Which technique is most effective for auditing source code security?
While manual code analysis, application penetration testing and static application security testing tools each present their own set of benefits and shortcomings, using static analysis as the foundational tool, supplemented by other ancillary options such as patch management, penetration testing, and manual source code review to conduct application code audit can help organizations to effectively locate, understand and eliminate coding errors, configuration issues and design flaws.
