An Informal Static Analysis of Publicly Available Source Code

Free registration required

Executive Summary

Static analysis of publicly available source code indicates that all available source code, whether proprietary, commercial, or open source, has a high probability of potential security issues that warrant further and detailed examination. From testing performed across approximately 10 million lines of web software source code, the prevalence of potentially serious issues has a median of 0.48 items per 1000 lines of code.

  • Format: PDF
  • Size: 173 KB