Senior Researcher Chris Horn spoke this past Friday at AppSec California about a Secure Decisions research project to deliver unbiased measures of software static analyzer performance. Secure Decisions is creating a website called Kompar (pronounced “compare”) to catalog software analyzers and their capabilities.
The talk reviewed the benefits of static software analysis and discussed seven categories of analyzer capabilities that consumers should consider when bringing analysis into their development pipeline. Software development professionals can use the Kompar site to browse analyzer capabilities and quickly find the right analyzers for their needs.
The Kompar project is funded by the U.S. Department of Homeland Security Science and Technology Directorate (DHS S&T) via a prime contract through GrammaTech.