A tool for statically checking sourcecode for security vulnerabilities