Almost without exception, as soon as a new security vulnerability is reported, people ask us, “Could a static analysis tool have found that bug?” Yesterday was no different when Poodle was announced.