Beyond Static Source Analysis
CodeSonar’s binary analysis technology can evaluate object and library files for quality and security vulnerabilities. This allows developers to evaluate third party libraries, object files and executables without access to the source code.
Although the possibility of investigating and fixing the issues might be limited, it does provide a bellwether of the quality and security of the code. For example, customers of Commercial Off The Shelf (COTS) binary products can go back to technical support of the vendor and ask for confirmation and analysis of the discovered vulnerabilities.
The following video illustrates how CodeSonar binary analysis works with some interesting examples and compares it to source analysis on the same body of code.
