We may identify secure code vulnerabilities by using the keywords, secure code patterns and risky APIs listed in the table in the previous section. This can be a simple and quick solution to apply to any partial source code. However, the biggest problem of this approach is the false-positive rate, which needs to be optimized by defining proper secure code regular expression match patterns. We will introduce two tools that can do a quick scan of the source code, based on key secure code patterns.