Few lines about Static code analysis

Tools @Image courtesy of Thanamat/ FreeDigitalPhotos.net

Few lines about Static code analysis

Welcome to CodeSpread!

Static code analysis

We divide the term into two parts:

Static+code analysis.

Static in programming can be referred to as non-running/non-dynamic and code analysis is a process where the code is analyzed for any vulnerability, also it had been always used for possible improvements. So, we can say that, it is a process of detecting errors and defects in software’s source code in a static state where the entire code base is analyzed and code flaws are exposed.


  • This process covers whole code base and find vulnerabilities in the code at the exact location.
  • This process can locate anti-patterns.
  • This process can identify performance issues and also suggest improvements.


  • Automated tools may not support all programming languages or compilers.
  • Automated tools produce false positives and false negatives.
  • Manual review or Personal review is always considered to be more beneficial and reliable than a tool.

We have many Static code analysis tools available like StyleCop, FxCop etc. and using them can always take off the burden from reviewer’s shoulders considerably.

Author: sush

Share This Post On


  1. nice superb explaination

    Post a Reply
  2. thanks for the tutorial
    I am having a problem.
    The feature “Create SQL server database” isn’t available , I can’t select it.
    Can you help, please ?

    Post a Reply

Submit a Comment

Your email address will not be published. Required fields are marked *

More from CodeSpread:

  • Agile Encounters UnpredictabilityAgile Encounters UnpredictabilityWhat is Agile? Wikipedia says “Agile software development is a group of software development methods based on iterative and incremental development, where requirements and solutions evolve through...
  • POSTMan is required.POSTMan is required.Though it looks like a job posting but in developer’s world, it is a useful tool available as a chrome extension. When my friend referred it, I tried it and liked it so I recommend it every other d...
  • Unused Useful Tools in Visual StudioUnused Useful Tools in Visual StudioBack from a vacation is always a great and refreshing feeling. A small break always adds a new dimension to the thoughts. Lets see what we have today which we can call ‘new’ . We are good workin...
  • ASP.NET and Web Tools 2013.1 for Visual Studio 2012ASP.NET and Web Tools 2013.1 for Visual Studio 2012.NET Web Development and Tools group at Microsoft announces release of ASP.NET and Web Tools 2013.1 for Visual Studio 2012. Few of the features are: 1) Round tripping: With this update, developer...
  • User Interface DesignUser Interface DesignWhat is a User Interface? Webopedia says “Abbreviated UI, the junction between a user and a computer program. An interface is a set of commands or menus through which a user communicates with a pr...
  • Risk Management in IT: Another step for QualityRisk Management in IT: Another step for QualityWhat is Risk? Risk is an uncertainty. Here, this pertains to a situation where It is difficult to decide that whether a particular event will occur or not. But if it occurs then what impact it wil...
  • SDLC: Importance of Requirement Analysis.SDLC: Importance of Requirement Analysis.What is SDLC? SDLC is the acronym for Software Development Life Cycle or System Development Life Cycle.It is a conceptual model that describes the stages involved in development of a software or a...
  • 6-Thinking Hats is a powerful, practical and proven technique6-Thinking Hats is a powerful, practical and proven techniqueWikipedia: Six Thinking Hats is a book by Edward de Bono which describes a tool for group discussion and individual thinking involving six colored hats. 6-Thinking Hats is a powerful, practical ...