Coverity™ Introduces New Static Analysis Solution for C#

Coverity™, Inc., the leader in improving software quality and security, today announced Coverity Prevent™ for C#. The product utilizes a new analysis engine developed by Coverity’s research and development lab that is designed specifically for detecting defects in applications built on Microsoft’s .NET framework. Prevent for C# expands the language coverage of Coverity’s static analysis products, and brings the company’s proven expertise in automatic defect detection to developers programming in C#. Over 450 development organizations currently use Coverity Prevent to ensure the quality and security of their C/C++ and Java code.

“To remain competitive, software development team leads need to stock their developer’s tool-box with advanced technology to maintain or improve productivity that helps them deliver higher quality code to everyone upstream,” said Theresa Lanowitz, founder of voke, a technology analyst firm. “As a language, C# is playing an increasing role in failure-intolerant devices, particularly in the embedded space. Coverity’s expertise in static analysis will be a welcome addition to the tool-box of any C# developer.”

Unlike other static tools that simply extend existing analysis capabilities to encompass a new language, Prevent for C# is based on an entirely new analysis engine designed and optimized for Microsoft .NET-based applications. It seamlessly handles features of the C# language such as operator overloading, properties, and idioms for iteration and resource management. Prevent for C# also automatically finds third party .NET assemblies to ensure a complete analysis result, no matter how complex the application.

Coverity Prevent for C# automatically analyzes large, complex C# code bases and detects critical, must-fix defects that could lead to system failures, memory corruption or performance degradation. Because the product is the only C# static analysis tool to deliver 100% path coverage, it delivers the most comprehensive and accurate C# source code analysis. Prevent for C# requires no changes to existing build processes or code, and easily integrates into existing build processes and requires little or no additional hardware. Key capabilities of Prevent for C# include: Detect Critical Defects – Automatic detection of defects in C# source code that can cause crashes, performance degradation and incorrect program behavior

  • 100% Path Coverage – Analysis of every path in C# code bases, ensuring
    that all possible execution branches are followed
  • Low False Positive Rate – Accurate, actionable results help developers
    immediately begin improving the quality and security of their code
  • Flexible Workflow – Defect Manager product interface allows teams to
    collaboratively view analysis results, triage defects, assign ownership, and
    provides comprehensive workflow capabilities
  • Highly Scalable – Millions of lines of code can be analyzed in a matter of

“Coverity developed Prevent for C# in response to requests from our existing customer base and the growing use of the .NET application framework in mission-critical systems where software defects can be tremendously costly,” said Andy Chou, chief scientist and co-founder at Coverity. “Delivering new technology so that our static analysis product line covers C, C++, C# and Java is a significant milestone on our roadmap for our flagship static analysis solution.”

Pricing and Availability

Coverity Prevent for C# is priced based on project size and will be available in July, 2008. For more information, visit: