4 Leadership Lessons From a $200 Million, Fast-Growing, Profitable Startup
Adapt your business model to scarce capital, build on your strengths, and overcome your weaknesses.
SONAR COVERAGE
The latest in clean code coverage
News articles covering Sonar, Clean Code, research from the Sonar R&D team, Sonar executive perspective, and more
InformationWeek
Should Today’s Developers Be More or Less Specialized?
Sonar CIO Andrea Malagodi comments on how having a broader skillset can be an advantage in building a software development career.
Read now >
DEVOPSdigest
Sonar Introduces SonarCloud Enterprise and Team Plans
New SonarCloud plans ensure developer teams can leverage it as their needs grow, to continuously reduce risk exposure at all levels and sustain software performance, growing business through systematic development and delivery.
Read now >
Security Boulevard
Now Introducing, SonarCloud Enterprise and SonarCloud Team
Sonar launches Enterprise and Team plans for its SaaS offering SonarCloud, empowering development teams of all sizes to deliver Clean Code with confidence.
Read now >
Expert Insights
The Top 10 Application Security Testing Solutions
Sonar is listed as a top 10 solution for its ability to enhance readability of both AI-generated and human-written code, as well as its integration capabilities.
Read now >
InfoWorld
How to choose the right low-code, no-code, or process automation platform
Sonar's VP of Developer Relations and Community comments on using low- or no-code platforms for software development.
Read now >
DZone
AI vs. Human: Who Detects Bugs Better?
SonarQube is noted as a popular solution to detect bugs in AI-generated code with its static code analysis capabilities.
Read now >
The New Stack
Back to the Basics: Understanding Source Code
Sonar Product Manager, Robert Curlee, covers the importance of quality, secure code and the logic and design patterns of coding principles.
Read now >
CIO
5 IT risks CIOs should be paranoid about
Sonar's CIO, Andera Malagodi, comments on how AI risks can worsen the problem of bad code by not prioritizing quality.
Read now >
Software Engineering Daily
C++ Static Analysis with Abbas Sabra
Sonar Principal Engineer Abbas Sabra talks with the host of Software Engineering Daily about static code analysis and C++ and new Sonar features such as auto-configuration.
Read now >
InformationWeek
Is GenAI an Existential Risk to Low Code/No Code?
Sonar's VP of Developer Relations and Community comments on the power of LLMs and Artificial General Intelligence (AGI).
Read now >
Built In
What Is an Integrated Development Environment (IDE)?
Sonar Developer Advocate Quazi Nafiul takes it back to basics, covering what is an IDE and how to pick the right one.
Read now >
The Hacker News
Critical Unpatched Flaws Disclosed in Popular Gogs Open-Source Git Service
Sonar Vulnerability Research team unveils four discovered security flaws in Gogs that could permit an attacker to execute arbitrary commands.
Read now >
SC Media
Gogs vulnerabilities may put your source code at risk
While analyzing the Gogs for self-hosting source code, Sonar Vulnerability Research team discovered four flaws that could enable attackers to steal, modify or delete valuable source code.
Read now >
The New Stack
5 Clean Code Tips for Reducing Complexity
Sonar product manager John Clifton covers how reducing cognitive complexity is key to helping write secure, maintainable, and reliable code.
Read now >
The Channel Pro Network
Channel Career Tracker: Q2 2024
Sonar's President of Field Operations, Lynne Doherty, is highlighted among other channel industry leaders, noted for her outstanding record leading high-performing GTM organizations.
Read now >
Built In
40 Software Companies in London to Know
Sonar is noted by Built In as a London software company that's driving progress across industries.
Read now >
Security Boulevard
The True Cost of Bad Code in Software Development
How does bad code impact organizations and how can it be overcome? Proactive measures and the right solutions, such as SonarQube.
Read now >
The New Stack
Technical Debt Continues To Mount – Here’s How To Solve It
How can technical debt be addressed? With a culture of clean code – promote continuous improvement that streamlines workflows and gives stakeholders insight to make informed decisions.
Read now >
Security Boulevard
SonarQube 10.6 Release Announcement
SonarQube 10.6 release includes significant changes such as autoscaling in Kubernetes, C and C++ projects are auto-configurable, the ability to run the solution in a FIPS-enforced environment, and more.
Read now >
Built In
21 Tech Companies in Singapore to Know
Built In recognizes Sonar as a prominent company in Singapore, along with other well-known companies, such as Amazon and Razer.
Read now >
InformationWeek
Delving Into the Risks and Rewards of the Open-Source Ecosystem
Open source software fuels the digital world, but how can enterprises manage its risks? Sonar Developer Advocate comments on how open source technologies are the foundations of the digital world.
Read now >
SC Media
Arbitrary code execution likely with Mailcow vulnerabilities
Two medium-severity vulnerabilities were found in Mailcow by Sonar's Vulnerability Research team.
Read now >
The Hacker News
Mailcow Mail Server Flaws Expose Servers to Remote Code Execution
Sonar Vulnerability Research team discovers two security vulnerabilities in the Mailcow open source mail server suite that could be exploited by malicious actors.
Read now >
TechStrong.ai
AI Leadership Insights: Clean Code
Sonar Head of Developer Relations and Community shares insight around the value of Clean Code in the age of AI.
Read now >
TechZine
Sonar developer lead: Programming past the pitfalls with AI-generated code
Sonar Head of Developer Relations and Community discusses how AI can unlock developer bandwidth, but only when generated code is properly checked.
Read now >
Cloud Native Now
Docker Survey Surfaces Complex Application Development Landscape
Survey by Docker finds that SonarQube is one of the most widely used security tools for application development.
Read now >
SDxCentral
Sonar and AWS Expand Collaboration to Drive Adoption of Clean Code Practices
Sonar has furthered its AWS partnership with the integration of SonarCloud to Amazon Code Catalyst, in addition to achieving AWS FTR certification.
Read now >
SD Times
SonarCloud integrates with Amazon CodeCatalyst to promote Clean Code practices
SonarCloud is integrated with Amazon CodeCatalyst to help improve the development process for cloud-based applications.
