Automated source code analysis is technology aimed at locating and describing areas of weakness in source code. Those weaknesses might be security vulnerabilities, logic errors, or one of many other types of problem-causing code. Eighty percent of the Fortune 500 have already deployed, or are currently engaged in deploying, some kind of automated source code analysis. There are myriad situation-specific reasons for doing so, but the basic principle behind it can be summed up in the statement “Tell me what’s wrong with my code before I ship it—don’t let me be the guy responsible for disseminating a killer vulnerability or bug.”

This white paper explains why developers should use source code analysis as a standard part of their software development and how it can improve software security and reliability.