New deep code analysis platform helps developers eliminate bugs

As recent high-profile attacks have shown, bad actors are increasingly going after software supply chains to exploit vulnerabilities in commercial and open source code. Developer tool specialist Sonatype is launching a new deep code analysis platform called Lift that installs easily on any source repository and provides developer-friendly feedback on a wide range of bug types. Lift helps build collaboration between security and development teams, providing a unified code analysis pipeline that brings over 26 tools across 11 languages to catch a wide range of bug types. Because Lift’s results are reported in code review, developers and security engineers can… [Continue Reading]