Sonar Blog

Home

BLOG

Sonar's latest blog posts

Featured Post

Building Confidence and Trust in AI-Generated Code

To tackle the accountability and ownership challenge accompanying AI-generated code, we are introducing Sonar AI Code Assurance

Read More
https://assets-eu-01.kc-usercontent.com:443/093b835c-5333-0132-0526-5bdca2623961/0bd6c0bc-c921-485b-8570-8de7e1384983/AI%20Code%20Assurance_square-index%402x.png
https://assets-eu-01.kc-usercontent.com:443/093b835c-5333-0132-0526-5bdca2623961/51cbb0a7-98e8-453b-bab1-b07c2e14f356/Develop%20Your%20Cloud%20Native%20Apps%20the%20Sustainable%20Way_Hero.jpg
Blog post

Develop Your Cloud Native Apps the Sustainable Way

Application development using cloud native technologies is a game changer for developers. With a robust, maintainable codebase, they are positioned to do their best work. Learn how Sonar has the clean code game plan to perfectly complement your cloud native initiatives.

Read Blog post >

https://assets-eu-01.kc-usercontent.com:443/093b835c-5333-0132-0526-5bdca2623961/966f2a78-5fc4-4c0c-9e09-20b4d2d88528/Sonar%20Pwn2Own%20Toronto%202022_Hero%402x.png.jpg
Blog post

Sonar @ Pwn2Own Toronto 2022

Members of the Sonar Vulnerability Research team remotely participated in Pwn2Own Toronto 2022. This competition is quite special for us: we usually focus on code vulnerabilities in open-source web application projects.

Read Blog post >

Get new blogs delivered directly to your inbox!

Stay up-to-date with the latest Sonar content. Subscribe now to receive the latest blog articles.

By submitting this form, you agree to the storing and processing of your personal data as described in the Privacy Policy and Cookie Policy. You can withdraw your consent by unsubscribing at any time.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Developer screen showing code with sonarcloud logo.
Blog post

How to enable your development team to deliver Clean Code?

Regardless of the company we work for, the project we contribute to, or our years of experience as individual developers or as a team, we inevitably make mistakes while coding. On average, a development team generates about 15 to 50 errors per 1,000 lines of delivered code.

Read Blog post >

Image of different elements of clean code going across the page in different ways symbolizing the enterprise.
Blog post

Scaling Clean Code Across the Enterprise

Code is at the core of your software and dictates its behavior and performance. Clean code makes it easier for your development teams to introduce changes and enhancements to software because it is free of issues.

Read Blog post >

https://assets-eu-01.kc-usercontent.com:443/093b835c-5333-0132-0526-5bdca2623961/37cf43d2-9d57-4325-b54f-3ae361d5bfeb/What%20I%20learned%20from%20using%20SonarQube%20for%20the%20first%20time_Hero%402x.png
Blog post

What I learned from using SonarQube for the first time

In this blog, I will share the story of how I got introduced to SonarQube and made use of it as a team lead. I will explain how it helped us improve our code, and also assisted me in growing a team of junior developers with a Clean Code companion by their side.

Read Blog post >

https://assets-eu-01.kc-usercontent.com:443/093b835c-5333-0132-0526-5bdca2623961/b8f6faa7-8804-46c3-a94f-282058577aea/Code%20Security%20Advent%20Calendar%202022_Hero.jpg
Blog post

Code Security Advent Calendar 2022

The year is slowly coming to an end and it’s time again to look back and reflect on the great fun and achievements of the year. This is where we would like to thank our community and share a little gift, as we do every December since 2016.

Read Blog post >

https://assets-eu-01.kc-usercontent.com:443/093b835c-5333-0132-0526-5bdca2623961/6506452b-8144-4a65-ac18-a1343a358588/Lesser%20spotted%20React%20mistakes-Zombie%20methods_Hero.jpg
Blog post

Lesser spotted React mistakes: Zombie methods

This series is dedicated to the small, but common pitfalls and errors you can encounter when writing React code. Whether an experienced JavaScript | TypeScript developer or just starting out, the results can be surprising. Part 2.

Read Blog post >

https://assets-eu-01.kc-usercontent.com:443/093b835c-5333-0132-0526-5bdca2623961/6152bf00-b2d0-4f3d-852c-6555194c1119/Doing%20More%20with%20Less%20in%20Uncertain%20Times_Hero%402x.png
Blog post

Doing More with Less in Uncertain Times

Even though efficiency of all work processes is a goal of any business striving for success, it is even more of a challenge given the current economic climate. This bar shifts higher every day.

Read Blog post >

https://assets-eu-01.kc-usercontent.com:443/093b835c-5333-0132-0526-5bdca2623961/8d960daa-e1d0-4e94-b772-0b0a09889b66/Checkmk-Remote%20Code%20Execution_Hero%402x.png
Blog post

Checkmk: Remote Code Execution by Chaining Multiple Bugs (3/3)

This last article of the series determines how an attacker can chain two further vulnerabilities to fully take over a Checkmk server.

Read Blog post >

KubeCon and CloudNativeCon North America 2022
Blog post

A Look Back at KubeCon 2022

The Sonar Team had a great time sponsoring KubeCon 2022 in Detroit. Read about our takeaways from the event...

Read Blog post >

The second article of this series outlines how an attacker can leverage the ability to forge arbitrary LQL queries to gain access to the NagVis component.
Blog post

Checkmk: Remote Code Execution by Chaining Multiple Bugs (2/3)

The second article of this series outlines how an attacker can leverage the ability to forge arbitrary LQL queries to gain access to the NagVis component.

Read Blog post >