Building firmware written in C/C++ can be a challenge for legacy products with complex Makefiles. Nevertheless, all source code should be statically analyzed for security vulnerabilities prior to deploying production builds. This recipe will show how to configure basic C/C++ static analysis for firmware in a continuous integration environment.