Coverity Resource Library

Welcome to the Coverity Resource Library where you will find up-to-date information, best practices, tips & tricks and industry research on software testing.

FEATURED CASE STUDY

CERN uses Coverity to help find and fix more than 40,000 defects in the Large Hadron Collider software, helping CERN precisely analyze data from 600 million proton collisions per second in its quest to find new scientific discoveries about the universe.



Resources By Type

Case Studies

  • sap11.png

    SAP Runs Coverity [VIDEO]

    Watch a brief video interview with SAP’s Chief Product Security Officer and TIP Governance & Code Analysis Team Lead, who explain how Coverity helps ensure product security at SAP.

  • novell_logo.png

    Novell Drives Software Quality with Coverity [PDF]

    Thousands of organizations use Novell’s collaboration, endpoint management and file and networking products to become more productive, secure and manageable. With Coverity, Novell has seen enhanced developer productivity, faster time-to-market and greater customer satisfaction.

  • schneider.png

    Schneider Electric Trims Hours with Coverity [PDF]

    Read how Schneider Electric was able to trim the engineering hours required to fix critical defects from 2 days to 15 minutes per defect with Coverity, realizing a savings of 2,520 developer hours.

  • direct-edge.jpg

    Direct Edge Accelerates Time to Market with Coverity [VIDEO]

    Direct Edge, the fourth largest equities exchange in the world, relies on Coverity to help transform its organization by re-architecting development and QA to work more collaboratively together, turn software testing into a proactive process and create a predictable software delivery process.

  • nasa1.png

    NASA Jet Propulsion Lab Relies on Coverity for Curiosity Rover [VIDEO]

    Watch a brief video interview of Jennifer Johnson, VP marketing at Coverity, explaining how the NASA Jet Propulsion Laboratory Relies on Coverity to ensure the seamless touchdown and operation of the Curiosity Rover. Coverity is honored to have been able to contribute to this significant scientific achievement and help NASA unlock the secrets of whether life ever existed on Mars.

  • Logo_Qosmos1.png

    Qosmos Selects Coverity [VIDEO]

    Watch a brief video interview of Erik Larsson and Jérôme Tollet from Qosmos who have deployed Coverity Development Testing to ensure software quality for industry leading network intelligence and Deep Packet Inspection (DPI) technology.

  • Logo_CERN1.png

    CERN Improves Scientific Research with Coverity [VIDEO]

    Watch this interview with Axel Naumann from CERN, the European Organization for Nuclear Research. Hear Axel describe how Coverity has improved the integrity of the source code found across projects analyzing data from CERN’s Large Hadron Collider.

On Demand
Webinars

  • Avoiding the Most Common Defects in C# Code

    Threading issues, resource leaks, null dereferences, oh my! C# is designed to be a safer programming language than C, yet developers are still getting themselves into trouble with these all too common issues. Listen to this webinar to learn advances in semantic analysis and key tips and tricks for eliminating the most common defects in C# code.

  • Best Practices for Development Testing in Agile Environments

    Development testing is increasingly becoming a core discipline that software developers are incorporating into their daily routines. Watch this on-demand webinar to hear best practices for implementing development testing in Agile environments.

  • Best Practices for Becoming Coverity Clean

    Learn how SIGMA3, a leading provider of GeoEngineering solutions for the E&P industry, became “Coverity Clean”  as part of their overall commitment to product quality and to ensure their clients experience minimal Non-Productive Time (NPT) due to software defects.

  • 5 Tips from Intuit for Implementing Static Code Analysis

    Poor software quality has become one of the most expensive topics in human history with costs exceeding $500 billion per year worldwide. However, 97% of software defects can be removed through  code review, static analysis and unit testing. Learn how the implementation of static analysis at Intuit led to reduced technical, improved code quality and enhanced customer satisfaction.

  • Breakthroughs in Semantic Analysis of C#

    Static analysis shouldn’t be about finding pounds of coding style or standard issues. It should be focused on finding the most critical – potentially crash causing defects. Learn more about the latest advances in modern static analysis techniques and the crash causing issues they can find.

  • Top 5 Things Every C# Developer Needs to Know

    C# has become increasingly popular and complex, putting applications and organizations at risk for software failures. Learn how you can gain deeper intelligence into your code to avoid critical crash causing defects.

  • Bridging the Quality Gap – from Mainframe to Open Systems

    Learn about the Coverity and EZSource integration that enables organizations to perform cross platform and cross application analysis, and provides recommendations for remediation with deeper insight into critical quality and security issues.

  • Java Web Security By Example

    Learn how to exploit security vulnerabilities that are commonly found in the arsenal of malicious attackers. You’ll see how to hack a real world open source application and explore bugs in commonly used open source frameworks.

  • Improve Your Test Coverage by Testing What Matters Most

    Hear how ACE narrowed the scope of testing and identified 605 functions that were critical to fully test by prioritizing the critical components and filtering out those that were unnecessary to test with Coverity Development Testing.

White Papers

  • Accelerate Time to Market with Change Impact Testing

    QA teams don’t have time to test everything yet they can’t afford to ship buggy code. Learn how Coverity can help organizations shrink their testing cycles and reduce regression risk by focusing their manual and automated testing based on the impact of change.

  • Development Testing for C# Applications

    Static analysis shouldn’t be about finding pounds of coding style or standard issues – it should be focused on eliminating critical issues in your code. Learn how the Coverity platform can help find and fix high-impact, crash causing defects in your C# code.

