Featured resource
pluralsight tech forecast
2025 Tech Forecast

Which technologies will dominate in 2025? And what skills do you need to keep up?

Check it out
Hamburger Icon
  • Course
    • Libraries: If you want this course, consider one of these libraries.
    • Security

Application Analysis with SonarQube

This is the next step of your journey as a security professional. In this course, you'll learn how to hunt for vulnerabilities and hotspots based on MITRE's ATT&CK framework using SonarQube.

George Smith - Pluralsight course - Application Analysis with SonarQube
by George Smith

What you'll learn

SonarQube can detect bugs, code smells, vulnerabilities, and hot spots in over 25 programming languages. In this course, Application Analysis with SonarQube, you'll cover how to leverage SonarQube to discover vulnerabilities and hotspots in source code. First, you'll learn how to install and configure SonarQube. Next, you'll run a static analysis against a sample software project. You'll be looking for potential security weaknesses in the software. Then, you’ll operate the tool and run a static security scan of target code base. Finally, you’ll analyze the problems flagged by SonarQube and examine the suggested remediation steps. When you’re finished with this course, you’ll have the skills and knowledge to detect and eliminate vulnerabilities and hotspots in publicly facing applications with these techniques: code-base static security scanning and analysis using SonarQube.

Table of contents

About the author

George Smith - Pluralsight course - Application Analysis with SonarQube
George Smith

George demonstrates a passion for cutting-edge system design, leveraging the latest in tech to help enterprises achieve their desired business results.

More Courses by George