Taint analysis is a technique used to identify every source of user data in a system and follow each piece of data all the way through to ensure it gets sanitized before being used. In large systems, this can be challenging as finding all sources of user data and intervening before use is hard. Taint analysis helps protect data by tracing user-tainted data from its source to sinks and raising alarms when data is used without sanitization. This technique is available in SonarCloud for free on open-source projects and in SonarQube commercial editions as part of a larger SAST offering, with plans to expand to include additional programming languages later in 2020.