GENEVA, Dec. 17, 2020
GENEVA, Dec. 17, 2020 /PRNewswire/ -- In 2020 SonarSource became a leader in Code Quality and Code Security solutions, upgrading its tools to bring unmatched SAST (Static Application Security Testing) precision and performance to developers. Now there's a tool that enables developers to own Code Security!
What that means for developers is code security analysis in the SonarSource tools they are already familiar with: SonarQube and SonarCloud. And SonarSource has taken pains to apply the same "no false positives" rule to security analysis that it uses for its code quality analysis.
The availability of highly precise SAST analysis in developer tooling represents a stark departure from the previous state of the art. Other SAST tools are built for a security auditor audience rather than developers. They raise a broad swath of issues with the expectation that security auditors will sort through the results to find any true positives.
By targeting developers, SonarSource has taken a different approach: tune the SAST rules to raise only true positives and accept that a few borderline issues may fall through the cracks. "Our approach to Code Security is a true change of paradigm, taking the opposite approach from traditional players who address CISOs, risk and compliance needs, and feel the pain to bridge to development in order to fix issues. With the precision that we offer, developers can be the direct recipient of vulnerabilities issues. And when you know the level of integration of our products with development pipelines and its level of adoption, it is not difficult to imagine the kind of impact it will have on the security market.", SonarSource CEO Olivier Gaudin said.
Learn more about SonarSource SAST tools:
SonarSource builds world-class products for Code Quality and Security. Its open-source and commercial code analyzers - SonarLint, SonarCloud, SonarQube - support 27 programming languages, empowering dev teams of all sizes to solve coding issues within their existing workflows. Trusted by more than 250,000 organizations globally, SonarSource products are a de-facto standard for teams and organizations to deliver better, safer software.
About RIPS Technologies