Static code analysis is the automated inspection of whole-program source code without executing that program. Over time, a number of interpretations and even misconceptions about this technology and how it impacts software developers have emerged, including:
Static analysis tools are glorified compilers
Static analysis is for junior developers
Static analysis is noisy and generates too many false positives
This paper addresses common myths surrounding static code analysis and explains what the technology can do for developers and the software development lifecycle.
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines