17 dicembre 2020 08:53
Fonte: Adnkronos
#ict
GENEVA, Dec. 17, 2020 /PRNewswire/ -- In 2020 SonarSource became a leader in Code Quality and Code Security solutions, upgrading its tools to bring unmatched SAST (Static Application Security Testing) precision and performance to developers. Now there's a tool that enables developers to own Code Security!
What that means for developers is code security analysis in the SonarSource tools they are already familiar with: SonarQube and SonarCloud. And SonarSource has taken pains to apply the same "no false positives" rule to security analysis that it uses for its code quality analysis.
SonarSource's has been adding SAST analysis to its tools for several years, but its efforts were boosted by the May 2020acquisition of RIPS-TECH, which specialized in highly precise SAST analysis of PHP. Since the acquisition, the combined team has re-engineered SonarSource's detection of injection vulnerabilities from the ground up to incorporate the best from both companies. The result: today developers have access to unparalleled precision in security analysis of Java, C#, PHP, Python, and JavaScript code in SonarQube and SonarCloud, with more languages to come.