Specialized?

Sonar CIO Andrea Malagodi comments on how having a broader skillset can be an advantage in building a software development career.

Read now >

DEVOPSdigest

Sonar Introduces SonarQube Cloud Enterprise and Team Plans

New SonarQube Cloud plans ensure developer teams can leverage it as their needs grow, to continuously reduce risk exposure at all levels and sustain software performance, growing business through systematic development and delivery.

Read now >

Security Boulevard

Now Introducing, SonarQube Cloud Enterprise and SonarQube Cloud Team

Sonar launches Enterprise and Team plans for its SaaS offering SonarQube Cloud, empowering development teams of all sizes to deliver Clean Code with confidence.

Read now >

Expert Insights

The Top 10 Application Security Testing Solutions

Sonar is listed as a top 10 solution for its ability to enhance readability of both AI-generated and human-written code, as well as its integration capabilities.

Read now >

InfoWorld

How to choose the right low-code, no-code, or process automation platform

Sonar's VP of Developer Relations and Community comments on using low- or no-code platforms for software development.

Read now >

DZone

AI vs. Human: Who Detects Bugs Better?

SonarQube Server is noted as a popular solution to detect bugs in AI-generated code with its static code analysis capabilities.

Read now >

The New Stack

Back to the Basics: Understanding Source Code

Sonar Product Manager, Robert Curlee, covers the importance of quality, secure code and the logic and design patterns of coding principles.

Read now >

CIO

5 IT risks CIOs should be paranoid about

Sonar's CIO, Andera Malagodi, comments on how AI risks can worsen the problem of bad code by not prioritizing quality.

Read now >

Software Engineering Daily

C++ Static Analysis with Abbas Sabra

Sonar Principal Engineer Abbas Sabra talks with the host of Software Engineering Daily about static code analysis and C++ and new Sonar features such as auto-configuration.

Read now >

InformationWeek

Is GenAI an Existential Risk to Low Code/No Code?

Sonar's VP of Developer Relations and Community comments on the power of LLMs and Artificial General Intelligence (AGI).

Read now >

Built In

What Is an Integrated Development Environment (IDE)?

Sonar Developer Advocate Quazi Nafiul takes it back to basics, covering what is an IDE and how to pick the right one.

Read now >

The Hacker News

Critical Unpatched Flaws Disclosed in Popular Gogs Open-Source Git Service

Sonar Vulnerability Research team unveils four discovered security flaws in Gogs that could permit an attacker to execute arbitrary commands.

Read now >

SC Media

Gogs vulnerabilities may put your source code at risk

While analyzing the Gogs for self-hosting source code, Sonar Vulnerability Research team discovered four flaws that could enable attackers to steal, modify or delete valuable source code.

Read now >

The New Stack

5 Clean Code Tips for Reducing Complexity

Sonar product manager John Clifton covers how reducing cognitive complexity is key to helping write secure, maintainable, and reliable code.

Read now >

The Channel Pro Network

Channel Career Tracker: Q2 2024

Sonar's President of Field Operations, Lynne Doherty, is highlighted among other channel industry leaders, noted for her outstanding record leading high-performing GTM organizations.

Read now >

Built In

40 Software Companies in London to Know

Sonar is noted by Built In as a London software company that's driving progress across industries.

Read now >

Security Boulevard

The True Cost of Bad Code in Software Development

How does bad code impact organizations and how can it be overcome? Proactive measures and the right solutions, such as SonarQube Server.

Read now >

The New Stack

Technical Debt Continues To Mount – Here’s How To Solve It

How can technical debt be addressed? With a culture of clean code – promote continuous improvement that streamlines workflows and gives stakeholders insight to make informed decisions.

Read now >

Security Boulevard

SonarQube Server 10.6 Release Announcement

SonarQube Server 10.6 release includes significant changes such as autoscaling in Kubernetes, C and C++ projects are auto-configurable, the ability to run the solution in a FIPS-enforced environment, and more.

Read now >

Built In

21 Tech Companies in Singapore to Know

Built In recognizes Sonar as a prominent company in Singapore, along with other well-known companies, such as Amazon and Razer.

Read now >

InformationWeek

Delving Into the Risks and Rewards of the Open-Source Ecosystem

Open source software fuels the digital world, but how can enterprises manage its risks? Sonar Developer Advocate comments on how open source technologies are the foundations of the digital world.

Read now >

SC Media

Arbitrary code execution likely with Mailcow vulnerabilities

Two medium-severity vulnerabilities were found in Mailcow by Sonar's Vulnerability Research team.

Read now >

The Hacker News

Mailcow Mail Server Flaws Expose Servers to Remote Code Execution

Sonar Vulnerability Research team discovers two security vulnerabilities in the Mailcow open source mail server suite that could be exploited by malicious actors.

Read now >

TechStrong.ai

AI Leadership Insights: Clean Code

Sonar Head of Developer Relations and Community shares insight around the value of Clean Code in the age of AI.

Read now >

TechZine

Sonar developer lead: Programming past the pitfalls with AI-generated code

Sonar Head of Developer Relations and Community discusses how AI can unlock developer bandwidth, but only when generated code is properly checked.

Read now >

Cloud Native Now

Docker Survey Surfaces Complex Application Development Landscape

Survey by Docker finds that SonarQube Server is one of the most widely used security tools for application development.

Read now >

SDxCentral

Sonar and AWS Expand Collaboration to Drive Adoption of Clean Code Practices

Sonar has furthered its AWS partnership with the integration of SonarQube Cloud to Amazon Code Catalyst, in addition to achieving AWS FTR certification.

Read now >

SD Times

SonarQube Cloud integrates with Amazon CodeCatalyst to promote Clean Code practices

SonarQube Cloud is integrated with Amazon CodeCatalyst to help improve the development process for cloud-based applications.

Read now >

InfoWorld

Advanced CI/CD: 6 steps to better CI/CD pipelines

Sonar Head of Developer Relations and Community comments on the need to combine unit testing and static code analysis for better DevOps.

Read now >

CIOReview

Sonar Delivers Clean Code Solution SonarQube Server Through Google Cloud Marketplace

Sonar makes its self-managed solution SonarQube Server available on Google Cloud marketplace, enabling companies to accelerate DevOps transformation in the cloud and more.

