being a user of PCLINT for some years now (private and professional), I was thinking whether some static analysis tool could help our company to spot issues like 32 vs. 64bit discrepancies and - more ...

A little while back, we were talking about utilizing compiler warnings as first step to make our C code less error-prone and increase its general stability and quality. We know now that the C compiler ...

One of the best ways to protect your software project from avoidable bugs is the use of Java static code analysis tools. These tools can help identify and fix problematic code before it reaches ...

Static source code analysis tools have evolved from simple syntax checkers to powerful tools for identifying flaws in the complex interactions of large code bases. Until recently, however, they were ...

In 2026 and beyond, organizations need to strengthen their shift-left strategy by embracing a new strategy: "shift smart." ...

Static analysis isn’t dead like some have suggested. Has static analysis lost some of it’s luster? Absolutely! Many of the studies would suggest that static analysis tools (commercial and open-source) ...

Matt Rose is the global director of application security strategy at Checkmarx, an organization that provides static code analysis tools that play a key role in the secure software testing phase of ...

The high cost of finding and patching application flaws is well known. Wouldn’t it be cheaper to write secure code in the first place? One of the fastest growing areas in the software security ...

In a previous blog, Jason Schmitt, the vice president and general manager of HP Fortify, promotes the static (Oops… status) quo by spreading some fear, uncertainty ...

Of course, the original quote is from the 1948 movie, The Treasure of Sierra Madre, and has been famously parodied over the years, memorably in the comedy classic Blazing Saddles. But we are not here ...