Application Security Terminology


Svg Vector Icons : Return to Glossary

Static Analysis

 Static analysis (also known as static code analysis and source code analysis) uses tools to review program code, searching for application coding flaws, back doors, or other malicious code that could give hackers access to critical company data or customer information. In some cases, the analysis is performed on some version of the source code; in the other cases, it is performed on some form of the object code. When static analysis scans source or object code, it is evaluating the security and functioning of software when a program is not running, generally early in the development lifecycle. Static analysis is typically performed by an automated tool.