Identify Critical C/C++ Defects

Using a comprehensive representation of your entire system based on the Software DNA Map™ analysis system, Coverity Prevent™ detects critical quality, security and concurrency defects at the earliest stage in the development cycle. The only provider of path simulation (through dataflow analysis) plus Boolean Satisfiability (SAT) solving, Coverity achieves 100% coverage of code and execution paths to deliver the deepest, most comprehensive and most accurate C/C++ static analysis available – with the lowest possible false positive rate.

Prevent finds critical software defects.

  • Software Quality – memory leaks and memory errors, logic errors, pointer errors, etc.
  • Security Vulnerabilities – buffer overflows, command injection attacks, etc.
  • Concurrency Defects – deadlocks, race conditions, etc.
See examples of C/C++ defects detected by Prevent

Prevent detects hard-to-find bugs that often get released into the field.

  • Modular analysis architecture offers the most comprehensive static analysis available.
  • Coverity continually builds additional checkers targeted at specific categories of defects.

Sophisticated proprietary technology ensures unmatched coverage, accuracy and depth.

  • Path Simulation

    Prevent's Path Simulation engine simulates 100% of all data paths through a program, allowing it to detect a wide range of defects pertaining to resource allocation, pointer manipulation, buffer and string usage, and tainted data handling. Prevent also incorporates proven techniques such as interprocedural (whole program) analysis, which reviews complex call chains at any depth across files and modules, and statistical analysis, which helps Prevent infer correct behavior based on previously observed behavior. Additionally, Coverity's false path engine solves each branch condition to determine if it will be true, false, or unknown on the current path.

  • Boolean Satisfiability (SAT)

    Long used by electronic design automation (EDA) companies for digital circuits, only Coverity uses this technique in C/C++ static analysis. Our groundbreaking technology first generates a bit-accurate representation of your system from the Software DNA Map analysis system. Every relevant operation is then translated into Boolean variables (e.g. true and false) and Boolean operators (e.g. AND, NOT, OR), which are translated into formulas that are analyzed by SAT solvers. The SAT engine significantly improves testing accuracy by detecting critical arithmetic and logic problems like integer overflows and buffer overflows.

Contact us to find out how Coverity Prevent can shorten your development cycles and help you deliver more reliable, secure software.

Email

sales@coverity.com

Phone

+1 (415) 321-5237 (International)
(800) 873-8193 (U.S. toll-free)

Free Product Trial

Get a free trial of Prevent static analysis that will detect a wide range of crash-causing defects in your code base within hours. Get a Free Product Trial
“After evaluating available tools on the market, Juniper Networks chose Coverity because of its ease of use, low false positive rate, and the quality of defects detected.”
Juniper - static code analysis by Coverity Inc
whitepaper
White Papers
Read "Scan Open Source Report"