Design-Reuse3y
Source Code Analysis in an Agile World
The approach recommended in this paper is the use of automated source code analysis (SCA) technology to locate and describe areas of weakness in software source code, such as security vulnerabilities, ...
SD Times5y
Microsoft releases source code analyzer Application Inspector
Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...
The risks of AI-generated code are real — here’s how enterprises can manage the risk
AI generated code is set to dominate application development. Here's what enterprises can do now to lower the risk.
iaea.org3y
Open-source Nuclear Codes for Reactor Analysis (ONCORE)
The Open-source Nuclear Codes for Reactor Analysis (ONCORE) initiative is an IAEA-facilitated international collaboration framework for the development and application of open-source multi-physics ...
Opinion
Database Trends and Applications13dOpinion
Sonar Ushers in Support for Third-Party, Open Source Code Analysis and Security
Sonar, the leading provider of integrated code quality and code security solutions, is unveiling SonarQube Advanced Security, which extends SonarQube's analysis capabilities-which currently cover ...
Unite.AI6d
Open-Source Alternatives Amid Semgrep Licensing Controversy
The security community witnessed a seismic shift in January 2025, as rival companies united to launch Opengrep—a fork of static application security testing tool, Semgrep. Once celebrated for its ...
Sonar expands SonarQube with advanced security for third-party open-source code
The forthcoming launch of SonarQube Advanced Security integrates technology from Tidelift Inc., which Sonar acquired in December. In particular, the release integrates Tidelift’s proactive approach to ...