WHITE PAPERS
Read and download our in-depth articles on code quality
A developers guide to AI-assisted software development
This guide focuses on the application of Large Language Models (LLMs) specifically used for code generation and not their use in other domains.
7 habits of highly effective AI coding
AI is transforming development, but are you getting real velocity? Despite AI generating 30%+ of new code at companies like Google, productivity gains are often minimal.
Read White paper >
The State of Code: Reliability report
Sonar’s first report in its State of Code series provides a data-driven look into the practices and pitfalls found across 7.9 billion lines of code from over 970,000 developers who trust Sonar for analysis.
Read White paper >
SonarQube for Federal Agencies: A Guide to Complying with AI Policies in Code Development
This guide will explore the key requirements of each memorandum and show how SonarQube delivers practical, actionable solutions for federal agencies using AI in their code development processes.
Read White paper >
Deep Dive into AI Agents for Software Dev Guide
At the heart of modern technology, there's a growing presence of intelligent systems known as AI agents. But what exactly are they?
Read White paper >
How to Protect AI-Generated Code Quality
The integration of artificial intelligence (AI) into software development has propelled the industry into a new era of promises for speed and innovation.
Read White paper >
Sonar: a powerful ally in meeting NIST SSDF code security requirements
Using SonarQube for IDE with SonarQube Server or SonarQube Cloud helps you follow the best practices laid out in the NIST SSDF to meet code security requirements.
Read White paper >
The algorithmic reformation: AI agents are rewriting the SDLC playbook
Imagine agents powered by advanced neural networks, moving beyond simple task automation to become genuine collaborators in software development.
Read White paper >
How the OWASP LLM Top 10 Applies to Code Generation
With the rapid growth in generative AI (GenAI) and large language models (LLMs), new security risks have emerged. Developers of LLM-based apps are responsible for addressing those security risks. However, the newness of the LLM and GenAI space makes understanding and mitigating these risks more challenging than well-established domains like web application security.
Read White paper >
AI code generators guide for executives & c-suite
Software development is transforming from conventional manual coding to a new era driven by generative AI technology.
Read White paper >
The costly consequences of bad code for the enterprise
Addressing bad code requires a holistic approach, integrating procedural measures and a cultural shift towards clean coding practices. Organizations that prioritize these principles enhance software resilience, mitigate risks, and fortify their reputation and financial stability.
Read White Paper >
Lesser Spotted React Mistakes and How to Avoid Them
There are small, but common pitfalls and errors encountered when writing React code. Learn more about how to avoid them with code examples designed to be cut, pasted, and tried by the reader, whether an experienced JavaScript | TypeScript developer or just starting out.
Read White Paper >
Omdia: On the Radar
In this paper, Omdia provides research notes to outline two of our recent and significant innovations that address the quality and security issues that inevitably arise as application code is being developed - “Deeper” SAST and automatic analysis of C and C++ projects.
Read White Paper >