Answered step by step
Verified Expert Solution
Question
1 Approved Answer
Your company is planning to buy one of the 2 Static Analysis Tools to find security defects in a large Java codebase. Tool A was
Your company is planning to buy one of the 2 Static Analysis Tools to find security defects in a large Java codebase. Tool A was last updated at the end of 2016, while Tool B was last updated at the end of 2015.
There was a total of 30 vulnerabilities (20 high-risks and 10 low-risk) in the codebase. However:
Tool A reported 50 vulnerabilities. It found 10 of the high-risk ones and 1 of the low risks.
Tool B reported 30 vulnerabilities. It found 5 of the high-risk ones and 8 of the low risks
Questions:
1-Compare the pros and cons of the two tools.
2-Explain which tool you would suggest to your company to buy. Justify your answer.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started