Choosing the Right Static Code Analyzers Based on Hard Data

Explore a comprehensive analysis of static code analyzers in this 34-minute LASCON conference talk. Delve into research funded by the U.S. Department of Homeland Security aimed at developing unbiased methods for assessing and comparing static analyzer products. Learn about a new, freely-available website presenting the research findings and plans to track detectable weakness types. Discover key properties to consider when integrating analyzers into development pipelines, including coverage, results quality, and benchmarking using real code. Gain insights into the challenges and future plans for improving static code analysis, and contribute your feedback on important information and capabilities in this field.