Abstract
A security analyzer is an automated tool for helping analysts find security-related problems in software. This article outlines what automated security analyzers can do and provides some criteria for evaluating individual tools.
Introduction
The impetus for security analyzers originally came with the realization that many software vulnerabilities are in reusable library functions, so programs could be scanned to check whether they contain any calls to those functions. This process is more or less equivalent to opening the source code in an editor and searching for the name of vulnerable functions like strcpy() and stat().