Read now >
InfoWorld
Advanced CI/CD: 6 steps to better CI/CD pipelines
Sonar Head of Developer Relations and Community comments on the need to combine unit testing and static code analysis for better DevOps.
Read now >
CIOReview
Sonar Delivers Clean Code Solution SonarQube Through Google Cloud Marketplace
Sonar makes its self-managed solution SonarQube available on Google Cloud marketplace, enabling companies to accelerate DevOps transformation in the cloud and more.
Read now >
DEVOPSdigest
SonarQube Now Available on Google Cloud Marketplace
SonarQube is now available on Google Cloud Marketplace, enabling organizations to accelerate DevOps, modernize software development workflows, and deliver higher-quality, secure applications.
Read now >
Tech World with Milan
Enabling High-Quality Code in .NET
SonarQube is listed as a go-to tool for ensuring high-quality code.
Read now >
Built In
Sonar Makes SonarQube Available on Google Cloud Marketplace
SonarQube becomes available on Google Cloud Marketplace to support developers in their pursuit of continuous Clean Code, whether human-written or AI-generated.
Read now >
Built In
20 Featured Companies Moving Ahead in 2024
Recent Sonar updates are highlighted, including SonarQube 10.5 and being involved in the Department of Commerce consortium on AI safety.
Read now >
ChannelE2E
Sonar Puts Focus on Channel with New Executive
Sonar President of Field Operations, Lynne Doherty, talks about Sonar's shift from product-led growth to GTM.
Read now >
CMSwire
Can Traditional Web Development Survive AI?
Sonar Head of Developer Relations & Community, Peter McKee, comments on the impact of genAI in web development.
Read now >
Security Boulevard
Sonar Named Leader in G2 Spring Report
Sonar receives recognition as a LEADER in Static Code Analysis by G2.
Read now >
Built In
25 Companies Hiring Software Engineers
Sonar is featured for the number of engineering job openings in several departments.
Read now >
InfoWorld
12 principles for improving devsecops
Sonar Head of Developer Relations and Community, Peter McKee, comments on why developers should integrate static code analysis into their workflow to bolster QA efforts.
Read now >
CIOReview
Sonar: The Clean Code Leader
Sonar's CIO, Andrea Malagodi, discusses Sonar's philosophy and its Clean Code methodology.
Read now >
The New Stack
Spring Framework Has Three Major Pitfalls — Here’s What To Do
Jonathan Vila, Sonar Developer Advocate, covers Spring features that aid in the development process, and why it’s vital to understand the framework's limitations and drawbacks.
Read now >
SC Media
Why quality source code has become more important than ever in the AI era
Harry Wang, Sonar's VP of Strategic Partnerships, writes about how companies can ensure their software adheres to new standards and legal requirements by looking closely at their source code.
Read now >
Corporate Board Magazine
What To Ask About AI
Tariq Shaukat, co-CEO of Sonar, shares his views on AI and the need for companies to have acceptable use-case policies.
Read now >
Austin Monthly
Austin Is Becoming a Major Player in AI Innovation and Regulation
Sonar co-CEO, Tariq Shaukat, is quoted on the importance of putting gaurdrails around AI without stifling innovation.
Read now >
InfoWorld
10 principles for creating a great developer experience
Sonar Developer Advocate Jonathan Vila comments on the necessity of checking code generated by AI before adding it to repositories to ensure the best value is extracted from AI without compromising the codebase.
Read now >
The New Stack
7 Tips for Fostering Stronger Communication in Outsourced Projects
Sonar's Liz Ryan writes about the importance of proper communication in projects and seven key approaches teams can take.
Read now >
L'Agefi
Lynne Doherty nommée responsable des opérations chez Sonar
Lynne Doherty joins Sonar as President of Field Operations.
Read now >
Built In
Sonar Appoints New President of Field Operations
Lynne Doherty is interviewed about her role as Sonar's President of Field Operations.
Read now >
Channel Futures
Sumo Logic Vet Hits 'Job Lottery' with Role at Sonar
Sonar's President of Field Operations, Lynne Doherty, discusses her plans in her role and how joining the Clean Code leader is a 'full circle' moment for her having started her career as a developer.
Read now >
The New Stack
Preventing Scope Creep: Guide for Managing Outsourced Teams
Strategies businesses can use to prevent scope creep and achieve success for all parties involved.
Read now >
Built In
Leadership Transitions Have Huge Impact on Long-Term Productivity. Here’s How Two Austin Companies are Navigating the Change.
Sonar's CHRO, Clarissa O'Connell, talks about her role and how she's supporting the company in its mission to change the development world.
Read now >
InformationWeek
How Developers of All Skill Levels Can Best Leverage AI
Sonar's Head of Developer Relations and Community writes about the need to use coding assistants wisely, being mindful of skill level.
Read now >
HR Executive
The HR strategies this tech CHRO says will drive global growth
Sonar's CHRO, Clarissa O'Connell, shares how she leads her team and is revamping how HR is done.
Read now >
Built In
63 Cloud Companies You Should Know
Sonar is listed as a cloud company to know.
Read now >
The New Stack
How Generative AI Coding Assistants Increase Developer Velocity
Sonar's Manish Kapur covers how generative AI coding assistants have the power to transform the development process when used correctly with a Clean Code approach.
Read now >
IEEE Spectrum
AI Coding Is Going From Copilot to Autopilot
Sonar Developer Advocate comments on generative AI coding assistants and the benefits they can bring to developers.
Read now >
The New Stack
AI Code Generation: 6 FAQs for Developers
AI code generation is useful, but what's the catch? Sonar's Manish Kapur writes on this and the need for static code analysis.
Read now >
InfoWorld
Avoiding the dangers of AI-generated code
Sonar Developer Advocate discusses generative AI and the importance of ensuring that all code is analyzed, tested, and reviewed.
Read now >
The New Stack
How to Prevent Secrets from Creeping into Code
In this article, Sonar's Robert Curlee shares why its best to catch secrets at the very beginning of the development workflow (in the IDE), and how Sonar can help.
