🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

The simple <script> XSS didn’t work? Don’t give up before trying some mXSS magic🪄. Get to know the fundamentals of this bug class on your way to becoming a master of sanitizer bypasses: sonarsource.com/blog/mxss-the-… #appsec #security #vulnerability #mXSS

𝗘𝗻𝗮𝗯𝗹𝗶𝗻𝗴 𝗛𝗶𝗴𝗵-𝗤𝘂𝗮𝗹𝗶𝘁𝘆 𝗖𝗼𝗱𝗲 𝗶𝗻 .𝗡𝗘𝗧 I just published a new newsletter where we deeply analyze how to enforce high-quality cod in .NET. We will discover: 🔹 𝗪𝗵𝗮𝘁 𝗶𝘀 𝗰𝗼𝗱𝗲 𝗾𝘂𝗮𝗹𝗶𝘁𝘆? 🔹 𝗪𝗵𝗮𝘁 𝗰𝗼𝗱𝗶𝗻𝗴 𝘀𝘁𝗮𝗻𝗱𝗮𝗿𝗱𝘀 𝗮𝗿𝗲

SonarQube 10.6 is LIVE! 🚀 ✅ SonarQube runs in a FIPS-enforced environment ✅ C and C++ autoconfiguration ✅ Set rule priority to uphold your coding standards ✅ Added Scikit-learn library support for Python AI/ML practitioners. 🧵👇

Sonar Team members between Geneva, Austin, Bochum, London, and Singapore joined in their respective home offices for Petit Raout 2024! Between go-kart racing, mini golf, and wood-cutting classes, the teams brainstormed initiatives to grow the company and build upon its culture

😳 We actually hit 10,000 followers!! 🎉 Thank you all for being a part of our vulnerability research journey and mission to turn code into #CleanCode. Over the years, we've uncovered some wild bugs. Let's take a look back at our personal highlights... 🧵👇

Join Peter McKee on August 28 for a Sonar Virtual Event to discover how implementing static code analysis in our CI/CD pipeline is crucial to optimizing code quality! Register here 👇 sonarsource.zoom.us/webinar/regist…

Announcing the addition of Cloud Application Security Assessment (CASA) reports in SonarCloud. Aligned with OWASP ASVS, CASA helps secure apps with sensitive data, boosting your security posture. Coming soon to SonarQube as well 🙂 #AppSec #Security #OWASP

Level Up Your Software Quality With Static Code Analysis | By Robert Curlee, thanks to Sonar thenewstack.io/level-up-your-… #CICD #SoftwareTesting #CyberSecurity

Critical Roundcube XSS technical details: Desanitization, unsafe Content-Types, CSS exfiltration, and a Service Worker come together to persistently leak emails from a victim's browser. Read about it here: sonarsource.com/blog/governmen… (CVE-2024-42008, CVE-2024-42009, CVE-2024-42010)

❇️ Introducing AI Code Assurance and AI CodeFix for SonarQube and SonarCloud AI Code Assurance supports the safe and effective use of GenAI coding assistants while AI CodeFix leverages AI to generate resolutions for bugs with one click! Read here 👇 bit.ly/3TX3026

❇️ New from Sonar: ⭐ AI Code Assurance: Confidently integrate AI-generated code into projects by enforcing deep code analysis + a strict quality gate ⭐ AI CodeFix: Quickly generate AI-powered fix recommendations for code issues detected by our static code analysis solutions

After flirting for a while with Android, I am excited to share that I accepted the new challenge of covering Mobile domain at Sonar 😉 This is just the beginning! Stay tuned 😉 This wouldn’t be possible without an amazing team behind, I am so lucky to work alongside 😍

📣 New from Sonar! Developers can now benefit from Dart support, ensuring that their Flutter apps are consistently built with clean and dependable code. Full details here 👇 bit.ly/4dOnl0r

🌐 ASP. NET Core Evolution: .NET 9 Highlights and Sonar's Enhanced Developer Support ✅ Registration: bit.ly/48f3yWN 🚀 Learn how Sonar's newest product updates are tailored to support .NET web developers, enhancing code quality, security, and development efficiency

🚀 Customer Story Spotlight: ZEISS Group Discover how ZEISS, a global leader in optical technology, enhanced application quality and security with SonarQube Server! Read the full customer story here! bit.ly/4ee6PY2

🤔 How can you instill confidence in your AI-generated code? Connect with us at #AWSreInvent to learn how our AI capabilities ensure code quality and security in the #GenAI era. We’ll be hosting SonarQube demos and games with fantastic prizes (Apple AirPods Pro 🎧)!

Welcoming new podcast sponsor: Sonar Trust your developers – verify your AI-generated code. Sonar analyzes all code regardless of who writes it—your internal team or genAI—resulting in more secure, reliable & maintainable software. Check it out: sonarsource.com/pragmatic