The source code must contain functions, methods or fragments of code with a cyclomatic complexity (McCabe) lower than 20.
The use of McCabe cyclomatic complexity helps to measure how complex a source code is regardless of the programming language. This software metric is based on graph theory. When the code has a high level of complexity, it will be harder to analyze, understand and maintain, therefore, the time and effort needed to find and fix vulnerabilities will increase substantially.
This requirement is verified in following services
- CWE™-1120. Excessive code complexity
- CWE™-1121. Excessive McCabe cyclomatic complexity
- MITRE ATT&CK®-M1013. Application developer guidance
- NIST SSDF-PW_5_1. Archive and protect each software release
Search for vulnerabilities in your apps for free with our automated security testing! Start your 21-day free trial and discover the benefits of our Continuous Hacking Machine Plan. If you prefer a full service that includes the expertise of our ethical hackers, don't hesitate to contact us for our Continuous Hacking Squad Plan.