Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Create 301-knowledge_base--static_code_analysis--.md
- Loading branch information
Showing
1 changed file
with
14 additions
and
0 deletions.
There are no files selected for viewing
14 changes: 14 additions & 0 deletions
14
skf/markdown/knowledge_base/301-knowledge_base--static_code_analysis--.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
Description: | ||
Static program analysis is the analysis of computer software that is performed without actually | ||
executing programs, in contrast with dynamic analysis, which is analysis performed on programs | ||
while they are executing.[1] In most cases the analysis is performed on some version of the source code, | ||
and in the other cases, some form of the object code. | ||
|
||
The term is usually applied to the analysis performed by an automated tool, with human analysis being | ||
called program understanding, program comprehension, or code review. Software inspections and software | ||
walkthroughs are also used in the latter case. | ||
|
||
Solution: | ||
There are a lot of different static code analysis tools on the market, it is important to determine | ||
what tools are able to scan your code base. After having selectecd the right SAST tool we can start writing | ||
custom rules that help identify security risks such as time functions, unsafe file operations and network connections. |