Read now >

DEVOPSdigest

SonarQube Server Now Available on Google Cloud Marketplace

SonarQube Server is now available on Google Cloud Marketplace, enabling organizations to accelerate DevOps, modernize software development workflows, and deliver higher-quality, secure applications.

Read now >

Tech World with Milan

Enabling High-Quality Code in .NET

SonarQube Server is listed as a go-to tool for ensuring high-quality code.

Read now >

Built In

Sonar Makes SonarQube Server Available on Google Cloud Marketplace

SonarQube Server becomes available on Google Cloud Marketplace to support developers in their pursuit of continuous Clean Code, whether human-written or AI-generated.

Read now >

Built In

20 Featured Companies Moving Ahead in 2024

Recent Sonar updates are highlighted, including SonarQube Server 10.5 and being involved in the Department of Commerce consortium on AI safety.

Read now >

ChannelE2E

Sonar Puts Focus on Channel with New Executive

Sonar President of Field Operations, Lynne Doherty, talks about Sonar's shift from product-led growth to GTM.

Read now >

CMSwire

Can Traditional Web Development Survive AI?

Sonar Head of Developer Relations & Community, Peter McKee, comments on the impact of genAI in web development.

Read now >

Security Boulevard

Sonar Named Leader in G2 Spring Report

Sonar receives recognition as a LEADER in Static Code Analysis by G2.

Read now >

Built In

25 Companies Hiring Software Engineers

Sonar is featured for the number of engineering job openings in several departments.

Read now >

InfoWorld

12 principles for improving devsecops

Sonar Head of Developer Relations and Community, Peter McKee, comments on why developers should integrate static code analysis into their workflow to bolster QA efforts.

Read now >

CIOReview

Sonar: The Clean Code Leader

Sonar's CIO, Andrea Malagodi, discusses Sonar's philosophy and its Clean Code methodology.

Read now >

The New Stack

Spring Framework Has Three Major Pitfalls — Here’s What To Do

Jonathan Vila, Sonar Developer Advocate, covers Spring features that aid in the development process, and why it’s vital to understand the framework's limitations and drawbacks.

Read now >

SC Media

Why quality source code has become more important than ever in the AI era

Harry Wang, Sonar's VP of Strategic Partnerships, writes about how companies can ensure their software adheres to new standards and legal requirements by looking closely at their source code.

Read now >

Corporate Board Magazine

What To Ask About AI

Tariq Shaukat, co-CEO of Sonar, shares his views on AI and the need for companies to have acceptable use-case policies.

Read now >

Austin Monthly

Austin Is Becoming a Major Player in AI Innovation and Regulation

Sonar co-CEO, Tariq Shaukat, is quoted on the importance of putting gaurdrails around AI without stifling innovation.

Read now >

InfoWorld

10 principles for creating a great developer experience

Sonar Developer Advocate Jonathan Vila comments on the necessity of checking code generated by AI before adding it to repositories to ensure the best value is extracted from AI without compromising the codebase.

Read now >

The New Stack

7 Tips for Fostering Stronger Communication in Outsourced Projects

Sonar's Liz Ryan writes about the importance of proper communication in projects and seven key approaches teams can take.

Read now >

L'Agefi

Lynne Doherty nommée responsable des opérations chez Sonar

Lynne Doherty joins Sonar as President of Field Operations.

Read now >

Built In

Sonar Appoints New President of Field Operations

Lynne Doherty is interviewed about her role as Sonar's President of Field Operations.

Read now >

Channel Futures

Sumo Logic Vet Hits 'Job Lottery' with Role at Sonar

Sonar's President of Field Operations, Lynne Doherty, discusses her plans in her role and how joining the Clean Code leader is a 'full circle' moment for her having started her career as a developer.

Read now >

The New Stack

Preventing Scope Creep: Guide for Managing Outsourced Teams

Strategies businesses can use to prevent scope creep and achieve success for all parties involved.

Read now >

Built In

Leadership Transitions Have Huge Impact on Long-Term Productivity. Here’s How Two Austin Companies are Navigating the Change.

Sonar's CHRO, Clarissa O'Connell, talks about her role and how she's supporting the company in its mission to change the development world.

Read now >

InformationWeek

How Developers of All Skill Levels Can Best Leverage AI

Sonar's Head of Developer Relations and Community writes about the need to use coding assistants wisely, being mindful of skill level.

Read now >

HR Executive

The HR strategies this tech CHRO says will drive global growth

Sonar's CHRO, Clarissa O'Connell, shares how she leads her team and is revamping how HR is done.

Read now >

Built In

63 Cloud Companies You Should Know

Sonar is listed as a cloud company to know.

Read now >

The New Stack

How Generative AI Coding Assistants Increase Developer Velocity

Sonar's Manish Kapur covers how generative AI coding assistants have the power to transform the development process when used correctly with a Clean Code approach.

Read now >

IEEE Spectrum

AI Coding Is Going From Copilot to Autopilot

Sonar Developer Advocate comments on generative AI coding assistants and the benefits they can bring to developers.

Read now >

The New Stack

AI Code Generation: 6 FAQs for Developers

AI code generation is useful, but what's the catch? Sonar's Manish Kapur writes on this and the need for static code analysis.

Read now >

InfoWorld

Avoiding the dangers of AI-generated code

Sonar Developer Advocate discusses generative AI and the importance of ensuring that all code is analyzed, tested, and reviewed.

Read now >

The New Stack

How to Prevent Secrets from Creeping into Code

In this article, Sonar's Robert Curlee shares why its best to catch secrets at the very beginning of the development workflow (in the IDE), and how Sonar can help.

Read now >

Forbes

Using GenAI For Coding? How To Leverage It Wisely And Well

In this article, Sonar founder and co-CEO Olivier Gaudin gives his thoughts on why AI-generated code must be given the same scrutiny as human-written code.

Read now >

Techopedia

CISA’s Attestation Form: What Software Suppliers Can Do to Meet Compliance

In this article, Sonar VP of Strategic Partnerships and other industry leaders share their perspectives on the new attestation form for software suppliers introduced by CISA.

