Coverity Adds GitHub, Travis CI Integrations, Updates Testing Platform

By Darryl K. Taft  |  Posted 2014-02-03 Print this article Print

"As software continues to drive innovation and competitive advantage, organizations must integrate testing earlier in the development process to help ensure high quality and the security of their source code," Melinda Ballou, program director for IDC's Application Lifecycle Management and Executive Strategies service, said in a statement. "And with increasing deployment complexity across mobile, cloud and social platforms and pressure for quick release cycles, it's more important than ever that teams have visibility into risk and use that intelligence to focus and prioritize their testing efforts. Features such as those offered by Coverity 7, including expanded Java and C# testing capabilities and broad programming language support, can help development teams release better quality software faster and more efficiently."

New features in the Coverity platform include 21 new and enhanced C# analysis algorithms as well as new and expanded coverage for the Open Web Application Security Project (OWASP) Top 10 and Common Weakness Enumerations (CWE) security vulnerabilities in Java applications. It also features 17 new and enhanced analysis algorithms for Java and C/C++ codebases, making it easier to find critical issues that could lead to crashes, inaccurate calculations or unpredictable behavior.

In addition, new security audit and compliance views and reports within Coverity Connect and Coverity Policy Manager make it easy to zoom into security issues identified, fixed and outstanding, as well as report on compliance with regulations and standards such as the Payment Card Industry Data Security Standard (PCI DSS) and the OWASP Top 10.

The new release also features new Coverity Test Advisor integrations with the Eclipse and Microsoft Visual Studio integrated development environments (IDEs) to provide developers with intelligence into which unit tests they need to write and run based on the impact of a code change, right from the developer's desktop. In addition, Coverity Test Advisor has expanded support for unit test analysis on devices that run on the Android and Wind River platforms.

Moreover, the Coverity platform 7.0 enables developers to import defects into SonarQube, a popular open-source quality management platform used in Java development, to view and manage a broader range of defects in Java applications within a single workflow. And the Coverity platform now supports the Clang compiler, which is rapidly growing in popularity for mobile and Web application development, and is commonly used in Objective-C and C/C++ software development.

"The risks associated with poor software quality and security have never been greater, and the need for development testing in this world of Agile and continuous software delivery is business-critical to reducing this risk," Bettencourt said. "Our mission is to empower the 11 million professional software developers in the world to create better software, and deliver more value to customers, every day. We applaud the more than 1,100 Coverity customers and 1,000 open-source projects that rely on our platform to help them deliver innovative products to the market, faster for competitive advantage."

"When Eric Lippert joined Coverity last year, it was a win for the entire C# development community," said Andreas Kuehlmann, senior vice president of research and development for Coverity. "Eric has been able to apply his deep expertise of C# built over his 16-year tenure at Microsoft, part of which was as a principal developer of the C# compiler, to our existing strength and innovations in static analysis technology."



Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel