Software Integrity

Archive for March 2011

 

Marching for ‘false positives’ or ‘focusing on what to fix’

‘A short but important one, while I hop a train. Static analysis proponents, myself especially, have taken up the flag of “visibility” and paraded chanting “Customize to reduce False Positives”; I apologize. This provides tremendous benefit but misleads. Discussing the topic with @Wh1t3Rabbit, it occurred to me: time to change perception. So, why talk about […]

Continue Reading...

Posted in Static Analysis (SAST) | Comments Off on Marching for ‘false positives’ or ‘focusing on what to fix’