Compilers and Static Code Analyzers have a lot in common. In fact, Fortify SCA internally leverages open source compilers in the first stage of the analysis for several languages (e.g. Java, Kotlin). The key difference is what happens after the initial parsing and resolution stages. Compilers would then proceed to output binary or byte-code, where Static Code Analyzers will run multiple analysis algorithms on the data to find security vulnerabilities. Compilers may be doing some quality checking as part of their process (e.g. warning for unused variables or similar bad-practices), but they don't do the type of security analysis that static analysis tools do.