Bad code is risky business. AI-generated or written by humans, Sonar ensures top-tier code quality & security. Protect your organization from bugs and vulnerabilities that jeopardize customer trust, damage your reputation, and undermine developer experience.| www.sonarsource.com
Our Clean Code solution SonarCloud discovered multiple vulnerabilities leading to remote code execution on pfSense CE 2.7.0. Let's see how SonarCloud found them and how it can keep your code clean.| www.sonarsource.com
| pspaul's blog
| pspaul's blog
| pspaul's blog
| pspaul's blog
| pspaul's blog
| pspaul's blog
| pspaul's blog
The Sonar Research team discovered critical code vulnerabilities in Proton Mail, Skiff and Tutanota. This post covers the technical details of the XSS vulnerability in Proton Mail.| www.sonarsource.com
The absence of charset information seems to be a minor issue for a web application. This blog post explains why this is a false assumption and highlights the critical security implications.| www.sonarsource.com
Our Vulnerability Research team discovered a critical vulnerability in the popular CI/CD server TeamCity, which attackers could use to steal source code and poison build artifacts.| www.sonarsource.com
SonarQube Server automates code quality & security reviews and provides actionable code intelligence so developers can focus on building better, faster.| www.sonarsource.com
