Tech Critter

Aikido vs SonarQube: Code Quality vs Full-Stack Application Security

Writing clean, bug-free code is a point of pride for any developer. For decades, tools that measure code quality have been a ...
The Hacker News

Why Data Security and Privacy Need to Start in Code

Proactive Sensitive Data Leak Detection. Embed privacy across all stages in development, from IDE environments, with ...
Dark Reading

Code-Scanning Tool's License at Heart of Security Breakup

A group of nine application security service providers announced they would "fork" the popular code-scanning project Semgrep, creating a new codebase, after a series of moves by the eponymous startup ...
Computerworld

Open-source code examined

In its “Scan Report on Open Source Software 2008,” Coverity Inc. analyzed more than 55 million lines of code on a recurring basis from more than 250 open-source projects. Detailed today, the project ...
Computerworld

How to choose and use source code analysis tools

The high cost of finding and patching application flaws is well known. Wouldn’t it be cheaper to write secure code in the first place? One of the fastest growing areas in the software security ...