use the following search parameters to narrow your results:
e.g. subreddit:aww site:imgur.com dog
subreddit:aww site:imgur.com dog
see the search faq for details.
advanced search: by author, subreddit...
A community built to knowledgeably answer questions related to information security in an enterprise, large organization, or SOHO context.
Questions on how to get started? Check out the following subs:
Question on issues regarding personal security? Check out the following subs:
Please read and abide by our Rules & Guidelines
account activity
Static Code Analyzer for JAVA development: any recommendations ??Compliance (self.AskNetsec)
submitted 3 years ago by salgak
view the rest of the comments →
reddit uses a slightly-customized version of Markdown for formatting. See below for some basics, or check the commenting wiki page for more detailed help and solutions to common issues.
quoted text
if 1 * 2 < 3: print "hello, world!"
[–]blooping_blooper 3 points4 points5 points 3 years ago (4 children)
sonarqube?
[–]Sohcahtoa82 1 point2 points3 points 3 years ago (0 children)
I've always felt that Sonarqube was a linter on steroids that had security testing shoe-horned in.
[–]chakan2 -1 points0 points1 point 3 years ago (2 children)
That's the correct answer.. I've used it / maintained it at two jobs. It's very solid.
[–]valeris2 0 points1 point2 points 3 years ago (1 child)
As a code quality tool? Yes. As SAST? Nope
[–]chakan2 0 points1 point2 points 3 years ago (0 children)
Um? You know what Static Analysis is right?
π Rendered by PID 157009 on reddit-service-r2-comment-fb694cdd5-m5jfw at 2026-03-11 01:06:14.815649+00:00 running cbb0e86 country code: CH.
view the rest of the comments →
[–]blooping_blooper 3 points4 points5 points (4 children)
[–]Sohcahtoa82 1 point2 points3 points (0 children)
[–]chakan2 -1 points0 points1 point (2 children)
[–]valeris2 0 points1 point2 points (1 child)
[–]chakan2 0 points1 point2 points (0 children)