Finding the right level of analysis has always been the challenge for source code analysis tools. With too little precision, a tool can flood the developer with false positives.

Wouldn’t it be cheaper to write secure code in the first place? One of the fastest growing areas in the software security industry is source code analysis tools, also known as static analysis tools.

Green Hills Software, Inc. has announced that Swell Software has adopted the Green Hills Software DoubleCheck™ source code analysis tool suite. Swell Software is using DoubleCheck to help ensure the ...

Built on the company's source-code analysis technology, the suite introduces three tools that let developers achieve greater iteration velocity while reducing the risk of bug debt. Insight Pro ...

Source code analysis (or static analysis) software helps keeps buggy code from seeing the light of day.

Static source code analysis tools can be an invaluable tool for software developers. Technology Editor Bill Wong talks with some of the major vendors in this space.

Source code analysis tools provide an automated method to detect a significant number of software bugs or security vulnerabilities right at the developer’s desktop – before any code is delivered ...

Klocwork Insight for C/C++ and Java brings static source code analysis to Java developers. It can help improve code quality while reducing bugs and addressing security vulnerabilities ...

When it needed a static code analysis tool for Python, OpenStack found no commercial products. Necessity being the mother of invention, OpenStack developed its own open source tool.

The open source dynamic runtime code analysis tool, which the startup claims is the first of its kind, is the brainchild of Elizabeth Lawler, who knows a thing or two about security.