Static code analysis helps identify code vulnerabilities (and performance issues) before code makes it to production. Most ‘code coverage’ tools require the full source code (compilable source code) to run analysis. However, some tools such as FxCop can work against compiled code as well.

Cross Platform – J2EE and .NET Static Code Scan

  1. SonarQube – Free
    HP Fortify –  Paid

Anuj holds professional certifications in Google Cloud, AWS as well as certifications in Docker and App Performance Tools such as New Relic. He specializes in Cloud Security, Data Encryption and Container Technologies.

Initial Consultation

Anuj Varma – who has written posts on Anuj Varma, Hands-On Technology Architect, Clean Air Activist.