Static analysis of software source code based on the Fortify Static Code Analyzer solution

Abstract

The article analyzes the problem of identifying source code vulnerabilities in the context of software development. An analysis of existing technologies for detecting vulnerabilities in the source code. Methods and means of protection of detection of source code vulnerabilities on the basis of the Fortify Static Code Analyzer solution are investigated. The purpose, main functions and architecture of the Fortify Static Code Analyzer solution are defined. Based on the research conducted in the work, a variant of the process of static analysis of the security of the source code in the context of the software life cycle was developed. Recommendations for the use of static source security analysis technology have been developed.