Enhancing Code Reviews with Static Analysis - GrammaTech

January 21, 2020

Code reviews (or inspections) are a proven, effective way to reduce defects in software projects. In fact, defect removal rate due to code reviews can be as high as 75%, meaning two thirds of all bugs are removed during code review as part of the development phase of a project.

Given the cost of dealing with bugs during tested, or even in fielded products, code inspections are part of good software engineering practice.

This paper discusses how static analysis tools provide an ideal (and automated) companion to code reviews by supporting the process and increasing the defect removal rate.

Previous White Paper
The Role of Static Analysis in Management of Cybersecurity in Medical Devices
The Role of Static Analysis in Management of Cybersecurity in Medical Devices

This paper describes how static analysis plays a key role in risk management of medical device software dev...

Next White Paper
DevSecOps - Integrating Static Application Security Tools (SAST) in DevSecOps
DevSecOps - Integrating Static Application Security Tools (SAST) in DevSecOps

This paper takes a look at the role of static application security testing tools (SAST) and in particular G...