Browse archive

Latest news

Fighting cybercrime is on the right track

Google set to upgrade its SSL certs

IT security pros have trouble communicating with executives

Zeus variants are back with a vengeance

Facebook phishers target Fan Pages owners

Killer apps: The performance of networked applications

Is it time to professionalize information security?

Google researcher reveals another Windows 0-day

Twitter finally offers 2-factor authentication

DHS employees' info possibly compromised due to system flaw

Teens are into online sharing, but are also more privacy-aware

The dangers of downloading software from unofficial sites

Microsoft decrypts Skype comms to detect malicious links

Review: Logging and Log Management

Hacking charge stations for electric cars

Coverity releases development testing platform

Posted on 01 October 2012.

Coverity announced the next generation of its Coverity Development Testing Platform, an integrated suite of software testing technologies for identifying and remediating critical quality and security issues during development.

Coverity Test Advisor includes patent pending innovations for change impact analysis to focus unit testing on high risk code, including changed code and code impacted by a change, alerting developers of code not covered by unit tests.

Coverity has extended its Static Analysis Verification Engine (Coverity SAVE), built on multiple patents for accurate and scalable techniques in defect detection, with new analysis innovations including:

Patent Pending Change Impact Analysis: Ensure code changes are sufficiently tested by automatically mapping code and function dependencies to analyze impacted code related to a change—both code that has been directly modified and unmodified code that is impacted by the code change.
Intelligent Java Quality and Security Analysis: Identify critical quality and security issues through enhanced quality analysis and new security analysis for Java web applications, including an enterprise framework analyzer which augments static source code analysis to identify new types of defects and minimize false positives.

Coverity provides developers with accurate and actionable information to fix quality defects, security defects, test violations and third party analysis defects in a unified workflow.

The platform includes a patent pending remediation engine that gives developers precise, defect-specific guidance to help them fix security defects correctly and efficiently, without specialized knowledge.

Additional highlights include:

CWE-Compatibility: Coverity Quality Advisor and Coverity Security Advisor have been awarded a certificate of Common Weakness Enumeration (CWE) Compatibility by MITRE.
Open Platform API: Companies can integrate third-party software analysis results into the Coverity Development Testing Platform.

Business innovation relies on rapidly changing, adaptive software, and effective, targeted quality strategies demand visibility into code changes and their impact," said Melinda Ballou, Program Director of IDC's Application Life-Cycle Management and Executive Strategies service. "Fragmented approaches to quality, security and change management are expensive and can lead to prohibitive application failure and wasted resources. We recommend bringing these areas together with an integrated workflow and coordinated platform."