Software development organizations are embracing static source code analysis as a highly effective way to find and fix bugs and security vulnerabilities during the earliest part of development. However, most organizations have little experience instituting static analysis successfully. In this paper we discuss 8 key steps to making static analysis an effective and successful part of your software development process. Based on experiences with hundreds of companies, we outline the most common pitfalls and how successful leaders have overcome them to get the most value from their investment.