...
During source code scanning, Kiuwan looks for patterns (bad smells) that are not conformant to widely accepted “best programming practices”, from security to quality points of view. We call those evidences “defects” (or “vulnerabilities”, if related to security).
| Info |
|---|
The term “defect” has an obvious negative connotation. And some of our customers get worried when Kiuwan detects a “defect” but they do not see the reason for that. At that moment, customers used to contact us and we carefully study the case. Solutions come in different flavors: from an explanation to the customer of the reason of the defect (due to a misunderstanding of the rule), to a fix in the rule code to avoid a false positive. |
...
Kiuwan |
...
provides useful mechanisms to manage those situations. |
...
All you need is to understand what situation is and what actions you can do. |
An example might be helpful to understand the analysis process.
...