Skip to main content

How can we do the Security Analysis using SonarQube?

By
For Security Analysy purposes, a source code security analyzer
- examines source code to
- detect and report weaknesses that can lead to security vulnerabilities.
They are one of the last lines of defense to eliminate software vulnerabilities during development or after deployment. A Source Code Security Analysis Tool Functional Specification is available.
The SonarQube Quality Model has three different types of rules: Reliability (bug), Vulnerability (security), and Maintainability (code smell) rules. But divided another way, there are only two types: security rules, and all the rest. Read more click here

Reference:- This article was originally posted on scmGalaxy.com

Virus-free. www.avast.com
Labels:

Comments

Post a Comment

Popular posts from this blog

Classroom DevOps Training & Workshop in Bangalore (India)

By
About the DevOps DevOps integrates developers and operation teams in order to improve collaboration and productivity by automation infrastructure, automating workflows and continuously application performance. DevOps helps you deliver the best user experience possible and benefits your company by increasing the frequency of deployments of your software and services. DevOps helps to improve performance and quickly release of application. As rapid delivery of software has become a strategic business asset, progressive IT organizations are pursuing a DevOps culture, where development and operations teams, systems, and tools work in lockstep. By aligning goals and sharing tools and strategies, you can improve velocity and code quality, allowing you to innovate faster. In this course, we look at the necessity of Devops and how a DevOps transformation can help focus on value and streamlined delivery of your software. We will also cover concepts like Automation, tools & technology ...
16 comments
Read more