Sonatype Lift uses deep code analysis to suggest bug fixes

Sonatype has launched a new deep code analysis platform called Lift which can detect a wide range of bug types.

Lift detects bugs ranging from style issues to complex coding errors commonly found in first-party source code and third-party open source libraries.

Research from Veracode last year found that open-source libraries cause security flaws in around 70 percent of apps. However, open-source libraries are often critical to projects.

Using a deep code...

Trend Micro partners with Snyk to fight open-source bugs

Cybersecurity leader Trend Micro is partnering up with application security platform Snyk to fight open-source bugs.

Research from Veracode last year found that open-source libraries cause security flaws in 70 percent of apps. Snyk itself has observed a 2.5x growth in open-source vulnerabilities over the past three years.

However, open-source is vital to the advancement of the software development industry. Snyk estimates that around 80 percent of application today is...