This document is part of the US-CERT website archive. These documents are no longer updated and may contain outdated information. Links may also no longer function. Please contact email@example.com if you have any questions about the US-CERT website archive.
Source Code Analysis
Outlines what automated security analyzers can do, provides a business case for their use, and provides some criteria for evaluating individual tools. Code samples are provided to run tools against to verify that the tools are able to detect known problems in the code.