Tech Critter

Aikido vs SonarQube: Code Quality vs Full-Stack Application Security

Writing clean, bug-free code is a point of pride for any developer. For decades, tools that measure code quality have been a ...
Dark Reading

Code-Scanning Tool's License at Heart of Security Breakup

A group of nine application security service providers announced they would "fork" the popular code-scanning project Semgrep, creating a new codebase, after a series of moves by the eponymous startup ...
Fox News

QR code scams rise as 73% of Americans scan without checking

Quishing is proving effective, too, with millions of people unknowingly opening malicious websites. In fact, 73% of Americans admit to scanning QR codes without checking if the source is legitimate.
Computerworld

Open-source code examined

In its “Scan Report on Open Source Software 2008,” Coverity Inc. analyzed more than 55 million lines of code on a recurring basis from more than 250 open-source projects. Detailed today, the project ...
Computerworld

How to choose and use source code analysis tools

The high cost of finding and patching application flaws is well known. Wouldn’t it be cheaper to write secure code in the first place? One of the fastest growing areas in the software security ...