I am looking for pros and cons for the Checkmarx vs SonarQube, in particular regarding
tuning Sonarqube to reduce false positives without introducing false negatives.
I am also wondering if SonarQube could allow developers to delint their code before submitting it to SAST with… more »
I am researching application security software for my organization. We provide systems to the airline industry.
Which products provide both vulnerability scanning and quality checks?
Which one(s) do you recommend and why?
TundeOgunkoyaWhilst it may appear as though the real solution to a question like yours is to… more »
Wanda ThomasIt depends if the application is a web app. Does it have a database? Are the… more »
davidstromBurp Suite from PortSwigger (pen testing and vuln scans) and WebGoat from OWASP… more »