Source Code Analysis Tools | OWASP Foundation
https://owasp.org/www-community/Source_Code_Analysis_Tools
Strengths and WeaknessesImportant Selection CriteriaDisclaimerMore InfoStrengths1. Scales well – can be run on lots of software, and can be run repeatedly (as with nightly builds or continuous integration). 2. Identifies certain well-known vulnerab Strengths1. Scales well – can be run on lots of software, and can be run repeatedly (as with nightly builds or continuous integration). 2. Identifies certain well-known vulnerabilities, such as: 2.1. Buffer overflows 2.2. SQL injection flaws 3. Output helps developers, as SAST tools highlight the probl… Weaknesses1. Difficult to automate searches for many types of security vulnerabilities, including: 1.1. Authentication problems 1.2. Access control issues 1.3. Insecure use of cryptography 2. Current SAST tools are limited. They can automatically identify only a relativelysmall percentage of appli…
Strengths1. Scales well – can be run on lots of software, and can be run repeatedly (as with nightly builds or continuous integration). 2. Identifies certain well-known vulnerabilities, such as: 2.1. Buffer overflows 2.2. SQL injection flaws 3. Output helps developers, as SAST tools highlight the probl…
Weaknesses1. Difficult to automate searches for many types of security vulnerabilities, including: 1.1. Authentication problems 1.2. Access control issues 1.3. Insecure use of cryptography 2. Current SAST tools are limited. They can automatically identify only a relativelysmall percentage of appli…
DA: 70 PA: 50 MOZ Rank: 80