SonarSource Blog
  • Code Quality
  • Code Security
  • Integration
  • Company
  • Products

    In-IDE

    Code Quality and Code Security in your IDE with SonarLint

    IDE extension that lets you fix coding issues before they exist!

    Discover SonarLint

    In-Cloud

    Code Quality and Code Security in the cloud with SonarCloud

    Setup is effortless and analysis is automatic for most languages

    Discover SonarCloud

    On-premise

    Code Quality and Code Security on-premise with SonarQube

    Fast, accurate Code Quality and Code Security analysis for most languages

    Discover SonarQube

Articles about Security

  1. Top 3 takeaways from BlackHat USA 2022



    Take a look at our top takeaways from BlackHat USA 2022 at Las Vegas in August.

    By kirti joshi | August 19, 2022
  2. Remote Code Execution via Prototype Pollution in Blitz.js

    Remote Code Execution via Prototype Pollution in Blitz.js



    We recently discovered a Prototype Pollution vulnerability in Blitz.js leading to Remote Code Execution. Learn about this bug class and how to avoid it in your code!

    By paul gerste | July 12, 2022

  3. Clean Your Infrastructure Code with Sonar



    The norm for setting up your cloud-native app infrastructure is quickly becoming Infrastructure as Code (IaC). In this blog, we’ll cover how Sonar is the solution for safeguarding your IaC invoked infrastructure.

    By clint cameron | March 22, 2022
  4. Squirrel Sandbox Escape allows Code Execution in Games and Cloud Services

    Squirrel Sandbox Escape allows Code Execution in Games and Cloud Services



    We discovered and reported a vulnerability in the Squirrel VM, written in C, that allows an attacker to escape the sandbox.

    By simon scannell-and-niklas-breitfeld | October 19, 2021

  5. Supercharge your C++ analysis with SonarLint for CLion



    This article talks about the powerful capabilities of the C++ analyzer with SonarLint and highlights some unique and interesting quality and security rules you might find useful. Through that lens, we demonstrate how you can leverage these rules to elevate your CLion built-in static analysis capabilities for your C++ projects.

    By phil nash-and-geoffray-adde | September 28, 2021
Sign up today never miss an update from Sonar
Sign up today & never miss an update from Sonar

We have received your subscription request. Please click on the confirmation link that was sent to your email. If you don’t see an email, check your spam/junk folder. Thank you!

We respect your privacy.

In-IDE

Code Quality and Code Security in your IDE with SonarLint

IDE extension that lets you fix coding issues before they exist!

Discover SonarLint

In-Cloud

Code Quality and Code Security in the cloud with SonarCloud

Setup is effortless and analysis is automatic for most languages

Discover SonarCloud

On-premise

Code Quality and Code Security on-premise with SonarQube

Fast, accurate Code Quality and Code Security analysis for most languages

Discover SonarQube

Sonar blog delivered directly to your inbox!

We respect your privacy.

We have received your subscription request. Please click on the confirmation link that was sent to your email. If you don’t see an email, check your spam/junk folder. Thank you!

  • SonarSource
© 2008-2022, SonarSource S.A., Switzerland. All content is copyright protected. SONAR, SONARSOURCE, SONARLINT, SONARQUBE, and SONARCLOUD are trademarks of SonarSource SA.
All other trademarks and copyrights are the property of their respective owners. All rights are expressly reserved.
Privacy PolicyTerms and Conditions