Read now >

CIO.com

How CIOs navigate generative AI in the enterprise

In this article, Sonar CIO Andrea Malagodi shares his perspective on AI - alongside other industry leaders - saying how CIOs and CTOs must take the necessary steps to ensure AI-generated code is clean.

Read now >

DZone

The Cost of Ignoring Static Code Analysis

Peter McKee, Sonar Head of Developer Relations & Community, shares why unit testing and static code analysis together play a vital role in creating quality software.

Read now >

Corporate Board Member

Get Your People AI Ready: 3 Key Ideas

In this article, highlights are shared from the Directors Forum in Dallas with speakers, Tariq Shaukat, Sonar co-CEO, and Florin Rotar, Chief AI Officer of Avanade.

Read now >

Beta News

How clean code can bridge the developer and security divide

Stefan Schiller, Sonar Vulnerability Researcher, details how marrying a “shift left” mentality with the “Clean as You Code” methodology can better satisfy demands on developers and SecOps alike to both work faster, ship more features, and address security issues.

Read now >

The New Stack

How Static Analysis Can Save Your Software

How using static analysis, especially in C++ projects, can help your team achieve success and ensure top quality software.

Read now >

Techopedia

Pros & Cons of AI Coding Assistants: Speed vs Quality

Peter McKee, Sonar Head of Developer Relations & Community, suggests developers may need to introduce code-scanning tools into their development journey to mitigate potential GenAI coding errors.

Read now >

Financial Times

FT 1000: the eighth annual ranking of Europe’s fastest-growing companies

Sonar receives inclusion in the Financial Times 1,000, which highlights Europe-based companies showing the strongest revenue growth over a three-year period.

Read now >

Forbes

How We’ll Be Interacting With AI As It Takes On More Work

Sonar Head of Developer Relations & Community, Peter McKee, shares his perspective about how AI is an "under-the-covers knowledge foundation."

Read now >

The New Stack

5 Risks of Outsourcing Development and How to Avoid Them

A look at some of the most significant outsourcing-based pitfalls and how companies can best mitigate them to continue producing high-quality, business-critical software at top speed and lower cost.

Read now >

Dark Reading

Joomla XSS Bugs Open Millions of Websites to RCE

Sonar Vulnerability Research Team discovered that one fundamental flaw, tracked as CVE-2024-21726, is at the heart of the issues affecting Joomla's core filter component.

Read now >

Reworked

Managers Need to Get Better at Discussing Employee Well-Being. Here's How

Sonar's CHRO, Clarissa O'Connell, shares her perspective on how middle managers can be supported with the right tools and resources in place.

Read now >

The New Stack

Unraveling the Costs of Bad Code in Software Development

Sonar's Liz Ryan shares that, while the consequences of bad code can’t be underestimated, they must be mitigated to ensure business success.

Read now >

DevOps.com

Software Development in the Age of AI: How to Balance Quality and Speed

As AI code generators gain popularity, Sonar's Peter McKee covers how companies have to put safeguards in place to harness the technology, for boosting productivity and quality outputs.

Read now >

SD Times

The Importance of Prevention: How Shifting Left, Static Analysis and Unit Testing Create Better Code Quality

Sonar Head of Developer Relations & Community, Peter McKee, shares how developer teams must take a shift-left on quality approach, employing both unit testing and static analysis.

Read now >

The Tech Trek

Software is Eating the World and AI is Accelerating It

In this Tech Trek podcast episode, Tariq Shaukat, co-CEO at Sonar, is interviewed about the impact of software and AI on companies.

Listen now >

Security Boulevard

Write cleaner React code with SonarQube Server 10.4

SonarQube Server 10.4 was recently released and, between 10.3 and 10.4, 48 new rules and one updated rule were released to help write clean code in React applications.

Read now >

InfoWorld

10 ways generative AI will transform software development

Peter McKee, Sonar Head of Developer Relations & Community, shares how a Clean as You Code approach ensures quality AI-generated code.

Read now >

BuiltIn Austin

US AI Safety Institute Consortium Established to Ensure Safe AI Innovation

Sonar joins over 200 AI stakeholders to support the development and deployment of safe, trustworthy AI.

Read now >

BuiltIn Austin

56 Software Companies in Austin You Should Know

Sonar is highlighted for its strides in enabling companies to develop Clean Code with its solutions SonarQube for IDE, SonarQube Server, and SonarQube Cloud.

Read now >

Austin Business Journal

Austin tech companies made 20-plus key hires in January

New Sonar CHRO, Clarissa O'Connell, is featured amongst other hires at top Austin-based companies.

Read now >

Bilanz

These young Swiss companies are just taking off

Sonar is highlighted amongst other Switzerland based scale-ups for its successful growth as the Clean Code market leader.

Read now >

The New Stack

The Trouble with Nesting Ternaries in JavaScript

Sonar Developer Advocate and JavaScript expert, Phil Nash, covers why nesting ternaries is an issue and what developers can do to eliminate the practice to produce Clean Code.

Read now >

The New Stack

7 Java Mistakes to Conquer

Sonar Developer Advocate, Jonathan Vila, dives into the most common errors in Java projects.

Read now >

SecurityWeek

Critical Jenkins Vulnerability Leads to Remote Code Execution

A critical vulnerability in Jenkins’ built-in CLI, discovered by Sonar's Vulnerability Research team, allows remote attackers to obtain cryptographic keys and execute arbitrary code.

Read now >

The Hacker News

Critical Jenkins Vulnerability Exposes Servers to RCE Attacks - Patch ASAP!

Sonar Vulnerability Research team discovers several security flaws in Jenkins.

Read now >

insideBIGDATA

Heard on the Street – 1/25/2024 - insideBIGDATA

Sonar co-CEO Tariq Shaukat discusses the importance of taking a "trust, but verify" approach when using code generated by AI.

Read now >

SolutionsReview

Data Privacy Week 2024: The Definitive Roundup of Expert Quotes

Sonar CIO Andrea Malagodi shares how data privacy today is turning into an old challenge with "new clothes" thanks to AI.

