Since the goal of Agile development is to have working software early, source code analysis enables developers to analyze the quality and security of code from day one of coding ” one of the earliest points in the software development process Source code analysis (sometimes called “static analysis”) is a technology which analyzes source code for the purpose of detecting defects, understanding architecture, collecting statistics on the software and more.
One of the most prominent commercial uses of static analysis is for defect detection. Vendors like Coverity, Klocwork, Fortify Software and others have sophisticated products that analyze the structure of the code and detect anomalies that can lead to real bugs.
For instance, many of these products can analyze paths in the code to find situations where memory may be allocated but not freed, signaling a potential memory leak. There are many other types of checks that can be performed to detect program crashes, security vulnerabilities, concurrency problems and more just
by examining the source code.