Jump to content
Coverity® Security Advisor surfaces security defects in the developer workflow, with accuracy and actionable remediation guidance.
Security Advisor helps organizations lower their risk and decrease project costs by identifying critical defects that could lead to security vulnerabilities during development.
Security Advisor utilizes the Coverity® Static Analyis Verification Engine (Coverity SAVE®) to intelligently test code with a deep understanding of behavior and criticality to accurately identify defects in both C/C++ embedded applications and Java web applications, including buffer overflows, integer overflows, format string errors, injection errors such as SQL injection and cross-site scripting (XSS).
One of the primary reasons that legacy security tools have failed in development is due to high false positives, or inaccurate results. We designed and built our engine from the ground up to address the complexity of today's modern applications which leads to more accurate results.
Coverity SAVE analysis innovations for Java web application security include:
Coverity® Connect is the collaborative issue management console to efficiently manage all issues surfaced by Quality Advisor, Security Advisor and Test Advisor to resolution within a unified workflow.
To learn more, visit Coverity Connect.
Remediation Engine – Patent Pending:
Another key reason legacy security tools have failed in development is because they require security expertise and lack actionable remediation guidance. Through a deep understanding of the code and application, the Security Advisor remediation engine provides precise guidance with specific information about the right way to fix a defect and the best place to fix it in the code. This ensures your developers remediate defects faster, and ‘get it right the first time’.
Security Advisor provides bi-directional integration with existing lifecycle tools to make development testing a natural part of the SDLC process.
Coverity supports integrations with the critical tools and systems used to support the development process, including:
Check out our full list of SDLC integrations.
To learn more about the Coverity Development Testing Platform, please contact us directly.
U.S. Toll Free: (800) 873-8193
International Sales: +1 (415) 321-5237
Network, collaborate, and share with a community of experts.
The trial process provides a similar experience to a real-world deployment, without disrupting your current processes or production environment.
Register for a 30-minute demo. Talk to our development testing experts. See how we can help your organization.
Forrester Consulting -- The Software Security Risk Report
The Road to Application Security Starts in Development
The Great Security Divide – Bridging the Chasm Between Security and Development
Reduce Your Costs: Eliminate Critical Security Vulnerabilities with Development Testing