Source Code Analysis Tool

Why Trust Techopedia

What Does Source Code Analysis Tool Mean?

A source code analysis tool analyzes source code or compiled code. Typically, these kinds of resources look for security flaws or issues within code. Various providers offer source code analysis tools for software markets.


Techopedia Explains Source Code Analysis Tool

Source code analysis, which is also known as static code analysis, may be done as part of a code review in different testing phases. Vendor tools provide different techniques and presentations that can help developers or others identify problems with source code.

For example, a source code analysis tool may feature a visual environment where developers can look more closely at code to try to spot vulnerability. Developers may load all of the project code into a single application where advanced formats will reveal whether elements of code are likely to lead to security issues.

Source code analysis tools typically support the popular types of programming languages involved in coding for software applications, including C, C++ and Java. Vendors build source code analysis tools to comply with industry standards such as CWE and CERT, and use principles such as "taint analysis" where the viewer may be prompted to follow code through processes to see if it has been compromised or contaminated at any point. All of this helps developers to ensure better security for their final results and shield themselves and their firms from liabilities around software exploits or other problems later on.


Related Terms

Margaret Rouse

Margaret jest nagradzaną technical writerką, nauczycielką i wykładowczynią. Jest znana z tego, że potrafi w prostych słowach pzybliżyć złożone pojęcia techniczne słuchaczom ze świata biznesu. Od dwudziestu lat jej definicje pojęć z dziedziny IT są publikowane przez Que w encyklopedii terminów technologicznych, a także cytowane w artykułach ukazujących się w New York Times, w magazynie Time, USA Today, ZDNet, a także w magazynach PC i Discovery. Margaret dołączyła do zespołu Techopedii w roku 2011. Margaret lubi pomagać znaleźć wspólny język specjalistom ze świata biznesu i IT. W swojej pracy, jak sama mówi, buduje mosty między tymi dwiema domenami, w ten…