[2] In each of the above applications, development testing starts by defining policies that express the organization's expectations for reliability, security, performance, and regulatory compliance.
[3] The importance of applying broad set of practices is confirmed by Boehm and Basili in the often-referenced "Software Defect Reduction Top 10 List.
"[7] The term "development testing" has occasionally been used to describe the application of static analysis tools.
Numerous industry leaders have taken issue with this conflation because static analysis is not technically testing; even static analysis that "covers" every line of code is incapable of validating that the code does what it is supposed to do—or of exposing certain types of defects or security vulnerabilities that manifest themselves only as software is dynamically executed.
Code review is widely considered one of the most effective defect detection and prevention methods in software development.