Read now >

The New Stack

The Case for 'Shifting Right'

What shifting right means and the importance of balancing shift left and shift right

Read now >

DEVOPSdigest

2024 DevSecOps Predictions - Part 2

Sonar team members share their perspectives on what is to come this year with DevSecOps trends.

Read now >

VMblog

Data Privacy Week 2024 - Cybersecurity Experts Share Security Tips

Sonar CIO Andrea Malagodi shares his perspective on what companies should keep in mind for 2024 Data Privacy Week.

Read now >

Datanami

2024 GenAI Predictions: Part Deux

Sonar Developer Advocate Phil Nash is quoted on his prediction that this year, the industry will see an overconfidence in GenAI code that will lead to generated AI vulnerabilities.

Read now >

Agenda

New EU AI Rules Will Have Global Impact

Sonar co-CEO Tariq Shaukat is quoted on the subject of the need for every company to have an AI acceptable use policy.

Read now >

Hackernoon

Unlocking Developer Productivity: The Key Is AI + Clean Code

Sonar's Head of Developer Relations & Community, Peter McKee, covers how AI is affecting software development and how to mitigate risks with it.

Read now >

BuiltIn

100 Best Places to Work in Austin, TX in 2024

Sonar is highlighted by BuiltIn in the top 100 Best Places to Work in Austin, Tx.

Read now >

SD Times

A guide to security testing tools

In this article, Sonar and its solutions SonarQube for IDE, SonarQube Server, and SonarQube Cloud are highlighted for their ability to ensure Clean Code.

Read now >

Security Boulevard

Securing Networks: Addressing pfSense Vulnerabilities

In this article, recent findings by Sonar's vulnerabilities research team within the widely-used open-source Netgate pfSense firewall solution, are covered.

Read now >

LeadDev

Effectively managing junior developers on remote teams

In this article, Sonar's Head of Developer Relations & Community, Peter McKee, shares his advice on how to support junior developers grow their careers in a remote environment.

Read now >

eSecurity Planet

5 Major Cybersecurity Trends to Know for 2024

In this article, Sonar Developer Advocate Phil Nash shares his prediction for what's to come with AI in 2024.

Read now >

Safety Detectives

Interview With Fabrice Bellingard - VP of Product at Sonar

SafetyDetectives recently interviewed Fabrice Bellingard, the VP of Product at Sonar, delving into the key features of SonarQube for IDE, SonarQube Server, and SonarQube Cloud.

Read now >

Database Trends and Applications

Sonar Debuts Secrets Detection for Mitigating Sensitive Information Leaks

In this article, Sonar's announcement of Secrets Detection for SonarQube for IDE, SonarQube Server, and SonarQube Cloud is covered.

Read now >

IT Brew

Asking around: How will generative AI impact the workplace?

In this article, Sonar Developer Advocate Quazi Nafiul Islam shares his thoughts on the impact of generative AI in the workplace.

Read now >

DEVOPSdigest

2024 DevOps Predictions - Part 8

In this article, Sonar Developer Advocates share their predictions for 2024 trends.

Read now >

Bleeping Computer

Over 1,450 pfSense servers exposed to RCE attacks via bug chain

Sonar researchers with the aid of SonarQube Cloud discovered three flaws impacting pfSense 2.7.0 and older and pfSense Plus 23.05.01 and older.

Read now >

Forbes

6 Predictions About Cybersecurity Challenges In 2024

In this article, Sonar Vulnerability Researcher Stefan Schiller is quoted for his 2024 prediction around hackers leveraging AI.

Read now >

The New Stack

Arming Developers with the Power of Clean Code

In this article, the benefits of following Clean Code standards to ensure a reliable, maintainable, and secure codebase are covered.

Read now >

Solutions Review

59 Data Protection Predictions from 33 Experts for 2024

In this article, Sonar Vulnerability Researcher Thomas Chauchefoin shares his 2024 prediction - AI-Assisted attacks to become more sophisticated and automated.

Read now >

Solutions Review

The Definitive Guide to Artificial Intelligence Predictions for 2024

In this article, several predictions from Sonar team members are highlighted amongst other industry experts on topic such as AI-generated code and cybersecurity.

Read now >

Unite.AI

Peter McKee, Head of Developer Relations at Sonar – Interview Series

In this article, the benefits of genAI and drawbacks to consider are covered, and the need to apply Clean Code best practices to AI-generated code.

Read now >

The New Stack

AI Will Create Demand and Empower Developers, Not Replace Them

In this article, the benefits of genAI and drawbacks to consider are covered, and the need to apply Clean Code best practices to AI-generated code.

Read now >

VMblog

Sonar 2024 Predictions: 6 Experts on the Future of Coding in the Age of AI

In this article, several predictions from Sonar team members are highlighted on topics such as genAI, security, and coding languages.

Read now >

The New Stack

The Highs and Lows of Low-Code Tools

In this article, pros and cons of low code are discussed, and the need to always keep Clean Code best practices in mind.

Read now >

DevOps.com

DevOps Dozen² 2023 Finalists Announced

Sonar is announced as a finalist for the DevOps Dozen Awards in the Best Testing Service/Tool category.

Read now >

Futuriom

FUTURIOM 50: THE 2023 STANDOUTS

Sonar is included on Futuriom's 50 list of the strongest private companies in key markets for cloud and communications infrastructure.

Read now >

DZone

Security Vulnerabilities in CasaOS

Sonar's Vulnerability Research team uncovered two critical code vulnerabilities in the personal cloud system CasaOS.

Read now >

Dice

'Tech Connects' Podcast: The Future of Clean Code

Tariq Shaukat, Sonar co-CEO, speaks with 'Tech Connects' host about how more companies are becoming software companies and the impact of genAI.

Listen now >

Digital Journal

This month the code word is ‘cybersecurity’

Sonar founder and co-CEO, Olivier Gaudin, is quoted about the need for business leaders to prioritize Clean Code as they reflect on Cybersecurity Month.

Read now >

BetaNews

Secure software depends on clean code — AI-generated or not

Sonar Head of Developer Relations and Community, Peter McKee, writes about the need for Clean Code in order to create secure software and decrease bad code.

