This short blog post is about my perspective related to, how to get technical started with white box security testing, when you use SonarQube.
What do you think about the OWASP web application security top ten as a developer?
I like the OWASP Top Ten for "developers" charts. From my point of view, it gives an awesome advice, where to start or helps to take care and remember what you maybe already know about web security implementation. From my side it feels a bit like "rub salt into the wound" of a developer soul, isn't it so?