Jenkins Case Study: A Comparison of Open Source and Commercial Static Analysis Solutions – A Case of Apples and Oranges*
Comparing open source and commercial static code analysis solutions
There are numerous free open source static analysis tools on the market but what can they find that commercial static analysis solutions don’t – and vice versa? This session will examine the defects found in Jenkins using popular open source solutions like FindBugs and those found with commercial solutions. We’ll explore specific types of defects found by open source and commercial solutions and the areas of overlap. We’ll also explore the most common defects we’ve seen in open source code through our Coverity SCAN project which has analyzed hundreds of open source projects such as such as Linux, PHP, and Postgresql. In 2012 alone over 20,000 dangerous defects were fixed through the SCAN program. The session will explore how the combination of open source and commercial static analysis solutions can help you lower your risk of software failure and comply with leading coding standards and best practices.
Kristin has spoken at numerous industry events in the past
Kristin has over 15 years of technology expertise with a focus on static code analysis and automated testing.