Sonar announced a significant advancement of its Clean Code offering – developers can now automatically discover and fix code security issues arising from interactions between user source code and third-party, open-source libraries. Referred to as deeper SAST, the new advanced detection addresses issues that traditional SAST tools miss by not following the flow within library code. Traditional SAST vendors analyze user application code. These tools do not scan the combined code, and flag libraries in … More

The post Sonar’s new deep-analysis capability discovers and fixes code security issues appeared first on Help Net Security.