Read now >
Forbes
Using GenAI For Coding? How To Leverage It Wisely And Well
In this article, Sonar founder and co-CEO Olivier Gaudin gives his thoughts on why AI-generated code must be given the same scrutiny as human-written code.
Read now >
Techopedia
CISA’s Attestation Form: What Software Suppliers Can Do to Meet Compliance
In this article, Sonar VP of Strategic Partnerships and other industry leaders share their perspectives on the new attestation form for software suppliers introduced by CISA.
Read now >
CIO.com
How CIOs navigate generative AI in the enterprise
In this article, Sonar CIO Andrea Malagodi shares his perspective on AI - alongside other industry leaders - saying how CIOs and CTOs must take the necessary steps to ensure AI-generated code is clean.
Read now >
DZone
The Cost of Ignoring Static Code Analysis
Peter McKee, Sonar Head of Developer Relations & Community, shares why unit testing and static code analysis together play a vital role in creating quality software.
Read now >
Corporate Board Member
Get Your People AI Ready: 3 Key Ideas
In this article, highlights are shared from the Directors Forum in Dallas with speakers, Tariq Shaukat, Sonar co-CEO, and Florin Rotar, Chief AI Officer of Avanade.
Read now >
Beta News
How clean code can bridge the developer and security divide
Stefan Schiller, Sonar Vulnerability Researcher, details how marrying a “shift left” mentality with the “Clean as You Code” methodology can better satisfy demands on developers and SecOps alike to both work faster, ship more features, and address security issues.
Read now >
The New Stack
How Static Analysis Can Save Your Software
How using static analysis, especially in C++ projects, can help your team achieve success and ensure top quality software.
Read now >
Techopedia
Pros & Cons of AI Coding Assistants: Speed vs Quality
Peter McKee, Sonar Head of Developer Relations & Community, suggests developers may need to introduce code-scanning tools into their development journey to mitigate potential GenAI coding errors.
Read now >
Financial Times
FT 1000: the eighth annual ranking of Europe’s fastest-growing companies
Sonar receives inclusion in the Financial Times 1,000, which highlights Europe-based companies showing the strongest revenue growth over a three-year period.
Read now >
Forbes
How We’ll Be Interacting With AI As It Takes On More Work
Sonar Head of Developer Relations & Community, Peter McKee, shares his perspective about how AI is an "under-the-covers knowledge foundation."
Read now >
The New Stack
5 Risks of Outsourcing Development and How to Avoid Them
A look at some of the most significant outsourcing-based pitfalls and how companies can best mitigate them to continue producing high-quality, business-critical software at top speed and lower cost.
Read now >
Dark Reading
Joomla XSS Bugs Open Millions of Websites to RCE
Sonar Vulnerability Research Team discovered that one fundamental flaw, tracked as CVE-2024-21726, is at the heart of the issues affecting Joomla's core filter component.
Read now >
Reworked
Managers Need to Get Better at Discussing Employee Well-Being. Here's How
Sonar's CHRO, Clarissa O'Connell, shares her perspective on how middle managers can be supported with the right tools and resources in place.
Read now >
The New Stack
Unraveling the Costs of Bad Code in Software Development
Sonar's Liz Ryan shares that, while the consequences of bad code can’t be underestimated, they must be mitigated to ensure business success.
Read now >
DevOps.com
Software Development in the Age of AI: How to Balance Quality and Speed
As AI code generators gain popularity, Sonar's Peter McKee covers how companies have to put safeguards in place to harness the technology, for boosting productivity and quality outputs.
Read now >
SD Times
The Importance of Prevention: How Shifting Left, Static Analysis and Unit Testing Create Better Code Quality
Sonar Head of Developer Relations & Community, Peter McKee, shares how developer teams must take a shift-left on quality approach, employing both unit testing and static analysis.
Read now >
The Tech Trek
Software is Eating the World and AI is Accelerating It
In this Tech Trek podcast episode, Tariq Shaukat, co-CEO at Sonar, is interviewed about the impact of software and AI on companies.
Listen now >
Security Boulevard
Write cleaner React code with SonarQube 10.4
SonarQube 10.4 was recently released and, between 10.3 and 10.4, 48 new rules and one updated rule were released to help write clean code in React applications.
Read now >
InfoWorld
10 ways generative AI will transform software development
Peter McKee, Sonar Head of Developer Relations & Community, shares how a Clean as You Code approach ensures quality AI-generated code.
Read now >
BuiltIn Austin
US AI Safety Institute Consortium Established to Ensure Safe AI Innovation
Sonar joins over 200 AI stakeholders to support the development and deployment of safe, trustworthy AI.
Read now >
BuiltIn Austin
56 Software Companies in Austin You Should Know
Sonar is highlighted for its strides in enabling companies to develop Clean Code with its solutions SonarLint, SonarQube, and SonarCloud.
Read now >
Austin Business Journal
Austin tech companies made 20-plus key hires in January
New Sonar CHRO, Clarissa O'Connell, is featured amongst other hires at top Austin-based companies.
Read now >
Bilanz
These young Swiss companies are just taking off
Sonar is highlighted amongst other Switzerland based scale-ups for its successful growth as the Clean Code market leader.
Read now >
The New Stack
The Trouble with Nesting Ternaries in JavaScript
Sonar Developer Advocate and JavaScript expert, Phil Nash, covers why nesting ternaries is an issue and what developers can do to eliminate the practice to produce Clean Code.
Read now >
The New Stack
7 Java Mistakes to Conquer
Sonar Developer Advocate, Jonathan Vila, dives into the most common errors in Java projects.
Read now >
SecurityWeek
Critical Jenkins Vulnerability Leads to Remote Code Execution
A critical vulnerability in Jenkins’ built-in CLI, discovered by Sonar's Vulnerability Research team, allows remote attackers to obtain cryptographic keys and execute arbitrary code.
Read now >
The Hacker News
Critical Jenkins Vulnerability Exposes Servers to RCE Attacks - Patch ASAP!
Sonar Vulnerability Research team discovers several security flaws in Jenkins.
Read now >
insideBIGDATA
Heard on the Street – 1/25/2024 - insideBIGDATA
Sonar co-CEO Tariq Shaukat discusses the importance of taking a "trust, but verify" approach when using code generated by AI.
