This resource is no longer available
Static code analysis is the automated inspection of whole-program source code without executing that program. Over time, a number of interpretations and even misconceptions about this technology and how it impacts software developers have emerged, including:
- Static analysis tools are glorified compilers
- Static analysis is for junior developers
- Static analysis is noisy and generates too many false positives
This paper addresses common myths surrounding static code analysis and explains what the technology can do for developers and the software development lifecycle.