Sonar Expands Code Analysis Portfolio with Secrets Detection


Sonar has expanded its product line to include tools for analyzing code and DevOps workflows, including the ability to detect secrets.

This feature, which can be used to identify passwords, application programming interface (API) keys, encryption keys, tokens, database credentials, and other private information, is being added to SonarLint, SonarQube, and the managed SonarCloud service. It is intended to be used for both finding secrets in code repositories and when applications are developed using an integrated development environment (IDE).

The firm said in an announcement that the company has now extended its syntactic and semantic analysis engines, enabling the SonarLint static analysis tool to uncover secrets in microseconds.

Read More: Sonar Adds Secrets Detection to Code Analysis Portfolio

Check Out The New TalkDev Podcast. For more such updates follow us on Google News TalkDev News.