Metric Description

Assess adherence to industry standards and best practices. The higher the rating, the more compliant and future-proof your application will be.

the compliance analytic identifies API/function calls to shared libraries and assesses their compliance with security standards and best practices. Function calls to shared libraries and system calls are referenced in international standards such as Microsoft’s MSDN / CERT’s secure coding books / ISO and language specific standards.

This analytic detects use of dangerous/banned/deprecated functions, whether it is vendor specific (e.g Microsoft) or language specific (e.g C89/C++99) or domain specific (e.g. Posix 2008 v5) 19 domains are referenced.

It provides a comprehensive compliance check with 44 international coding standards.