Read now >
SolutionsReview
Data Privacy Week 2024: The Definitive Roundup of Expert Quotes
Sonar CIO Andrea Malagodi shares how data privacy today is turning into an old challenge with "new clothes" thanks to AI.
Read now >
The New Stack
The Case for 'Shifting Right'
What shifting right means and the importance of balancing shift left and shift right
Read now >
DEVOPSdigest
2024 DevSecOps Predictions - Part 2
Sonar team members share their perspectives on what is to come this year with DevSecOps trends.
Read now >
VMblog
Data Privacy Week 2024 - Cybersecurity Experts Share Security Tips
Sonar CIO Andrea Malagodi shares his perspective on what companies should keep in mind for 2024 Data Privacy Week.
Read now >
Datanami
2024 GenAI Predictions: Part Deux
Sonar Developer Advocate Phil Nash is quoted on his prediction that this year, the industry will see an overconfidence in GenAI code that will lead to generated AI vulnerabilities.
Read now >
Agenda
New EU AI Rules Will Have Global Impact
Sonar co-CEO Tariq Shaukat is quoted on the subject of the need for every company to have an AI acceptable use policy.
Read now >
Hackernoon
Unlocking Developer Productivity: The Key Is AI + Clean Code
Sonar's Head of Developer Relations & Community, Peter McKee, covers how AI is affecting software development and how to mitigate risks with it.
Read now >
BuiltIn
100 Best Places to Work in Austin, TX in 2024
Sonar is highlighted by BuiltIn in the top 100 Best Places to Work in Austin, Tx.
Read now >
SD Times
A guide to security testing tools
In this article, Sonar and its solutions SonarLint, SonarQube, and SonarCloud are highlighted for their ability to ensure Clean Code.
Read now >
Security Boulevard
Securing Networks: Addressing pfSense Vulnerabilities
In this article, recent findings by Sonar's vulnerabilities research team within the widely-used open-source Netgate pfSense firewall solution, are covered.
Read now >
LeadDev
Effectively managing junior developers on remote teams
In this article, Sonar's Head of Developer Relations & Community, Peter McKee, shares his advice on how to support junior developers grow their careers in a remote environment.
Read now >
eSecurity Planet
5 Major Cybersecurity Trends to Know for 2024
In this article, Sonar Developer Advocate Phil Nash shares his prediction for what's to come with AI in 2024.
Read now >
Safety Detectives
Interview With Fabrice Bellingard - VP of Product at Sonar
SafetyDetectives recently interviewed Fabrice Bellingard, the VP of Product at Sonar, delving into the key features of SonarLint, SonarQube, and SonarCloud.
Read now >
Database Trends and Applications
Sonar Debuts Secrets Detection for Mitigating Sensitive Information Leaks
In this article, Sonar's announcement of Secrets Detection for SonarLint, SonarQube, and SonarCloud is covered.
Read now >
IT Brew
Asking around: How will generative AI impact the workplace?
In this article, Sonar Developer Advocate Quazi Nafiul Islam shares his thoughts on the impact of generative AI in the workplace.
Read now >
DEVOPSdigest
2024 DevOps Predictions - Part 8
In this article, Sonar Developer Advocates share their predictions for 2024 trends.
Read now >
Bleeping Computer
Over 1,450 pfSense servers exposed to RCE attacks via bug chain
Sonar researchers with the aid of SonarCloud discovered three flaws impacting pfSense 2.7.0 and older and pfSense Plus 23.05.01 and older.
Read now >
Forbes
6 Predictions About Cybersecurity Challenges In 2024
In this article, Sonar Vulnerability Researcher Stefan Schiller is quoted for his 2024 prediction around hackers leveraging AI.
Read now >
The New Stack
Arming Developers with the Power of Clean Code
In this article, the benefits of following Clean Code standards to ensure a reliable, maintainable, and secure codebase are covered.
Read now >
Solutions Review
59 Data Protection Predictions from 33 Experts for 2024
In this article, Sonar Vulnerability Researcher Thomas Chauchefoin shares his 2024 prediction - AI-Assisted attacks to become more sophisticated and automated.
Read now >
Solutions Review
The Definitive Guide to Artificial Intelligence Predictions for 2024
In this article, several predictions from Sonar team members are highlighted amongst other industry experts on topic such as AI-generated code and cybersecurity.
Read now >
Unite.AI
Peter McKee, Head of Developer Relations at Sonar – Interview Series
In this article, the benefits of genAI and drawbacks to consider are covered, and the need to apply Clean Code best practices to AI-generated code.
Read now >
The New Stack
AI Will Create Demand and Empower Developers, Not Replace Them
In this article, the benefits of genAI and drawbacks to consider are covered, and the need to apply Clean Code best practices to AI-generated code.
Read now >
VMblog
Sonar 2024 Predictions: 6 Experts on the Future of Coding in the Age of AI
In this article, several predictions from Sonar team members are highlighted on topics such as genAI, security, and coding languages.
Read now >
The New Stack
The Highs and Lows of Low-Code Tools
In this article, pros and cons of low code are discussed, and the need to always keep Clean Code best practices in mind.
Read now >
DevOps.com
DevOps Dozen² 2023 Finalists Announced
Sonar is announced as a finalist for the DevOps Dozen Awards in the Best Testing Service/Tool category.
Read now >
Futuriom
FUTURIOM 50: THE 2023 STANDOUTS
Sonar is included on Futuriom's 50 list of the strongest private companies in key markets for cloud and communications infrastructure.
Read now >
DZone
Security Vulnerabilities in CasaOS
Sonar's Vulnerability Research team uncovered two critical code vulnerabilities in the personal cloud system CasaOS.
Read now >
Dice
'Tech Connects' Podcast: The Future of Clean Code
Tariq Shaukat, Sonar co-CEO, speaks with 'Tech Connects' host about how more companies are becoming software companies and the impact of genAI.
Listen now >
Digital Journal
This month the code word is ‘cybersecurity’
Sonar founder and co-CEO, Olivier Gaudin, is quoted about the need for business leaders to prioritize Clean Code as they reflect on Cybersecurity Month.
