Sonar Logo
Start for FreeExplore Pricing

Sonar Blog

Home

Blog

Sonar's latest blog posts

Featured Post

What Code Issues Caused the CrowdStrike Outage?

This blog post takes a look at the potential code issues behind the recent global CrowdStrike outage.

Read More
https://assets-eu-01.kc-usercontent.com:443/02cb980b-5a8a-016f-80ee-dce623e76463/7b69d1cd-74f7-4610-a793-6bd3e35737fa/crowdstrike_blog_featured_2x.webp
Patches, Collisions, and Root Shells: A Pwn2Own Adventure
Blog post

Patches, Collisions, and Root Shells: A Pwn2Own Adventure

We dive into the technical details of the vulnerabilities we identified as part of last year's Pwn2Own competition.

Read article >

https://assets-eu-01.kc-usercontent.com:443/02cb980b-5a8a-016f-80ee-dce623e76463/a6d86837-3fbd-4ec4-a314-9adf7f159ab5/sc-and-c_blog-index.webp
Blog post

No, C++ static analysis does not have to be painful

No C and C++ static analysis does not need to mean difficult configuration and pain. We explain how Sonar has made the impossible possible with one-click analysis for projects hosted in GitHub. A free automatic analysis of C and C++ projects.

Read blog post >

Get new blogs delivered directly to your inbox!

Stay up-to-date with the latest Sonar content. Subscribe now to receive the latest blog articles.

By submitting this form, you agree to the storing and processing of your personal data as described in the Privacy Policy and Cookie Policy. You can withdraw your consent by unsubscribing at any time.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

https://assets-eu-01.kc-usercontent.com:443/02cb980b-5a8a-016f-80ee-dce623e76463/fc26b25b-e31a-43b4-9f7c-4b7a56e79939/we_are_developers_berlin2023_event.webp
Blog post

WeAreDevelopers 2023 - what did you miss?

The Sonar team of developers are just returning from their trip to Berlin where they attended WeAreDevelopers 2023. If you were not able to make it, here is what you missed.

Read blog post >

https://assets-eu-01.kc-usercontent.com:443/02cb980b-5a8a-016f-80ee-dce623e76463/df1e3ffd-80e3-46fb-b56d-df45e4f22867/multiple-code-variants_blog-index.webp
Blog post

Working with Multiple Code Variants in C++

Multiple variants of C++ code-bases at build time are a necessary evil on most projects - even if that's just debug and release. This has always made analysis more complex. But now, with first class support in SonarQube, multiple code variants are easier to analyze and understand.

Read article >

Image for the blog A Twist in the Code: OpenMeetings Vulnerabilities through Unexpected Application State
Blog post

A Twist in the Code: OpenMeetings Vulnerabilities through Unexpected Application State

Unexpected application states are often overlooked and can introduce severe security vulnerabilities. Read more about this real-world example.

Read article >

Cover image of research document
Blog post

New Research from Sonar on Cost of Technical Debt

New original research from Sonar puts a spotlight on the millions of dollars that businesses lose when they fail to implement an optimal approach for software development.

Read Blog post >

Phil Nash and Ben Dechrai being interviewed about how they started their careers as developers blog image.
Blog post

How I started my career as a developer

Interviews with Sonar’s Developer Advocates on their careers and what Clean Code means to them.

Read article >

https://assets-eu-01.kc-usercontent.com:443/02cb980b-5a8a-016f-80ee-dce623e76463/0652149c-5206-45d2-8c8f-0cad23114216/sq-9-9-is-for-php-devs_blog-index.webp
Blog post

Why SonarQube 9.9 LTS is a must-have for PHP Developers

PHP analysis gets faster and better with new rules, fixed false-positives, and much more in SonarQube 9.9 LTS.

Read article >

https://assets-eu-01.kc-usercontent.com:443/02cb980b-5a8a-016f-80ee-dce623e76463/3eae80de-84b6-45c8-bf8e-30a8332a7a61/troopers-reflections_blog-index.webp
Blog post

TROOPERS 2023 Conference Takeaways

Read about our key takeaways from the TROOPERS 2023 including our favorite talks and overall experience during the two days conference.

Read article >

https://assets-eu-01.kc-usercontent.com:443/02cb980b-5a8a-016f-80ee-dce623e76463/ef04fb57-2a75-452e-8a29-0dc699e6407d/typhooncon-reflections_blog-index.webp
Blog post

TyphoonCon 2023 Wrap Up

Last week, our Vulnerability Researchers traveled to TyphoonCon 2023 in Seoul to present their talk "Patches, collisions and root shells: a Pwn2Own Adventure".

Read article >

https://assets-eu-01.kc-usercontent.com:443/02cb980b-5a8a-016f-80ee-dce623e76463/c51b3247-f51d-456c-a029-bcdc060acd33/why-orms-and-prepared-statements-cant-win_blog-index.webp
Blog post

Why ORMs and Prepared Statements Can't (Always) Win

We always assume prepared statements and ORMs are enough to protect us from SQL injection, but be careful not to misuse their APIs! Let's look into a real-world case and see what we can learn from it.

Read article >