Challenging ROI Myths Of Static Application Security Testing (SAST)
ForAllSecure
JUNE 23, 2020
Some of the industry’s best SAST checkers are designed to have FP rates below 5%, but if we use a common metric of 15-50 errors per 1KLoC as posited in Steve McConnell’s Code C omplete , the number of potential defects identified by SAST on that 10MLoC is approximately 150k-500k defects! Why is this important?
Let's personalize your content