Coverity, Inc., the leader in development testing, today announced its Certified Partner Program, which expands its development testing ecosystem by integrating multiple types of code quality, security and compliance analysis solutions into the Coverity Development Testing Platform workflow. With these integrations, issues identified by industry-leading third party analysis solutions are surfaced alongside issues identified by the Coverity platform for a unified view of software risks. By viewing and managing issues identified by multiple code analysis solutions within a single workflow, development can meet rapidly increasing business demands for high-quality, secure software delivery faster, more efficiently and with greater confidence.
“As development organizations adopt multiple best-of-breed analysis solutions to gain intelligence into code – and risks – they quickly find the management of multiple point solutions is neither effective nor efficient,” said Jennifer Johnson, chief marketing officer for Coverity. “The Coverity Development Testing Platform is embedded in the software development workflow at more than 1,100 of our customers, enabling development to find and fix critical quality and security issues as code is written. With the introduction of the Coverity Certified Partner program, we are making it as easy as possible for our customers to find and fix an even wider range of software risks in their existing development workflow, quickly and efficiently.”
The Coverity Certified Partner Program includes a range of industry-proven code testing solutions. New partner integrations include the Black Duck Suite from Black Duck Software, which automates open source governance and compliance, and QA·C, QA·C++ and QA·Verify from PRQA | Programming Research, which identify coding standards and best practice compliance issues with MISRA (Motor Industry Software Reliability Association) and other key standards. Other integrations include NTOSpider from NT Objectives, which identifies security issues through Dynamic Application Security Testing (DAST), as well the open source FindBugs tool, which identifies coding best practice issues in Java codebases.
“The benefit of using open source in projects is undeniable, and so is the need for visibility as early as possible in the software development lifecycle to ensure compliance with licenses, obligations and company policies. By becoming a Coverity Certified Partner, Black Duck is able to offer a truly integrated governance solution for the Coverity Development Testing Platform, enabling our mutual customers to fully realize the power of open source technologies and methods to achieve business objectives faster,” said Phil Odence, Vice President of Corporate and Business Development for Black Duck.
“Organizations across a wide variety of industries incorporate coding guidelines and other best practices as part of their development process, and utilize QA·C, QA·C++ and QA·Verify to achieve compliance to MISRA C, MISRA C++, JSF AV C++, CERT C, HICPP and other custom coding standards. By becoming a Coverity Certified Partner, we are able to easily integrate the results of our analysis into the Coverity Development Testing Platform, providing additional visibility into standards compliance and other coding best practices,” said John McConnell, Marketing Director for PRQA.