We’ve published a new post:
At SonarSource, we believe that developer-led Code Security will inevitably come to dominate the SAST market just like developer-led Code Quality did a decade ago. Finding Vulnerabilities immediately after they’re introduced instead of weeks later just makes more sense. But what does that mean for the risk and compliance teams that lead those efforts today? Those jobs don’t go away. Actually, they get more interesting and possibly even more important.
Read the rest in the blog.
As a side-note, this is the final piece of a 4-part series on SonarSource’s approach to the SAST market:
1: Taking the angst out of SAST analysis
2. Blazing a trail on the SAST road less traveled by
3. Security Hotspots maintain engagement in developer-led security
4. Security auditors - the Cinderella story of SAST