Read now >
BetaNews
Secure software depends on clean code — AI-generated or not
Sonar Head of Developer Relations and Community, Peter McKee, writes about the need for Clean Code in order to create secure software and decrease bad code.
Read now >
The New Stack
How to Get Advantages of TypeScript in JavaScript
Sonar Developer Advocate, Phil Nash, details tips and tricks for how to take advantage of TypeScript in JavaScript.
Read now >
SecurityWeekly Podcast
VSCode Vulnerabilities – Thomas Chauchefoin, Paul Gerste – PSW #804
Sonar Vulnerability Researchers Thomas Chauchefoin and Paul Gerste discuss research conducted on the security of Visual Studio Code — the most popular code editor out there.
Listen now >
SiliconANGLE
Enterprise software developers prepare for generative AI's 'productivity revolution'
In this article, Olivier Gaudin - founder and co-CEO of Sonar - is quoted on his perspective that more experienced coders will see the bigger advantages from genAI.
Read now >
Dark Reading
North Korean State Actors Attack Critical Bug in TeamCity Server
Sonar vulnerability researcher, Stean Schiller, is quoted on JetBrains TeamCity vulnerability, discovered by the Sonar research team.
Read now >
The Hacker News
Critical Vulnerabilities Uncovered in Open Source CasaOS Cloud Software
Sonar Vulnerability Research team discovers two critical security flaws in the open source CasaOS personal cloud software.
Read now >
The New Stack
What You Need to Know about Carbon, Python and Val
Sonar Developer Advocate, Phil Nash, details what developers need to consider about programming languages Carbon, Python, and Hylo.
Read now >
Forbes
Why Switzerland Thinks It Can Be Europe’s Tech Start-Up Capital
Sonar receives mention for being a Switzerland-based Unicorn in this Forbes article about the Europe tech start-up landscape.
Read now >
Solutions Review
37 Cybersecurity Awareness Month Quotes from Industry Experts in 2023
Olivier Gaudin, founder and co-CEO of Sonar, shares his perspective on Clean Code as it relates to Cybersecurity Awareness Month and the increase of genAI in code development.
Read now >
Enterprise Security Tech
Impact of AI on Cybersecurity: Pros and Cons Analyzed By Experts
In this article, Olivier Gaudin, co-CEO and founder of Sonar, shares why the world needs Clean Code and to adapt a Clean as You Code approach.
Read now >
The Last Watchdog
Black Hat Fireside Chat: Why using ‘Clean Code’ is paramount in speedy software development
Sonar's Olivier Gaudin, co-CEO and founder, and Head of R&D, Johannes Dahse, speak on The Last Watchdog podcast about the importance of Clean Code in speedy software development with quality.
Read now >
CIO Influence
October Cybersecurity Awareness Month: Top 50 IT and Security Professionals Share their Strategies
Olivier Gaudin, co-CEO and founder of Sonar, shares his perspective on Clean Code for Cybersecurity Awareness Month.
Read now >
TechRepublic
Top Security Tools for Developers in 2023
In this article, SonarQube is acknowledged as a great choice for developers needing an open source static application security testing tool to enhance security and code quality.
Read now >
VMblog
Cybersecurity Awareness Month 2023: Industry Experts Share Their Thoughts
In this article, Sonar founder and co-CEO - Olivier Gaudin - shares why organizations need to understand and adopt a Clean as You Code approach this Cybersecurity Awareness Month.
Read now >
The Hacker Mind
EP 81: HACKING VISUAL STUDIO CODE EXTENSIONS
In this podcast episode, Sonar researchers Thomas Chauchefoin and Paul Gerste discuss the state of the art of Visual Studio Code's security with Hacker Mind host Robert Vamosi.
Listen now >
Dev-Insider
Best Practices für sauberen Code ohne technische Schulden Clean Coding – ein Mittel gegen Developer-Burnout?
In this article, Sonar's Peter McKee writes about how Clean Code methods reduce workload while ensuring security, compliance, and the highest code quality.
Read now >
CyberWire
Cybersecurity Awareness Month: advice for tech companies.
In this article, Sonar founder and co-CEO - Olivier Gaudin - makes "a call for Clean Code" as organizations rethink their security this Cybersecurity Awareness Month.
Read now >
TechRepublic
3 Best DevSecOps Tools in 2023
In this article, the SonarQube solution is highlighted as a top DevSecOps tool for its support for multiple programming languages to improve code quality and enhance security.
Read now >
BuiltIn ATX
Built In Austin’s 9 Featured Companies of the Month
In this article, Sonar is recognized for its accomplishments and success as an innovative company in Austin, Texas.
Read now >
HackRead
JetBrains Patches Severe TeamCity Flaw Allowing RCE and Server Hijacking
Sonar researcher Stefan Schiller is acknowledged for discovery of a critical-severity authentication bypass vulnerability in the TeamCity CI/CD server.
Read now >
SC Media
Server hijacking likely with exploitation of critical TeamCity vulnerability
In this article, a critical TeamCity vulnerability is detailed, as discovered by Sonar's vulnerability research team.
Read now >
Hacker News
Critical JetBrains TeamCity Flaw Could Expose Source Code and Build Pipelines to Attackers
In this article, Sonar researchers share their discovering of a critical vulnerability in JetBrains TeamCity.
Read now >
SecurityWeek
In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover
A critical vulnerability in the TeamCity CI/CD server, discovered by the Sonar Vulnerability Research team could allow unauthenticated attackers to execute code and take over vulnerable servers.
Read now >
Decipher
TeamCity users urged to apply fix for Critical Flaw
Sonar researchers discovered a critical security vulnerability in TeamCity, a popular Continuous Integration and Continuous Deployment (CI/CD) server from JetBrains.
Read now >
L'Agefi
SonarSource, inflation, BNS: les trois mots-clés de la semaine
Sonar's appointment of new co-CEO, Tariq Shaukat, is covered in L'Agefi's top three news moments from the week.
