Trends Report

Know Your Code: How Static Analysis Tools Make Applications More Secure

November 20th, 2009
AJ
Andrew Jaquith
Chenxi Wang, null
Chenxi Wang
With contributors:
Allison Viglianti , Robert Whiteley III

Summary

Many companies, besieged by audit findings and application vulnerabilities, recognize the benefits of eliminating security vulnerabilities early in the software life cycle. For this reason, static analysis technologies for analyzing code-level security issues are gaining momentum in the industry. As a security and risk management executive, you must: 1) carefully prepare your organization before buying static analysis tools; 2) apply six selection criteria to the buying decision; and 3) consider the current landscape of vendors as well as emerging open source tools that provide an inexpensive alternative.

Want to read the full report?

Contact us to become a client

This report is available for individual purchase ($1495).

Forrester helps business and technology leaders use customer obsession to accelerate growth. That means empowering you to put the customer at the center of everything you do: your leadership strategy, and operations. Becoming a customer-obsessed organization requires change — it requires being bold. We give business and technology leaders the confidence to put bold into action, shaping and guiding how to navigate today's unprecedented change in order to succeed.