Static code analysis testing - would love to hear if used by customers ,what tools are being used ,pros cons and challenges (time , complexity).
Great topic. This has become a very crowded space, and it’s getting more complex by the day. SonarCube and Klocwork are pretty popular (depending on your use case) but check out the long list of SCA tools at OWASP: Source Code Analysis Tools | OWASP
great source Jim i will review it .
Also, check this out on static code analysis tools: Top 9 C++ Static Code Analysis Tools | Incredibuild
Thanks a a lot i will check it