Mozilla Developers Use Coverity Technology to Help Enhance the Popular Firefox Web Browser
Coverity Software Used to Analyze Nearly Two Million Lines of Firefox Code

SAN FRANCISCO, Aug. 15 – Coverity, Inc., makers of the world’s most advanced and scalable source code analysis solution, today announced the participation of the Mozilla project in a program to help improve the quality of the open source Firefox Web browser using Coverity’s source code and static analysis software.

Firefox recently became one of over 50 major open source packages analyzed by Coverity as part of a three-year contract awarded by the US Department of Homeland Security Science and Technology Directorate under its “Vulnerability Discovery and Remediation Open Source Hardening Project.” In March 2006, Coverity began conducting regular scans of popular open source packages such as Firefox, Ruby, Perl, and Linux in an effort to better secure the software that powers critical infrastructure.

“Organizations should implement source code security scanning tools as part of the software development life cycle to find and fix the highest number of security issues early in the project,” said Amrit T. Williams, Research Director, Security & Privacy, Gartner, Inc. “This will result in a higher quality product and lower overall application life cycle costs.”

Coverity’s flagship product, Coverity Prevent, scales to analyze millions of lines of code with 100 percent path coverage and is capable of detecting complex concurrency errors such as race conditions and deadlocks not easily identified or tested in normal use of the product.

“Firefox’s success and growth is the result of our great community of users and developers that not only help discover and respond quickly to stability and security bugs, but provide new perspectives and ideas to improve the quality of Firefox,” said Chris Hofmann, director of Special Projects at Mozilla “Coverity is one of the many valuable resources our developers are now able to draw on to help fine tune Firefox.”

“The results of our analysis have shown that the Firefox browser is very high quality software, especially given how complex it is,” said Seth Hallem, CEO of Coverity. “More importantly, the Firefox team is proving that they take the quality and security of their code very seriously. By integrating source code analysis into their development process, they are demonstrating a commitment to sound development practices and to the steady improvement of their software.”

Firefox has been widely praised for its stability, trustworthiness and innovative features including tabbed browsing, live bookmarks, built-in pop-up blocking, and hundreds of available extensions. SC Magazine, a leading security magazine, awarded the Mozilla Foundation with its Editor in Chief award in 2005.

For more results from Coverity’s DHS-sponsored open source scans, visit http://scan.coverity.com/.

About the Mozilla Foundation
Established in July 2003, the Mozilla Foundation is a non-profit organization hosting a collection of leading innovators whose mission is to preserve choice and innovation on the Internet. The Foundation provides organizational, legal, and financial support for the Mozilla open source software project. The Foundation is based in Mountain View, California. Learn more about the Mozilla Foundation at http://www.mozilla.org .

About Coverity
Coverity (www.coverity.com), maker of the most advanced source code analysis solution, is a privately held company headquartered in San Francisco. Coverity’s ground-breaking technology removes the barriers to writing and delivering complex software by automatically finding critical software defects and security vulnerabilities as the software is written. More than 100 leading companies choose Coverity because it scales to tens of millions of lines of code, has the lowest false positive rate and provides 100 percent path coverage. Companies like Juniper Networks, Symantec/VERITAS, McAfee, Synopsys, NASA, Palm, and Wind River work with Coverity’s tools to eliminate security and quality defects from their mission-critical code and make their products Coverity Clean.

NOTE: Coverity is a registered trademark, and Coverity Extend and Coverity Prevent are trademarks of Coverity, Inc. All other company and product names are the property of their respective owners.

Mozilla Foundation Media Contacts

Judi Palmer
A&R Edelman
jpalmer@ar-edelman.com
+1-650-762-2812

Coverity Media Contacts

Craig Oda
Page One PR for Coverity
coda@pageonepr.com
+1 650-218-9235

Russ Wood
Director, Corporate Marketing
rwood@coverity.com
+1 415-694-5304