Read now >

The New Stack

How to Get Advantages of TypeScript in JavaScript

Sonar Developer Advocate, Phil Nash, details tips and tricks for how to take advantage of TypeScript in JavaScript.

Read now >

SecurityWeekly Podcast

VSCode Vulnerabilities – Thomas Chauchefoin, Paul Gerste – PSW #804

Sonar Vulnerability Researchers Thomas Chauchefoin and Paul Gerste discuss research conducted on the security of Visual Studio Code — the most popular code editor out there.

Listen now >

SiliconANGLE

Enterprise software developers prepare for generative AI's 'productivity revolution'

In this article, Olivier Gaudin - founder and co-CEO of Sonar - is quoted on his perspective that more experienced coders will see the bigger advantages from genAI.

Read now >

Dark Reading

North Korean State Actors Attack Critical Bug in TeamCity Server

Sonar vulnerability researcher, Stean Schiller, is quoted on JetBrains TeamCity vulnerability, discovered by the Sonar research team.

Read now >

The Hacker News

Critical Vulnerabilities Uncovered in Open Source CasaOS Cloud Software

Sonar Vulnerability Research team discovers two critical security flaws in the open source CasaOS personal cloud software.

Read now >

The New Stack

What You Need to Know about Carbon, Python and Val

Sonar Developer Advocate, Phil Nash, details what developers need to consider about programming languages Carbon, Python, and Hylo.

Read now >

Forbes

Why Switzerland Thinks It Can Be Europe’s Tech Start-Up Capital

Sonar receives mention for being a Switzerland-based Unicorn in this Forbes article about the Europe tech start-up landscape.

Read now >

Solutions Review

37 Cybersecurity Awareness Month Quotes from Industry Experts in 2023

Olivier Gaudin, founder and co-CEO of Sonar, shares his perspective on Clean Code as it relates to Cybersecurity Awareness Month and the increase of genAI in code development.

Read now >

Enterprise Security Tech

Impact of AI on Cybersecurity: Pros and Cons Analyzed By Experts

In this article, Olivier Gaudin, co-CEO and founder of Sonar, shares why the world needs Clean Code and to adapt a Clean as You Code approach.

Read now >

The Last Watchdog

Black Hat Fireside Chat: Why using ‘Clean Code’ is paramount in speedy software development

Sonar's Olivier Gaudin, co-CEO and founder, and Head of R&D, Johannes Dahse, speak on The Last Watchdog podcast about the importance of Clean Code in speedy software development with quality.

Read now >

CIO Influence

October Cybersecurity Awareness Month: Top 50 IT and Security Professionals Share their Strategies

Olivier Gaudin, co-CEO and founder of Sonar, shares his perspective on Clean Code for Cybersecurity Awareness Month.

Read now >

TechRepublic

Top Security Tools for Developers in 2023

In this article, SonarQube Server is acknowledged as a great choice for developers needing an open source static application security testing tool to enhance security and code quality.

Read now >

VMblog

Cybersecurity Awareness Month 2023: Industry Experts Share Their Thoughts

In this article, Sonar founder and co-CEO - Olivier Gaudin - shares why organizations need to understand and adopt a Clean as You Code approach this Cybersecurity Awareness Month.

Read now >

The Hacker Mind

EP 81: HACKING VISUAL STUDIO CODE EXTENSIONS

In this podcast episode, Sonar researchers Thomas Chauchefoin and Paul Gerste discuss the state of the art of Visual Studio Code's security with Hacker Mind host Robert Vamosi.

Listen now >

Dev-Insider

Best Practices für sauberen Code ohne technische Schulden Clean Coding – ein Mittel gegen Developer-Burnout?

In this article, Sonar's Peter McKee writes about how Clean Code methods reduce workload while ensuring security, compliance, and the highest code quality.

Read now >

CyberWire

Cybersecurity Awareness Month: advice for tech companies.

In this article, Sonar founder and co-CEO - Olivier Gaudin - makes "a call for Clean Code" as organizations rethink their security this Cybersecurity Awareness Month.

Read now >

TechRepublic

3 Best DevSecOps Tools in 2023

In this article, the SonarQube Server solution is highlighted as a top DevSecOps tool for its support for multiple programming languages to improve code quality and enhance security.

Read now >

BuiltIn ATX

Built In Austin’s 9 Featured Companies of the Month

In this article, Sonar is recognized for its accomplishments and success as an innovative company in Austin, Texas.

Read now >

HackRead

JetBrains Patches Severe TeamCity Flaw Allowing RCE and Server Hijacking

Sonar researcher Stefan Schiller is acknowledged for discovery of a critical-severity authentication bypass vulnerability in the TeamCity CI/CD server.

Read now >

SC Media

Server hijacking likely with exploitation of critical TeamCity vulnerability

In this article, a critical TeamCity vulnerability is detailed, as discovered by Sonar's vulnerability research team.

Read now >

Hacker News

Critical JetBrains TeamCity Flaw Could Expose Source Code and Build Pipelines to Attackers

In this article, Sonar researchers share their discovering of a critical vulnerability in JetBrains TeamCity.

Read now >

SecurityWeek

In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover

A critical vulnerability in the TeamCity CI/CD server, discovered by the Sonar Vulnerability Research team could allow unauthenticated attackers to execute code and take over vulnerable servers.

Read now >

Decipher

TeamCity users urged to apply fix for Critical Flaw

Sonar researchers discovered a critical security vulnerability in TeamCity, a popular Continuous Integration and Continuous Deployment (CI/CD) server from JetBrains.

Read now >

L'Agefi

SonarSource, inflation, BNS: les trois mots-clés de la semaine

Sonar's appointment of new co-CEO, Tariq Shaukat, is covered in L'Agefi's top three news moments from the week.

Read now >

DBTA

SonarQube Cloud Debuts Open Source, Zero-Configuration, Automatic Analysis for C and C++ Projects

Sonar, the Clean Code solution provider, is announcing a new capability for its SonarQube Cloud platform: Zero-configuration, automatic analysis for programming languages C and C++.

