Why Static Code Analysis is Important? Pros and Cons

In the last few years, Software code quality and security have gone from being a “nice to have” to a necessity, and many organizations, including investment banks, are making it mandatory to pass static code analysis tests, penetration testing, and security testing before you deploy your code in production. Static analysis tools like findbugs and fortify are getting popular every passing day and more and more companies are making fortify scan mandatory for all new development.  For those unaware of what static code analysis is, static code analysis is about analyzing your source code without executing them to find potential vulnerabilities, bugs, and security threats.