Coverity to Regularly Scan Security and Quality of 250 Open Source Projects
New framework allows rapid expansion of scan.coverity.com - 400 percent Increase in 45 Days

SAN FRANCISCO and MONTREAL, May 1, 2007 – Coverity, Inc., makers of the world's most advanced source code analysis solution, today announced a major infrastructure upgrade to scan.coverity.com, an open source software quality and security analysis site. The upgrade will enable the rapid expansion of the site, including regular additions of hundreds of new open source software projects. Coverity will use the new infrastructure to add 100 new open source graphics projects to the site on May 4th, 2007, coinciding with the start of the open source Libre Graphics Meeting in Montreal, Canada.

This is the first time that Coverity is focusing on improving the quality of end-user professional applications such as the open source Blender 3d suite used to create computer animation in movies. Other projects to be analyzed include the GNU Image Manipulation Program (GIMP), an open source photo retouching package, and Inkscape, a vector graphics program. The new expansion is in response to the spread of open source software into all areas of the world economy, including the multi-billion dollar industry around professional graphics software.

The collaborative spirit of the open source development community leads members to work on multiple projects. Bryce Harrington, one of the project leaders for Inkscape, previously used scan.coverity.com when testing the performance of NFS.

“Coverity has again showed its good will in analyzing open source graphics projects as part of their efforts with Scan,” said Harrington. “As a test engineer at the Open Source Development Labs, I have been using the defects Coverity reported for Linux NFSv4. The way Coverity's product communicates information about every reported defect is especially valuable. It's rare to find this level of information in tests typically available to open source developers.”

The new framework will enable scan.coverity.com to take full advantage of the latest advances in Coverity's recently announced Prevent™ to further the work that was started in using Coverity Prevent last year. On March 27, 2007, Coverity announced the addition of 100 new key open source libraries and infrastructure components. Today's announcement of an additional 100 open source graphics applications brings the total number of packages under regular analysis to 250.

“With this new infrastructure, we are prepared to expand Scan even further and demonstrate the scalability of Coverity Prevent while helping even more open source projects. Our analysis of these 250 open source projects will demonstrate that reliable software is an achievable goal when using advanced development tools like Prevent,” said David Maxwell, open source strategist for Coverity. “Scan's developers have told me that their programming habits have improved. They are more careful to avoid introducing new errors in their codebase because they know those issues will be found.”

David Maxwell will be providing details about the expansion of the scan.coverity.com site on May 4, 2007 at 11:20 a.m. at the Libre Graphics Meeting in Montreal, Canada, located at the Ecole Polytechnique de Montreal. More information on the talk and the conference is available at http://www.libregraphicsmeeting.org.

More information about the scan project and a list of the new projects under analysis will be available at http://scan.coverity.com.

About Coverity
Coverity (www.coverity.com), the leader in improving software quality and security, is a privately held company headquartered in San Francisco. Coverity's groundbreaking technology removes the barriers to writing and delivering complex software by automatically finding and helping to fix critical software defects and security vulnerabilities as the software is written. More than 200 leading companies choose Coverity because it scales to tens of millions of lines of code, has the lowest false positive rate and provides 100 percent path coverage. Companies like Juniper Networks, Symantec/VERITAS, McAfee, Synopsys, NASA, Palm and Wind River work with Coverity's tools to find and fix security and quality defects from their mission-critical code.

Coverity is a registered trademark, and Coverity Extend and Coverity Prevent are trademarks of Coverity, Inc. All other company and product names are the property of their respective owners.

Media Contacts

Russ Wood
Director, Corporate Marketing
rwood@coverity.com
+1 415 694 5304

Craig Oda
Page One PR for Coverity
coda@pageonepr.com
+1 650 565 9800 x702