You are tasked with ensuring the security of a software application's source code. Which of the following methodologies would be BEST to employ for a comprehensive evaluation of the code for potential security vulnerabilities without running it?
Implement fuzzing sessions to identify input that may cause crashes or unforeseen behavior.
Perform static code analysis using automated tools to review the source code for security-related issues.
Initiate a thorough manual code review where a team of developers inspects each line of code iteratively.
Carry out dynamic code analysis by executing the application in a controlled environment to find runtime vulnerabilities.
|Architecture and Design
|Operations and Incident Response
|Governance, Risk, and Compliance
|Attacks, Threats, and Vulnerabilities