摘要:Software security is a continuous and growing field within software development, maintenance, and operation. Vulnerabilities in software provide significant risk to the operation of software. Software tools have been developed over time to assist in identification and rectification of software vulnerabilities through static analysis of source code. Static analysis tools provide a software development team a means to rapidly review their project for the vulnerabilities that exist, but unknown to the team. In this paper, we present comparative assessment of three commonly used static analysis tools for software vulnerability using open source software for the purpose to aid software developers in choosing a suitable tool for their needs.
