« Static Analysis Tools and the SDL (Part One) | Main | Firefox 3.5 0Day published »

Static Analysis Tools and the SDL (Part Two)

"Hi, Bryan here. Michael wrote last week on static analysis for native C/C++ code, and this week I’ll be following up by covering the tools we use for managed static analysis. The SDL requires teams writing managed code to use two static analysis tools: FxCop and CAT.NET. Both of these tools are freely available to the public, and both tools also integrate very nicely into Visual Studio. If you’re not already using these tools in your development process, I highly recommend downloading and evaluating them, but first let’s take a quick look at each of them."

Read more: http://blogs.msdn.com/sdl/archive/2009/07/06/static-analysis-tools-and-the-sdl-part-two.aspx


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!