Chris Wysopal recently authored an article detailing static analysis that was featured in The Testing Planet. “What is Static Analysis?” provides a comprehensive and in depth yet understandable explanation of the ins and outs of static analysis. Using graphics and examples of code, Chris begins with the loading phase and travels through the Application Modeler, Application Analyzer, and the Reporter while detailing subjects as control flow, range propagation, and triggers and risk analysis. Data injection flaws, memory corruption, information leakage, integer overflows or underflows, as well as threading and race conditions are also covered. The article can be found in the March 2012 issue of The Testing Planet, here. You can access this article directly if you are a current subscriber to Testing Planet. If you are not a current subscriber, you will need to subscribe to The Testing Planet to access the article.