Open AccessStatic analysis of software source code based on the Fortify Static Code Analyzer solution
Author(s) -
N. V. Goryuk,
AUTHOR_ID,
I. M. Lavrovsky
Publication year - 2021
Publication title -
sučasnij zahist ìnformacìï
Language(s) - English
Resource type - Journals
ISSN - 2409-7292
DOI - 10.31673/2409-7292.2021.020910
Subject(s) - static program analysis , source code , computer science , static analysis , kpi driven code analysis , spectrum analyzer , context (archaeology) , code (set theory) , software , programming language , software development , telecommunications , paleontology , set (abstract data type) , biology
The article analyzes the problem of identifying source code vulnerabilities in the context of software development. An analysis of existing technologies for detecting vulnerabilities in the source code. Methods and means of protection of detection of source code vulnerabilities on the basis of the Fortify Static Code Analyzer solution are investigated. The purpose, main functions and architecture of the Fortify Static Code Analyzer solution are defined. Based on the research conducted in the work, a variant of the process of static analysis of the security of the source code in the context of the software life cycle was developed. Recommendations for the use of static source security analysis technology have been developed.