Read now >
DBTA
SonarCloud Debuts Open Source, Zero-Configuration, Automatic Analysis for C and C++ Projects
Sonar, the Clean Code solution provider, is announcing a new capability for its SonarCloud platform: Zero-configuration, automatic analysis for programming languages C and C++.
Read now >
VMblog
Sonar Delivers Zero-Configuration Analysis of C and C++ Projects
New zero-configuration, automatic analysis for programming languages C and C++ within SonarCloud enables GitHub hosted projects to be analyzed in one click, and it works with all compilers.
Read now >
DEVOPSdigest
Sonar Announces Zero-Configuration Analysis of C and C++ Projects
Sonar announced zero-configuration, automatic analysis for programming languages C and C++ within SonarCloud, enabling C and C++ projects hosted on GitHub to be analyzed by SonarCloud in one click.
Read now >
L'Agefi
With the ex-president of Bumble, SonarSource aims for a billion in turnover
The Geneva unicorn has recruited a co-CEO who combines commercial and software skills in order to accelerate its development. Tariq Shaukat was at the helm of the dating app when it debuted on the Nasdaq.
Read now >
Bloomberg Markets
Expect More Durable Companies to Come to Market: Shaukat
Co-CEO of Sonar, Tariq Shaukat, discusses IPO tech landscape and the importance of growing profitability with durability.
Watch now >
Bloomberg Markets
Bloomberg Markets: The Close 09/12/2023
Recently appointed co-CEO of Sonar, Tariq Shaukat, joins Bloomberg Markets "The Close" to discuss his new role and the IPO tech market (at 25-minute mark).
Watch now >
Austin Business Journal
After helping Bumble IPO, Tariq Shaukat named co-CEO of $4B coding company
Tariq Shaukat joins Sonar as co-CEO to work alongside Founder and CEO, Olivier Gaudin, to take company through next phase of growth.
Read now >
insideHPC
Former Google Cloud President Tariq Shaukat Joins Sonar as Co-CEO
Sonar announced that Tariq Shaukat has joined the company as co-CEO and a member of the Board of Directors. The company said Shaukat will lead the company with founder and CEO Olivier Gaudin.
Read now >
TechStrong TV
Insecure Code: Software Makers May Be Held Liable with New Legislation
Peter McKee, Head of Developer Relations & Community at Sonar, speaks with TechStrong TV's Alan Shimel about the future of DevOps and the importance of Clean Code.
Listen now >
Forbes
What Large Models Cost You – There Is No Free AI Lunch
The cost of generative AI is hitting businesses. Building and training LLMs can be prohibitively expensive. Sonar's Olivier Gaudin says “LLMs get bigger, not smarter."
Read now >
SD Times
Insecure Code: Software Makers May Be Held Liable with New Legislation
Sonar CMO Manish Gupta covers the Biden National Cybersecurity Strategy, how it places more legal responsibility on software makers, and how Clean Code can help.
Read now >
GovInfoSecurity
Securing Applications, Accelerating DevOps With Clean Code
In this video interview, Sonar CEO & co-founder Olivier Gaudin discusses Clean Code strategies for addressing dirty code and legacy issues, and how to increase output and quality of DevOps teams.
Listen now >
SecurityGuyTV
Discovering Hidden Security Issues in Code with Sonar; Deeper SAST
In this interview, Sonar CEO & co-founder Olivier Gaudin, and Sonar Head of R&D Johannes Dahse, discuss the announcement of deeper SAST and what is Clean Code.
Listen now >
CRN
20 Hottest New Cybersecurity Tools At Black Hat 2023
In this article, vendors showcasing new products are highlighted. Sonar's deeper SAST is featured at number 12.
Read more >
Help Net Security
New infosec products of the week: August 4, 2023
In this article, Help Net Security takes a look at the most interesting products from the week of August 4th, including Sonar's deeper SAST.
Read more >
VMblog
Sonar's New, Powerful Deep-Analysis Capability Finds Hidden Code Level Security Issues
Sonar announced a significant advancement of its Clean Code offering - developers can now automatically discover and fix code security issues with deeper SAST.
Read more >
SD Times
Sonar new SAST tool includes support for thousands of open-source libraries
In this article, Sonar's announcement of deeper SAST is featured. The update to the Sonar platform makes it easier for developers to write Clean Code.
Read more >
Help Net Security
Sonar's new deep-analysis capability discovers and fixes code security issues
Sonar announced a significant advancement of its Clean Code offering – developers can now automatically discover and fix code security issues arising from interactions between user source code and third-party, open-source libraries.
Read more >
The New Stack
Bad Code Stalls Developer Velocity
Sonar's Head of Developer Relations, Peter McKee, covers how a Clean as You Code approach ensures quality cod is developed quickly, without having to backtrack to remediate old errors.
Read more >
The New Stack
What is Clean Code?
Sonar VP of Product, Fabrice Bellingard, details how embracing Clean Code principles enables organizations to enhance the efficiency of their DevOps workflow.
Read more >
Security Week
OpenMeetings Flaws Allow Hackers to Hijack Instances, Execute Code on Servers
Three vulnerabilities in Apache OpenMeetings could be exploited by attackers to take over an administrator account and execute arbitrary code remotely, according to Sonar's vulnerability research team.
Read more >
Dark Reading
Meet the Finalists for the 2023 Pwnie Awards
Sonar vulnerability researchers Thomas Chauefoin and Stefan Schiller receive Pwnie Awards nominations for research on vulnerabilities in Check_mk, and the security of the PHP supply chain and Composer.
Read more >
The Cyberwire
It pays to malvertise. MOVEit vulnerability remediation. Ransomware trends. FSB cyberespionage. Influence operators taken down.
The Cyberwire Daily Briefing newsletter highlights new original research from Sonar that spotlights the millions of dollars businesses lose when they fail to implement an optimal approach for software development.
Read more >
Dark Reading
Apache OpenMeetings Wide Open to Account Takeover, Code Execution
Sonar threat researcher Stefan Schiller shares insights on the three security vulnerabilities found in Apache OpenMeetings.
Read more >
The Hacker News
Apache OpenMeetings Web Conferencing Tool Exposed to Critical Vulnerabilities
Sonar research team finds multiple security flaws in Apache OpenMeetings that could be potentially exploited to seize control of admin accounts and run malicious code on susceptible servers.
