Kompar (pronounced “compare”) is a catalog of software analyzers and information about them. We developed Kompar to help improve the quality of software through the adoption of software analysis technologies. Kompar is designed to help serious software developers make informed acquisition decisions about static analysis technology.

Static analysis, you say. What is that? It’s software programs that analyze your software programs for problems (without actually running your code).

And why static analysis, you ask, isn’t that a little bit like boxed breakfast cereal: part of a complete code quality & security solution? Isn’t it true that you can’t rely on static analysis to find all types of problems? And if you use it too much, can’t it cause more trouble than it’s worth? Yes, definitely. But, code quality and security are a real problem that needs addressing and it’s a myth to think that there are any once-and-done, silver bullet solutions. We have to start somewhere. And static analysis is a mature set of technologies that, applied correctly, can really help out.

We know from research and experience at companies like Google, Facebook, and Nortel that that correctly deployed static analysis will improve the quality and security of software with a positive return on investment (ROI). Static analysis offers an important way to detect many types of common programming mistakes early in the development process.

Unfortunately, up and until now, there has been a real shortage of quality, vendor-neutral information about static analysis tools.

Our goal is to maintain Kompar as that trusted source of information. Our goal is to help drive adoption of software analysis and improve market transparency. We aim to create informed consumers who demand that analyzer suppliers compete on what matters: feature completeness and quality of detections.

Kompar is developed and maintained by Secure Decisions, a research and development (R&D) division of Applied Visions. Secure Decisions is a leading small business developer of cyber security technologies with a strong track record of successfully commercializing our research. We apply our knowledge of human-computer interaction, cybersecurity, and software system engineering to develop visual tools that increase situational awareness, reduce cognitive load, and accelerate decision making.

Kompar would not have been possible without the sponsorship of the Department of Homeland Security, Science and Technology Directorate, Cyber Security Division (DHS S&T/CSD). We are grateful for their support.