Binary Code VE ETE Source Code PvE ET Ey The scope of a binary analysis Is the whole application which includes the SDKs, Frameworks, and Libraries. it can be used only after the code Is compiled to binary/bytecode. Less False Positives and Negatives are detected since the compiler removes dead/unused code on the binary/bytecode. The compiler itself optimizes the binary which helps in discovering more accurately the security issues. Binary analysis can easily be used along with Dynamic Application Security Testing (DAST) to detect runtime issues, memory & logical bugs. Binary analysis is language agnostic. As long as the binary can run, it will accurately figure out all security issues. Binary analysis is faster, convenient and accurate. it is limited to the visible source packages and thus may miss some vulnerabilities that end up in the compiled code, It can be used early during coding stages and can also identify non security or code quality Issues such as duplicate code or unused code. 4 lot of False Positives are detected because of dead/unused codes. Security issues that occur during runtime, such as sensitive file creation, sensitive data in memory, logical bugs via runtime are not detected. It is a software language-specific analysis that might lose context if different languages are used in the same application. Source code analysis requires the source code to be shared, which is slower. Dependency on different languages makes it inconvenient Without visibility in SDKs and Libraries, the results are both False Positive as well as Negative,