Static code analysis testing

Static code analysis testing - would love to hear if used by customers ,what tools are being used ,pros cons and challenges (time , complexity).

3 Likes

Great topic. This has become a very crowded space, and it’s getting more complex by the day. SonarCube and Klocwork are pretty popular (depending on your use case) but check out the long list of SCA tools at OWASP: Source Code Analysis Tools | OWASP

2 Likes

great source Jim i will review it .

1 Like

Also, check this out on static code analysis tools: Top 9 C++ Static Code Analysis Tools | Incredibuild

1 Like

Thanks a a lot i will check it

1 Like