This blip is not on the current edition of the Radar. If it was on one of the last few editions it is likely that it is still relevant. If the blip is older it might no longer be relevant and our assessment might be different today. Unfortunately, we simply don't have the bandwidth to continuously review blips from previous editions of the RadarUnderstand more
Published: Oct 28, 2020
Oct 2020

Sensei from Secure Code Warrior is a Java IDE plugin that makes it easy to create and distribute secure code quality guidelines. At Thoughtworks we often advocate for "tools over rules," that is, make it easy to do the right thing over applying checklist-like governance rules and procedures, and this tool fits this philosophy. Developers create recipes that can be easily shared with team members. These can be simple or complex and are implemented as queries targeting the Java AST. Examples include warnings for SQL injection, cryptographic weakness and many others. Another feature we like: Since it executes on code changes in the IDE, Sensei provides faster feedback than the more traditional static analysis tools.