Skip to main content

How can we do the Security Analysis using SonarQube?

By

For Security Analysy purposes, a source code security analyzer
- examines source code to
- detect and report weaknesses that can lead to security vulnerabilities.
They are one of the last lines of defense to eliminate software vulnerabilities during development or after deployment. A Source Code Security Analysis Tool Functional Specification is available.
 
The SonarQube Quality Model has three different types of rules: Reliability (bug), Vulnerability (security), and Maintainability (code smell) rules. But divided another way, there are only two types: security rules, and all the rest. Read more click here

Reference:- This article was originally posted on scmGalaxy.com

Virus-free. www.avast.com

Comments

  1. Natural gas29 November 2017 at 21:05

    Source code security analysis is very important part of development. Thanks for sharing its importance and tool details.

    ReplyDelete

Post a Comment

Popular posts from this blog

Teamcity and Github Training by DevOpsSchool

By
Teamcity is a configuration management tool (in JAVA) build and tests the project which is configured through server and can be set up to build and run on different platforms and operating systems. Teamcity Agenda - https://bit.ly/2Pd2Mzz To learn GitHub you should understand GIT first. When software or an app get developed, a constant change has been made to the code, releasing new version up to and after its official release. Github Agenda - https://bit.ly/2LJXe2X Teamcity and Github Training by DevOpsSchool (Must have skills to stay relevant in the Industry - ENROLL NOW!) For further discussion, you can reach us on call/WhatsApp: +91 700 483 5930 | +91 700 483 5706 | Email: Contact@DevopsSchool.com #DevOps #Teamcity #Github #Training #Certification #Course #Online #DevOpsSchool
Post a Comment
Read more

DevOps and Certified Kubernetes Administrator (CKA) Training

By
DevOps and Certified Kubernetes Administrator (CKA) Training DevOps integrates developers and operation teams in order to improve collaboration and productivity by automation infrastructure, automation workflows and continuously application performance. DevOps helps You deliver the best user experience possible and benefits your company by increasing the frequency of deployments of your software and services. DevOps Training Agenda - http://bit.ly/2NyZBq8 Kubernetes was originally created by Google. Now its driven by Cloud Native Compute Foundation (CNCF), It's an open body, which provides and conduct exams to get the official certification for "Kubernetes Certified Administrator". The purpose of the Certified Kubernetes Administrator (CKA) program is to provide assurance that CKAs have the skills, knowledge, and competency to perform the responsibilities of Kubernetes administrators. CKA  Training Agenda   - http://bit.ly/319gutJ DevOps and Certified Kubernetes Admin...
Post a Comment
Read more

DevOps Online Training by DevOpsSchool.com

By
DevOps Online Training- Instructor-led, live & Interactive By DevOpsSchool.com In this training program, We are going to cover these Top 16  Tools in our DevOps Course and 4 Assignments & 1 Real-Time Scenario Based Projects . The Training Duration is:- 53 Hrs, Which will be completely Instructor-Led, Live & Interactive Online We have available 2 Timing:- Weekends - Sat & Sun) 8:30AM To 11:30AM IST Weekdays - Tue & Thu) 8:30PM To 11:30PM IST Course Fee:- INR 17,999/- Lifetime Membership Instructor-led, Live Session Access for 3 months Lifetime access to all learning materials (Class recordings, Notes, Quizzes. etc..) Lifetime Technical Support Bittu Kumar   |   Course Advisor    M: +91 799 223 7558 bittu@devopsschool.com Skype - bittu.cotocus
Post a Comment
Read more