SonarQube (formerly Sonar) is an open-source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs. We will use the sonarqube docker image to run the sonarqube locally. Afterwards we will run the analysis on local maven java project. docker pull sonarqube:lts-community You…
The OWASP Top 10 is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications. Access control enforces policy such that users cannot act outside of their intended permissions. Failures typically lead to unauthorized information disclosure, modification, or destruction of all…
The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. OWASP issues and maintains several recommendations regarding how to write secure code. One of the projects OWASP runs is the OWASP Dependency-Check. Lets integrate OWASP Dependency-Check in your Java/Maven project. Here’s the configuration I’m using in…
We use cookies to improve your experience on our site. By using our site, you consent to cookies.
Manage your cookie preferences below:
Essential cookies enable basic functions and are necessary for the proper function of the website.
These cookies are needed for adding comments on this website.
Google reCAPTCHA helps protect websites from spam and abuse by verifying user interactions through challenges.
Statistics cookies collect information anonymously. This information helps us understand how visitors use our website.
Google Analytics is a powerful tool that tracks and analyzes website traffic for informed marketing decisions.
Service URL: policies.google.com (opens in a new window)