Read more >
RT Insights
In the Era of Modern Apps, Clean Code is Key to Customer Satisfaction
Sonar VP of Products, Fabrice Bellingard, shares how embracing Clean Code practices guarantees that developers can create modern apps that deliver.
Read more >
DZone
Why ORMs and Prepared Statements Can't (Always) Win
Sonar Vulnerability Researcher, Thomas Chauchefoin, writes about several SQL injection vulnerabilities discovered in Soko, a software deployed on the Gentoo Linux infrastructure.
Read more >
The Hacker News
Critical SQL Injection Flaws Expose Gentoo Soko to Remote Code Execution
Sonar research team uncovers multiple SQL injection vulnerabilities in Gentoo Soko that could lead to remote code execution (RCE) on vulnerable systems.
Read more >
Security Affairs
Critical SQL Injection flaws in Gentoo Soko can lead to Remote Code Execution
Sonar researchers identify two SQL injection vulnerabilities in Gentoo Soko that can be exploited by a remote attacker to execute arbitrary code on vulnerable systems.
Read more >
DevOps Digest
Clean Code and Software Development: Maximizing Efficiency and Maintainability in Uncertain Times
Sonar's Head of R&D, Johannes Dahse, details two ways that Clean Code can help address current challenges developers face today.
Read more >
InformationWeek
DOS Won’t Hunt: Is AI Better Than Low Code/No Code for Developers?
Sonar CEO Olivier Gaudin brings up some points to consider as generative AI becomes part of the software development cycle.
Read more >
DEVOPSdigest
Cleaning as You Code Is the Only Way to Truly Shift Left
In this article, Sonar's Head of R&D covers how to truly shift left, developers must be able to clean-as-they-code.
Read more >
SecurityWeek
Pimcore Platform Flaws Exposed Users to Code Execution
In this article, Sonar's R&D team warns that newly patched vulnerabilities in the Pimcore platform bring code execution risks.
Read more >
DZone
How the Wrong Content Type Introduced a Vulnerability in Odoo
In this article, Sonar's R&D team provides an overview of content types and how a minor error resulted in a vulnerability in Odoo.
Read more >
BuiltIn ATX
Companies Fostering a Sense of Belonging During Onboarding
BuiltIn Austin asked SonarSource, LogicMonitor, Tecovas, Episode Six and Semrush how they make new hires feel welcome.
Read more >
Agile Noir
Clean as You Code with SonarQube
In part three of this series for the Agile Noir podcast, Lance Kind speaks with Sonar VP of Products, Fabrice Bellingard about the importance of code quality and how SonarQube can help developers maintain clean code.
Read more >
DZone
Empowering Weak Primitives: File Truncation to Code Execution With Git
In this article, SonarSource's R and D team discusses how they discovered a code vulnerability that allows you to truncate arbitrary files to execute arbitrary commands.
Read more >
BuiltIn ATX
Hiring Now: Sonar Is Building a Team That’s Passionate About Clean Code
This Austin company is building out a team of tech professionals who are passionate about clean code.
Read more >
Agile Noir
SonarQube Helps Development Teams Clean their Code
In part two of this series for the Agile Noir podcast, Lance Kind speaks with Sonar VP of Products, Fabrice Bellingard about how SonarQube helps developers clean their code.
Listen Now >
Agile Noir
Why 7 million developers have their code analyzed by SonarQube
In part one of this series for the Agile Noir podcast, Lance Kind speaks with Sonar VP of Products, Fabrice Bellingard about why developers have their code analyzed by SonarQube.
Listen Now >
DZone
Malicious Message Leading To E-Commerce Takeover
In this article, Sonar's research and development team presents the root cause analysis of two Cross-Site Scripting bugs.
Read More >
Devops
Avoiding Developer Burnout With Clean Code Best Practices
Employee burnout is common in the tech industry, especially for developers. In fact, 83% of software developers feel burnt out from their work and of those, nearly half of them feel...
Read More >
CyberNews
Southwest Airlines incidents prove companies need to deal with technical debt – now
Thousands of US organizations are running on outdated software. This kind of failure to address technical debt is a recipe for a disaster – and it’s already costing trillions. Clean as You Code to the rescue.
Read More >
Website Planet
Meet SonarSource: Top-Class Solutions For Code Quality Management
Check out this interview with Manish Gupta, CMO at SonarSource, a leading provider of clean code solutions. The interview covers the company’s story, the benefits of using clean code when building websites, and what’s in the future of coders with the recent developments in AI technology.
Read More >
Venture Beat
Source Code Must Become a C-level Priority
Organizations have long realized how important their software is to their business. But they’re now fully realizing just how critical their software’s source code is. Sonar's CEO, Olivier Gaudin, explains.
Read More >
Help Net Security
SonarQube 9.9 LTS Empowers Organizations to Boost the Quality of Their Code
Sonar has launched SonarQube 9.9 Long-Term Support (LTS) that empowers organizations to achieve the Clean Code state securely and at scale.
Read More >
VM Blog
Sonar Launches SonarQube 9.9 LTS to Help Organizations Achieve a State of Clean Code
Sonar has launched SonarQube 9.9 Long-Term Support (LTS). The new release empowers organizations to achieve the Clean Code state quickly, securely, and at scale.
Read More >
Journal of Cyber Policy
Sonar Launches SonarQube 9.9 LTS to Help Organizations Achieve a State of Clean Code
SonarQube 9.9 LTS offers accelerated pull request analysis, support for building and deploying secure cloud-native applications, sophisticated enterprise-grade capabilities, and many innovations related to the detection engine and contextual education.
Read More >
DevOps Digest
SonarSource Launches SonarQube 9.9 LTS
Sonar’s latest 9.9 LTS release introduces key capabilities to enable enterprises to build better software in a sustained manner - with accelerated pull request analysis, support for building and deploying secure cloud-native applications, sophisticated enterprise-grade capabilities, and many innovations related to the detection engine and contextual education.
