Contactez-nous Suivez-nous sur Twitter En francais English Language

De la Théorie à la pratique

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN



Cybersecurity Awareness Month - Expert Commentary from Industry Leader

October 2021 by Johannes Dahse, Head of R&D at SonarSource

Johannes Dahse, Head of R&D at SonarSource comment the Cybersecurity Awareness Month .

Code security is an essential component of an organization’s overall cybersecurity posture. If not properly addressed on a timely and ongoing basis, coding mistakes can turn into serious vulnerabilities that allow malicious actors entry points to applications, databases and other critical systems, granting them access to sensitive data and more.

For example, the SonarSource Research team has recently spotted serious vulnerabilities in several popular open source programs, including Zimbra, a webmail solution; online text editor Etherpad; and elFinder, a file manager. Similar ones can hide in any open source or proprietary codebase.

For this reason, organizations must put the days of keeping development and security teams separate behind them. Developers are in the best position to ensure the security of their code, and leveraging modern static application security testing (SAST) tools is a fast and easy way for developers to receive feedback and guidance for fixing critical vulnerabilities right in the IDE, as they write their code.

It’s time to include code security in the larger cybersecurity conversation, and recognize the critical role it plays in keeping our organizations and sensitive data safe, as well as the opportunity it represents for developers to grow and make a positive impact on application security.

See previous articles


See next articles