Key Capabilities of Coverity Prevent™ Static Analysis for C/C++

To deliver the most reliable and secure C/C++ code, it's not enough to simply flag as many potential bugs as possible. Only when developers can actually start fixing bugs and improving software quality, do you truly realize the value of effective static analysis. Coverity Prevent offers these key capabilities:

• Unmatched Accuracy

  Out of the box, Prevent features the lowest false positive rate in static code analysis — an average of about 15% — and many users report even better results. Our Path Simulation engine uses effective techniques such as interprocedural analysis and statistical analysis to detect only the critical bugs that matter most to developers. Additionally, Coverity’s proprietary Boolean Satisfiability engine improves results even further to provide the highest level of precision technically possible.

• Comprehensive Analysis

  Prevent finds quality defects that can cause system crashes, memory leaks, memory corruption, unpredictable behavior and security vulnerabilities such as buffer overflows and command injection attacks. It is also the most effective solution for detecting hard-to-find concurrency defects in multi-threaded applications such as deadlocks and race conditions. Furthermore, Prevent identifies inconsistencies in company-specific APIs to find defects that typically slip through both QA and security audits and get released into the field. Prevent maps out and analyzes the entire build system, with 100% execution path and data coverage.

• Easy Integration & Scalability

  Prevent integrates seamlessly with a wide array of different build systems and compilers. It can be deployed and configured for your existing environment rapidly, allowing you to immediately begin improving software integrity and decreasing development time. With complex code becoming ever more pervasive, Prevent offers another significant advantage – scalability that allows you to analyze large source code bases within a small multiple of the build time, typically covering millions of lines in just hours.

• Extensibility & Flexibility

  Prevent can meet the unique needs of your development team and code base. It offers the flexibility to perform code analysis on the central build systems or locally on the desktop so that you can ensure code quality before and after check-in. The customizable workflow can be adapted to mirror your existing development process. Individual developers can sync their own work with Prevent’s centralized system to create a collaborative environment. You can also create custom checkers on top of our powerful analysis engine to detect defects specific to your applications, and set custom rules to enforce coding standards particular to your organization.

Contact us to find out how Coverity Prevent can shorten your development cycles and help you deliver more reliable, secure software.