Read now >

VMblog

Sonar Delivers Zero-Configuration Analysis of C and C++ Projects

New zero-configuration, automatic analysis for programming languages C and C++ within SonarQube Cloud enables GitHub hosted projects to be analyzed in one click, and it works with all compilers.

Read now >

DEVOPSdigest

Sonar Announces Zero-Configuration Analysis of C and C++ Projects

Sonar announced zero-configuration, automatic analysis for programming languages C and C++ within SonarQube Cloud, enabling C and C++ projects hosted on GitHub to be analyzed by SonarQube Cloud in one click.

Read now >

L'Agefi

With the ex-president of Bumble, SonarSource aims for a billion in turnover

The Geneva unicorn has recruited a co-CEO who combines commercial and software skills in order to accelerate its development. Tariq Shaukat was at the helm of the dating app when it debuted on the Nasdaq.

Read now >

Bloomberg Markets

Expect More Durable Companies to Come to Market: Shaukat

Co-CEO of Sonar, Tariq Shaukat, discusses IPO tech landscape and the importance of growing profitability with durability.

Watch now >

Bloomberg Markets

Bloomberg Markets: The Close 09/12/2023

Recently appointed co-CEO of Sonar, Tariq Shaukat, joins Bloomberg Markets "The Close" to discuss his new role and the IPO tech market (at 25-minute mark).

Watch now >

Austin Business Journal

After helping Bumble IPO, Tariq Shaukat named co-CEO of $4B coding company

Tariq Shaukat joins Sonar as co-CEO to work alongside Founder and CEO, Olivier Gaudin, to take company through next phase of growth.

Read now >

insideHPC

Former Google Cloud President Tariq Shaukat Joins Sonar as Co-CEO

Sonar announced that Tariq Shaukat has joined the company as co-CEO and a member of the Board of Directors. The company said Shaukat will lead the company with founder and CEO Olivier Gaudin.

Read now >

TechStrong TV

Insecure Code: Software Makers May Be Held Liable with New Legislation

Peter McKee, Head of Developer Relations & Community at Sonar, speaks with TechStrong TV's Alan Shimel about the future of DevOps and the importance of Clean Code.

Listen now >

Forbes

What Large Models Cost You – There Is No Free AI Lunch

The cost of generative AI is hitting businesses. Building and training LLMs can be prohibitively expensive. Sonar's Olivier Gaudin says “LLMs get bigger, not smarter."

Read now >

SD Times

Insecure Code: Software Makers May Be Held Liable with New Legislation

Sonar CMO Manish Gupta covers the Biden National Cybersecurity Strategy, how it places more legal responsibility on software makers, and how Clean Code can help.

Read now >

GovInfoSecurity

Securing Applications, Accelerating DevOps With Clean Code

In this video interview, Sonar CEO & co-founder Olivier Gaudin discusses Clean Code strategies for addressing dirty code and legacy issues, and how to increase output and quality of DevOps teams.

Listen now >

SecurityGuyTV

Discovering Hidden Security Issues in Code with Sonar; Deeper SAST

In this interview, Sonar CEO & co-founder Olivier Gaudin, and Sonar Head of R&D Johannes Dahse, discuss the announcement of deeper SAST and what is Clean Code.

Listen now >

CRN

20 Hottest New Cybersecurity Tools At Black Hat 2023

In this article, vendors showcasing new products are highlighted. Sonar's deeper SAST is featured at number 12.

Read more >

Help Net Security

New infosec products of the week: August 4, 2023

In this article, Help Net Security takes a look at the most interesting products from the week of August 4th, including Sonar's deeper SAST.

Read more >

VMblog

Sonar's New, Powerful Deep-Analysis Capability Finds Hidden Code Level Security Issues

Sonar announced a significant advancement of its Clean Code offering - developers can now automatically discover and fix code security issues with deeper SAST.

Read more >

SD Times

Sonar new SAST tool includes support for thousands of open-source libraries

In this article, Sonar's announcement of deeper SAST is featured. The update to the Sonar platform makes it easier for developers to write Clean Code.

Read more >

Help Net Security

Sonar's new deep-analysis capability discovers and fixes code security issues

Sonar announced a significant advancement of its Clean Code offering – developers can now automatically discover and fix code security issues arising from interactions between user source code and third-party, open-source libraries.

Read more >

The New Stack

Bad Code Stalls Developer Velocity

Sonar's Head of Developer Relations, Peter McKee, covers how a Clean as You Code approach ensures quality cod is developed quickly, without having to backtrack to remediate old errors.

Read more >

The New Stack

What is Clean Code?

Sonar VP of Product, Fabrice Bellingard, details how embracing Clean Code principles enables organizations to enhance the efficiency of their DevOps workflow.

Read more >

Security Week

OpenMeetings Flaws Allow Hackers to Hijack Instances, Execute Code on Servers

Three vulnerabilities in Apache OpenMeetings could be exploited by attackers to take over an administrator account and execute arbitrary code remotely, according to Sonar's vulnerability research team.

Read more >

Dark Reading

Meet the Finalists for the 2023 Pwnie Awards

Sonar vulnerability researchers Thomas Chauefoin and Stefan Schiller receive Pwnie Awards nominations for research on vulnerabilities in Check_mk, and the security of the PHP supply chain and Composer.

Read more >

The Cyberwire

It pays to malvertise. MOVEit vulnerability remediation. Ransomware trends. FSB cyberespionage. Influence operators taken down.

The Cyberwire Daily Briefing newsletter highlights new original research from Sonar that spotlights the millions of dollars businesses lose when they fail to implement an optimal approach for software development.

Read more >

Dark Reading

Apache OpenMeetings Wide Open to Account Takeover, Code Execution

Sonar threat researcher Stefan Schiller shares insights on the three security vulnerabilities found in Apache OpenMeetings.

Read more >

The Hacker News

Apache OpenMeetings Web Conferencing Tool Exposed to Critical Vulnerabilities

Sonar research team finds multiple security flaws in Apache OpenMeetings that could be potentially exploited to seize control of admin accounts and run malicious code on susceptible servers.

Read more >

RT Insights

In the Era of Modern Apps, Clean Code is Key to Customer Satisfaction

Sonar VP of Products, Fabrice Bellingard, shares how embracing Clean Code practices guarantees that developers can create modern apps that deliver.

