KubeArmor VS SonarQube

Falco is a cloud native Kubernetes threat detection tool. It can detect unexpected behavior, intrusions, and data theft in real time. In the backend, it uses Linux eBPF technology to trace your system and applications at runtime. For example, it can detect if someone tries to read a secret file inside a container, access a pod as a root user, etc, and trigger a webhook or send logs to the monitoring system. There are similar tools like Tetragon, KubeArmor, and Tracee which also provide Kubernetes runtime security.

We're building a KubeArmor - a container-aware runtime security enforcement system n using LSMs - between India, Korea and the US

https://github.com/accuknox/kubearmor

2. SonarQube: https://github.com/SonarSource/sonarqube SonarQube enhances code quality and security. It performs automatic reviews to detect bugs, vulnerabilities, and code smells in your code.

SonarQube (Scroll down to the Sonarqube section to see instructions on how to set up and configure SonarQube manually)

SonarQube https://www.sonarqube.org/

There are commercial tools that can be integrated into a CI pipeline and/or a developer's IDE. I've used SonarQube before, but there are others.

having a code review and analysis tool in CI/CD pipeline can help developers to keep their code clean. some examples of these tools are sonarqube and embold.

But back in 2012, tech debt-related tools were in their infancy. JetBrains released IntelliJ IDEA in 2000, and SonarQube was initially released in 2006. Stepsize started in 2015, and Visual studio intellicode wasn't made by Microsoft until 2018.

Sonarqube Source Code Repository