Coverity Code Advisor

The Coverity® Code Advisor solution is comprised of Coverity Quality Advisor and Coverity Security Advisor. The solution surfaces quality and security defects in the developer workflow, with accuracy and actionable remediation guidance.

  • Arm your developers with the information they need to troubleshoot and fix critical defects quickly and efficiently.
  • Build quality and security into development to reduce the cost of rework and delayed time to market resulting from defects found late in the cycle.
  • Reduce the risk of costly and brand-damaging software failures and security breaches in the field or in production.

Intelligent
Code Analysis

The Coverity Code Advisor solution helps reduce risk and lower overall project cost by identifying critical quality defects and potential security vulnerabilities during development. The solution utilizes sophisticated source code analysis to find the most critical defects in highly complex code bases, leveraging patented techniques for deep analysis and accurate issue detection.

The Coverity Code Advisor solution finds critical issues such as:

  • API usage errors
  • Best practice coding errors
  • Build system issues
  • Buffer overflows
  • Class hierarchy inconsistencies
  • Code maintainability issues
  • Concurrent data access violations
  • Control flow issues
  • Cross-site scripting (XSS)
  • Cross-site request forgery (CSRF)
  • Deadlocks
  • Error handling issues
  • Hard-coded credentials
  • Incorrect expression
  • Insecure data handling
  • Integer handling issues
  • Integer overflows
  • Memory – corruptions
  • Memory – illegal accesses
  • Null pointer dereferences
  • Path manipulation
  • Performance inefficiencies
  • Program hangs
  • Race conditions
  • Resource leaks
  • Rule violations
  • Security best practices violations
  • Security misconfigurations
  • SQL Injection
  • Uninitialized members

Efficient Issue
Management

Coverity Connect is the collaborative issue management console that efficiently manages all issues surfaced by Coverity development testing solutions to resolution within a unified workflow.

This includes:

  • Prioritization and filtering based on criticality and impact.
  • Source code navigation to identify the exact path to the defect.
  • Patent-pending remediation engine enables security vulnerabilities to be quickly addressed without requiring deep domain expertise.
  • Automatic identification of every occurrence of a defect across branches.
  • CWE Compatible mapping and knowledge base for each defect.
  • Automatic assignment of defects to the appropriate developer.

 

Analysis Packs

In addition to quality and security defects identified through the Coverity Code Advisor solution, you can seamlessly integrate additional analysis results to efficiently manage multiple types of issues to resolution within a unified development testing workflow.

Coverity offers the following analysis packs:

Coverity Dynamic Analysis: Identify concurrency issues such as race conditions, deadlocks and resource leaks by analyzing Java programs as they run. View and manage both static and dynamically identified quality defects in a single workflow.

Coverity Architecture Analysis: Visualize the code structure to identify dependency conflicts and interface violations, detect architectural flaws that could create exposure, manage code complexity and enforce architectural design rules.

Analysis Integration: Manage FindBugs and FxCop defects in the same workflow as defects found by Coverity development testing solutions, providing your developers with a single workflow for finding and fixing defects.

SDLC
Integrations

We know you probably use multiple analysis tools – no one tool can find every type of defect. That’s why our platform is open, so you can import third party analysis results into our workflow to view and manage all types of defects in the same way. Your developers are more productive by not having to deal with multiple tools and workflows. And you get a single view of software risks.

Our platform works seamlessly within your current process and integrates with the most popular development tools and technologies, to make development testing a natural part of the SDLC process.

Coverity supports integrations with the critical tools and systems used to support the development process, including:

  • IDEs to surface and remediate defects before code check in, right at the desktop.
  • Code coverage and test execution frameworks to help focus testing efforts.
  • Source control management to map defects to code changes and responsible developers.
  • Bug tracking to link defects to your overall defect management process.
  • Build and continuous integration to automatically test for defects with every build or as part of an Agile process.
  • ALM solutions for increased traceability and collaboration with QA.

Check out our full list of SDLC integrations.

Get
Started

Contact Sales

Contact Sales

To learn more about the Coverity Development Testing Platform, please contact us directly.

U.S. Toll Free: (800) 873-8193

International Sales: +1 (415) 321-5237

CONTACT SALES

Ask a Question

Ask a Question

Network, collaborate, and share with a community of experts.

VISIT THE COMMUNITY

Request a Free Trial

Request a Free Trial

The trial process provides a similar experience to a real-world deployment, without disrupting your current processes or production environment.

REQUEST A FREE TRIAL

Schedule a Demo

Schedule a Demo

Register for a 30-minute demo. Talk to our development testing experts. See how we can help your organization.

REQUEST A DEMO

Resources

WHITE PAPER

Development Testing for C# Applications

READ NOW

WHITE PAPER

Development Testing for Java Applications

READ NOW

WHITE PAPER

Development Testing for Agile Enterprises

READ NOW