Read More >
SD Times
SonarQube 9.9 LTS Helps Organizations Produce Clean Code
Sonar’s release of SonarQube 9.9 Long-Term Support (LTS) aims to help organizations clean their code quickly with accelerated pull request analysis, support for building and deploying secure cloud-native applications, and more.
Read More >
Spiceworks
Retain Your Development Talent with The Power of Clean Code
Employee burnout is very common in the technology industry, especially for developers. However, companies can avoid developer burnout with the power of clean code practices, explains Fabrice Bellingard, VP of products at SonarSource.
Read More >
Make Use Of
What Is SonarQube? 5 Key Features for Programmers
Many tools and platforms are available in the programming world, and here’s one you should add to your toolbox: SonarQube. The following key features of SonarQube will help you to overcome your coding difficulties and improve your programming skills.
Read More >
App Developer Magazine
Why Sonar is Growing So Much
Announcing record growth in developer and enterprise customer adoption in FY22, Sonar has added 5,000 paying customers in 11 months, supporting 21,000 enterprise customers including over 75% of Fortune 100 and nearly half of Fortune 500 companies.
Read More >
CPO Magazine
Protect Developer Tools Against Growing Vulnerability Threat
Over the past couple of years, developers have been increasingly targeted by attackers, with dozens of events occurring. These bad actors are targeting devs with the tools they depend on to build code.
Read More >
The Empathetic Marketer
[Podcast] Increasing Audience Reach Using Effective Marketing Strategies with Manish Gupta
Listen as Manish Gupta, Chief Marketing Officer at Sonar, talks about creating intent-based campaigns to get your message across to audiences that are increasingly sensitive to overused marketing ploys.
Listen Now >
Techstrong
[Video] Critical Vulnerabilities in the IT Monitoring Tool
Watch as Stefan Schiller, a vulnerability researcher at SonarSource, explains how SonarSource determined an attacker can escalate to the Checkmk automation user by exploiting an authenticated arbitrary file read in NagVis.
Read More >
Devopsdigest
2023 DevOps Predictions - Part 3
Industry experts offer thoughtful, insightful, and often controversial predictions on how DevOps and related technologies will evolve and impact business in 2023 - including source code as a key strategic asset.
Read More >
The New Stack
Interest Growing in Dart and Flutter for Mobile
Dart and Flutter are finally getting their day as more software engineers explore using Flutter for mobile app development.
Read More >
Enterprise Security Tech
Exec Threat Overview: CVE-2022-30129
Johannes Dahse, Head of R&D at Sonar, explains a Remote Code Execution vulnerability (CVE-2022-30129) that was discovered in one of the most popular IDEs: Visual Studio Code.
Read More >
Console.Dev
Interview with Olivier Gaudin
CEO of Sonar, Olivier Gaudin, speaks to console.dev about getting into software, the beginnings of Sonar, the company structure, development challenges, tools, clean code, and more!
Read More >
Computer Weekly
SonarSource: Google’s Carbon language is a successor, not a replacement, for C++
Phil Nash explains that, despite popular belief, Google’s open source Carbon programming language is not a strict replacement for C++. The important distinction is that it is intended to be used alongside C++.
Read More >
DZone
JavaOne 2022: Java Continues to Evolve
The Java development team looks at the evolution of hardware and software to innovate and maintain its relationships with the developer community, and insights from the 2022 JavaOne conference.
Read More >
BetaNews
[Q&A] How Clean Code Can Help Developers Prevent Vulnerabilities
Every year, thousands of code vulnerabilities are discovered, patched, and publicly disclosed to improve security for current and potential users. What can developers do to write better code that prevents vulnerabilities from entering their apps and services in the first place?
Read More >
Techstrong
[Video] C++ and the Carbon Programming Language
Watch as Phil Nash, one of the original authors of the C++ test framework and a software engineer for SonarSource, explains how the Carbon programming language created by Google intertwines with C++
Read More >
CRN
Sonar expands the Clean Code movement to Asia Pacific
The leading platform for Clean Code will grow its user community and customer base across the entire region including ASEAN, ANZ, South Korea, China, and India.
Read More >
Dev Insider
[German] 10 unbekannte Sicherheitslücken in Python
Viele Entwickler nutzen Python und vertrauen darauf, dass es einen soliden Security-Level bietet.
Read More >
Bleeping Computer
Zimbra Bug Allows Stealing Email Logins with No User Interaction
Technical details have emerged on a high-severity vulnerability affecting certain versions of the Zimbra email solution that hackers could exploit to steal logins without authentication or user interaction.
Read More >
TechZone360
5 Development Tools Every Tech Engineer Should Have Access To
As a tech engineer, it is vital to have access to the right tools so you can create innovative products that make our lives easier. This blog post will discuss five development tools that every tech engineer should access!
Read More >
Techcrunch
Sonar raises $412M to scan codebases for bugs and vulnerabilities
Sonar, whose technology detects reliability and vulnerability issues in code, announced a funding round leading to a $4.7 billion valuation.
Read More >
Reuters
Coding platform Sonar valued at $4.7 bln after latest funding
Sonar intends to use the funds to double its salesforce this year and expand the company's marketing team across its international offices...
Read More >
MA RTS
[French] La start-up genevoise Sonar lève 412 millions et devient "quadruple licorne"
L'entreprise informatique genevoise Sonar a annoncé une capitalisation de 4,7 milliards de dollars, avec l'arrivée de nouveaux investisseurs américains.
Read More >
Austin American-Statesman
Software company has big plans for Austin, aims to double employee count
Sonar, which operates its U.S. headquarters in Austin, says it is gearing up for growth in Austin after landing a significant infusion of capital...
Read More >
SecurityWeek
CISA Warns of Attacks Exploiting Recent Vulnerabilities in Zabbix Monitoring Tool
The United States Cybersecurity and Infrastructure Security Agency (CISA) this week expanded its Known Exploited Vulnerabilities Catalog with two critical flaws in the Zabbix enterprise monitoring solution.
Read More >
The Record
Unpatched bug allows takeover of Horde webmail accounts, servers
Discovered by Sonar vulnerability researcher Simon Scannell, the vulnerability has existed in the Horde webmail app since late 2012...
Read More >