Read more >

DZone

Why ORMs and Prepared Statements Can't (Always) Win

Sonar Vulnerability Researcher, Thomas Chauchefoin, writes about several SQL injection vulnerabilities discovered in Soko, a software deployed on the Gentoo Linux infrastructure.

Read more >

The Hacker News

Critical SQL Injection Flaws Expose Gentoo Soko to Remote Code Execution

Sonar research team uncovers multiple SQL injection vulnerabilities in Gentoo Soko that could lead to remote code execution (RCE) on vulnerable systems.

Read more >

Security Affairs

Critical SQL Injection flaws in Gentoo Soko can lead to Remote Code Execution

Sonar researchers identify two SQL injection vulnerabilities in Gentoo Soko that can be exploited by a remote attacker to execute arbitrary code on vulnerable systems.

Read more >

DevOps Digest

Clean Code and Software Development: Maximizing Efficiency and Maintainability in Uncertain Times

Sonar's Head of R&D, Johannes Dahse, details two ways that Clean Code can help address current challenges developers face today.

Read more >

InformationWeek

DOS Won’t Hunt: Is AI Better Than Low Code/No Code for Developers?

Sonar CEO Olivier Gaudin brings up some points to consider as generative AI becomes part of the software development cycle.

Read more >

DEVOPSdigest

Cleaning as You Code Is the Only Way to Truly Shift Left

In this article, Sonar's Head of R&D covers how to truly shift left, developers must be able to clean-as-they-code.

Read more >

SecurityWeek

Pimcore Platform Flaws Exposed Users to Code Execution

In this article, Sonar's R&D team warns that newly patched vulnerabilities in the Pimcore platform bring code execution risks.

Read more >

DZone

How the Wrong Content Type Introduced a Vulnerability in Odoo

In this article, Sonar's R&D team provides an overview of content types and how a minor error resulted in a vulnerability in Odoo.

Read more >

BuiltIn ATX

Companies Fostering a Sense of Belonging During Onboarding

BuiltIn Austin asked SonarSource, LogicMonitor, Tecovas, Episode Six and Semrush how they make new hires feel welcome.

Read more >

Agile Noir

Clean as You Code with SonarQube Server

In part three of this series for the Agile Noir podcast, Lance Kind speaks with Sonar VP of Products, Fabrice Bellingard about the importance of code quality and how SonarQube Server can help developers maintain clean code.

Read more >

DZone

Empowering Weak Primitives: File Truncation to Code Execution With Git

In this article, SonarSource's R and D team discusses how they discovered a code vulnerability that allows you to truncate arbitrary files to execute arbitrary commands.

Read more >

BuiltIn ATX

Hiring Now: Sonar Is Building a Team That’s Passionate About Clean Code

This Austin company is building out a team of tech professionals who are passionate about clean code.

Read more >

Agile Noir

SonarQube Server Helps Development Teams Clean their Code

In part two of this series for the Agile Noir podcast, Lance Kind speaks with Sonar VP of Products, Fabrice Bellingard about how SonarQube Server helps developers clean their code.

Listen Now >

Agile Noir

Why 7 million developers have their code analyzed by SonarQube Server

In part one of this series for the Agile Noir podcast, Lance Kind speaks with Sonar VP of Products, Fabrice Bellingard about why developers have their code analyzed by SonarQube Server.

Listen Now >

DZone

Malicious Message Leading To E-Commerce Takeover

In this article, Sonar's research and development team presents the root cause analysis of two Cross-Site Scripting bugs.

Read More >

Devops

Avoiding Developer Burnout With Clean Code Best Practices

Employee burnout is common in the tech industry, especially for developers. In fact, 83% of software developers feel burnt out from their work and of those, nearly half of them feel...

Read More >

CyberNews

Southwest Airlines incidents prove companies need to deal with technical debt – now

Thousands of US organizations are running on outdated software. This kind of failure to address technical debt is a recipe for a disaster – and it’s already costing trillions. Clean as You Code to the rescue.

Read More >

Website Planet

Meet SonarSource: Top-Class Solutions For Code Quality Management

Check out this interview with Manish Gupta, CMO at SonarSource, a leading provider of clean code solutions. The interview covers the company’s story, the benefits of using clean code when building websites, and what’s in the future of coders with the recent developments in AI technology.

Read More >

Venture Beat

Source Code Must Become a C-level Priority

Organizations have long realized how important their software is to their business. But they’re now fully realizing just how critical their software’s source code is. Sonar's CEO, Olivier Gaudin, explains.

Read More >

Help Net Security

SonarQube Server 9.9 LTS Empowers Organizations to Boost the Quality of Their Code

Sonar has launched SonarQube Server 9.9 Long-Term Support (LTS) that empowers organizations to achieve the Clean Code state securely and at scale.

Read More >

VM Blog

Sonar Launches SonarQube Server 9.9 LTS to Help Organizations Achieve a State of Clean Code

Sonar has launched SonarQube Server 9.9 Long-Term Support (LTS). The new release empowers organizations to achieve the Clean Code state quickly, securely, and at scale.

Read More >

Journal of Cyber Policy

Sonar Launches SonarQube Server 9.9 LTS to Help Organizations Achieve a State of Clean Code

SonarQube Server 9.9 LTS offers accelerated pull request analysis, support for building and deploying secure cloud-native applications, sophisticated enterprise-grade capabilities, and many innovations related to the detection engine and contextual education.

Read More >

DevOps Digest

SonarSource Launches SonarQube Server 9.9 LTS

Sonar’s latest 9.9 LTS release introduces key capabilities to enable enterprises to build better software in a sustained manner - with accelerated pull request analysis, support for building and deploying secure cloud-native applications, sophisticated enterprise-grade capabilities, and many innovations related to the detection engine and contextual education.

Read More >

SD Times

SonarQube Server 9.9 LTS Helps Organizations Produce Clean Code

Sonar’s release of SonarQube Server 9.9 Long-Term Support (LTS) aims to help organizations clean their code quickly with accelerated pull request analysis, support for building and deploying secure cloud-native applications, and more.

