Research, deep dives and strategy posts on static analysis for the age of AI pair programming.https://hyperanalyzer.org/enhttps://hyperanalyzer.org/blog/22-bugs-claude-couldnt-find/https://hyperanalyzer.org/blog/22-bugs-claude-couldnt-find/We ran a commercial static analyzer on a real production C++ codebase that Claude had been editing for months. It surfaced 22 bugs that compile cleanly, pass review, and that no LLM caught on its own. Here is what we learned.Wed, 08 Apr 2026 08:00:00 GMTcppstatic-analysisllmresearchHyperAnalyzer Teamhttps://hyperanalyzer.org/blog/mcp-is-the-missing-api-for-static-analysis/https://hyperanalyzer.org/blog/mcp-is-the-missing-api-for-static-analysis/Every static analyzer ever built was designed for humans running it in CI. The Model Context Protocol changes the contract: now the LLM is the user, and the API surface has to be redesigned around that.Sun, 05 Apr 2026 07:00:00 GMTmcpllmarchitecturetoolingHyperAnalyzer Teamhttps://hyperanalyzer.org/blog/why-curated-rules-beat-coverity/https://hyperanalyzer.org/blog/why-curated-rules-beat-coverity/PVS-Studio ships 1,234 diagnostics. Coverity has more. We deliberately ship a fraction of that and we think it is the better product. Here is the math behind the decision.Thu, 02 Apr 2026 12:30:00 GMTstrategystatic-analysissignal-to-noiseHyperAnalyzer Teamhttps://hyperanalyzer.org/blog/dllmain-loader-lock-deep-dive/https://hyperanalyzer.org/blog/dllmain-loader-lock-deep-dive/HA001 is the rule we wrote first, because every LLM-generated DLL we looked at had at least one variant of this bug. Here is what the rule actually checks, and why DllMain is so much more dangerous than its docs admit.Sun, 29 Mar 2026 09:00:00 GMTwindowsdllmaincppha001HyperAnalyzer Team