Read More >

Spiceworks

Retain Your Development Talent with The Power of Clean Code

Employee burnout is very common in the technology industry, especially for developers. However, companies can avoid developer burnout with the power of clean code practices, explains Fabrice Bellingard, VP of products at SonarSource.

Read More >

Make Use Of

What Is SonarQube Server? 5 Key Features for Programmers

Many tools and platforms are available in the programming world, and here’s one you should add to your toolbox: SonarQube Server. The following key features of SonarQube Server will help you to overcome your coding difficulties and improve your programming skills.

Read More >

App Developer Magazine

Why Sonar is Growing So Much

Announcing record growth in developer and enterprise customer adoption in FY22, Sonar has added 5,000 paying customers in 11 months, supporting 21,000 enterprise customers including over 75% of Fortune 100 and nearly half of Fortune 500 companies.

Read More >

CPO Magazine

Protect Developer Tools Against Growing Vulnerability Threat

Over the past couple of years, developers have been increasingly targeted by attackers, with dozens of events occurring. These bad actors are targeting devs with the tools they depend on to build code.

Read More >

The Empathetic Marketer

[Podcast] Increasing Audience Reach Using Effective Marketing Strategies with Manish Gupta

Listen as Manish Gupta, Chief Marketing Officer at Sonar, talks about creating intent-based campaigns to get your message across to audiences that are increasingly sensitive to overused marketing ploys.

Listen Now >

Techstrong

[Video] Critical Vulnerabilities in the IT Monitoring Tool

Watch as Stefan Schiller, a vulnerability researcher at SonarSource, explains how SonarSource determined an attacker can escalate to the Checkmk automation user by exploiting an authenticated arbitrary file read in NagVis.

Read More >

Devopsdigest

2023 DevOps Predictions - Part 3

Industry experts offer thoughtful, insightful, and often controversial predictions on how DevOps and related technologies will evolve and impact business in 2023 - including source code as a key strategic asset.

Read More >

The New Stack

Interest Growing in Dart and Flutter for Mobile

Dart and Flutter are finally getting their day as more software engineers explore using Flutter for mobile app development.

Read More >

Enterprise Security Tech

Exec Threat Overview: CVE-2022-30129

Johannes Dahse, Head of R&D at Sonar, explains a Remote Code Execution vulnerability (CVE-2022-30129) that was discovered in one of the most popular IDEs: Visual Studio Code.

Read More >

Console.Dev

Interview with Olivier Gaudin

CEO of Sonar, Olivier Gaudin, speaks to console.dev about getting into software, the beginnings of Sonar, the company structure, development challenges, tools, clean code, and more!

Read More >

Computer Weekly

SonarSource: Google’s Carbon language is a successor, not a replacement, for C++

Phil Nash explains that, despite popular belief, Google’s open source Carbon programming language is not a strict replacement for C++. The important distinction is that it is intended to be used alongside C++.

Read More >

DZone

JavaOne 2022: Java Continues to Evolve

The Java development team looks at the evolution of hardware and software to innovate and maintain its relationships with the developer community, and insights from the 2022 JavaOne conference.

Read More >

BetaNews

[Q&A] How Clean Code Can Help Developers Prevent Vulnerabilities

Every year, thousands of code vulnerabilities are discovered, patched, and publicly disclosed to improve security for current and potential users. What can developers do to write better code that prevents vulnerabilities from entering their apps and services in the first place?

Read More >

Techstrong

[Video] C++ and the Carbon Programming Language

Watch as Phil Nash, one of the original authors of the C++ test framework and a software engineer for SonarSource, explains how the Carbon programming language created by Google intertwines with C++

Read More >

CRN

Sonar expands the Clean Code movement to Asia Pacific

The leading platform for Clean Code will grow its user community and customer base across the entire region including ASEAN, ANZ, South Korea, China, and India.

Read More >

Dev Insider

[German] 10 unbekannte Sicherheitslücken in Python

Viele Entwickler nutzen Python und vertrauen darauf, dass es einen soliden Security-Level bietet.

Read More >

Bleeping Computer

Zimbra Bug Allows Stealing Email Logins with No User Interaction

Technical details have emerged on a high-severity vulnerability affecting certain versions of the Zimbra email solution that hackers could exploit to steal logins without authentication or user interaction.

Read More >

TechZone360

5 Development Tools Every Tech Engineer Should Have Access To

As a tech engineer, it is vital to have access to the right tools so you can create innovative products that make our lives easier. This blog post will discuss five development tools that every tech engineer should access!

Read More >

Techcrunch

Sonar raises $412M to scan codebases for bugs and vulnerabilities

Sonar, whose technology detects reliability and vulnerability issues in code, announced a funding round leading to a $4.7 billion valuation.

Read More >

Reuters

Coding platform Sonar valued at $4.7 bln after latest funding

Sonar intends to use the funds to double its salesforce this year and expand the company's marketing team across its international offices...

Read More >

MA RTS

[French] La start-up genevoise Sonar lève 412 millions et devient "quadruple licorne"

L'entreprise informatique genevoise Sonar a annoncé une capitalisation de 4,7 milliards de dollars, avec l'arrivée de nouveaux investisseurs américains.

Read More >

Austin American-Statesman

Software company has big plans for Austin, aims to double employee count

Sonar, which operates its U.S. headquarters in Austin, says it is gearing up for growth in Austin after landing a significant infusion of capital...

Read More >

SecurityWeek

CISA Warns of Attacks Exploiting Recent Vulnerabilities in Zabbix Monitoring Tool

The United States Cybersecurity and Infrastructure Security Agency (CISA) this week expanded its Known Exploited Vulnerabilities Catalog with two critical flaws in the Zabbix enterprise monitoring solution.

Read More >

The Record

Unpatched bug allows takeover of Horde webmail accounts, servers

Discovered by Sonar vulnerability researcher Simon Scannell, the vulnerability has existed in the Horde webmail app since late 2012...

Read More >

  • Legal documentation
  • Trust center
  • Follow SonarSource on Twitter
  • Follow SonarSource on Linkedin

© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARQUBE, and CLEAN AS YOU CODE are trademarks of SonarSource SA.