  • Development Testing For Competitive Advantage

    Regardless of industry, more companies are finding themselves in the business of software. Learn how and why industry leaders such as Saro Jahani, CIO of Direct Edge, are turning to development testing for competitive advantage.

  • Transforming Testing Through Automation

    Learn about Coverity’s journey to transform its testing processes through automation and the impact it’s had on the people, processes and technology.

  • Fixing XSS: A Practical Guide for Developers

    This guide exposes the most common remediations to use when developing a web application in order to fix XSS. Discover the 13 common locations where dynamic data can appear in a web page.

  • Development Testing For Java Applications

    Learn how the Coverity Development Testing Platform can be used in conjunction with open source solutions to help you fix more of the quality and security issues in your Java code that matter, with your existing resources and a unified process across the enterprise.

  • PCI Compliance Starts at the Source

    As compliance and software security become more intertwined, software security is being driven by compliance needs.  This paper outlines the PCI DSS requirements around application security and how they can be effectively addressed with Coverity Development Testing to realize time, resource and process efficiencies.

  • Development Testing for Agile Enterprises

    Companies need to get their products to market faster to remain competitive and capitalize on market opportunity. Learn how the Coverity platform seamlessly integrates with Agile development methodologies and tools to help maximize development efficiencies.

  • Supporting ISO 26262 with Coverity Development Testing

    The International Organization for Standardization, ISO, has put forth ISO 26262 for road vehicle functional safety. It was created to provide guidance to avoid risk of systematic failures and random hardware failures through feasible requirements and processes.

Demos

  • Coverity Test Advisor – QA Edition

    Learn how Coverity Test Advisor – QA Edition enables Quality Assurance (QA) to reduce overall testing time by focusing on software code impacted by change and eliminating testing gaps.

  • Coverity Platform Overview – A Manager’s Perspective

    Learn how you can use the Coverity Development Testing Platform to take control of your development efforts: gaining visibility into risk, driving developer accountability for code quality and security, and improving the predictability of releases.

  • Coverity Platform Overview – A Developer’s Perspective

    Developers need to deliver more innovation with the same amount of resources. And that creates risk of software defects and security vulnerabilities escaping into the field resulting in lost revenue, damage to customer satisfaction and brand image.

  • Coverity Quality Advisor

    Surface quality defects in the developer workflow, with accuracy and actionable remediation guidance.

  • Coverity Security Advisor

    Surfaces security defects right in the developer’s workflow, with accuracy and actionable remediation guidance.

  • Coverity Policy Manager

    Enforce development testing across your organization with consistent quality, security and testing standards.

  • Coverity Test Advisor

    Improve the efficiency of unit testing by focusing time and resources on most critical parts of the code.

  • Coverity Connector for HP ALM

    Learn how the Coverity Connector for HP ALM integrates into HP ALM workflow to allow development traceability across the application development lifecycle.

  • Coverity in the Jazz Platform

    Learn how using the Coverity platform in your Jazz and Rational Team Concert deployment will help increase developer and testing efficiency, leading to faster time-to-market with lower overall cost.

Research

  • Coverity Scan Project Spotlight: LibreOffice

    LibreOffice, a Document Foundation project, is the default office suite of the most popular Linux distributions. Learn how they leveraged static analysis to improve their software quality and addressed more than 6,000 defects in less than one year.

  • 2013 Coverity Scan Open Source Report

    This report details the analysis of the Scan service’s most active open source projects, totaling over 250 million lines of open source software code. The report details the results of over 500 million lines of proprietary software code from a sample of anonymous Coverity users.

  • Coverity Scan Project Spotlight: Ptolemy II

    Ptolemy II is an open source Java project that is being used by U.C. Berkeley to teach EECS students how to develop high-quality software. Learn more about how they are teaching the next generation of Java developers to find and fix software defects.

  • The Global Market for Automated Test and Verification Tools

    Coverity has been recognized as the market leader in Automated Testing by VDC Research. Learn about key trends in automated testing and the embedded static analysis market and why static analysis is increasingly becoming a must-have solution.

  • Coverity Scan Project Spotlight: ANTLR

    ANTLR is a powerful, Java-based parser generator for reading, processing, executing or translating structured text or binary files. Learn how they’ve used our static analysis service to find and fix previously undiscovered, high- and medium-risk defects.

  • Coverity Scan Project Spotlight: Python

    Python software has been in use for more than 20 years, enabling secure and reliable programs for industry, service sector and research and science applications. Learn more about how they’ve achieved near perfect code quality.

  • Coverity Scan Project Spotlight: Samba

    Samba, the standard Windows interoperability suite of programs for Linux and Unix, is a long-time member of the Coverity Scan service. Learn how they’ve used the free static analysis service to drive industry-leading levels of software quality.

Datasheets

  • Coverity Test Advisor – QA Edition

    Coverity Test Advisor – QA Edition improves the effectiveness of manual and automated testing by monitoring execution and identifying gaps that can lead to failures in the field.

  • Coverity RTC Integration Solution

    The Coverity RTC Integration Solution enables organizations to view and manage critical quality and security issues within the IBM RTC Platform and improve collaboration between Development and QA.

  • Coverity Software Testing for C#

    The Coverity platform helps identify, manage and remediate critical defects in the code and improve the overall efficiency of automated testing efforts, reducing the cost, time and risk of software errors.

  • Coverity Verification Services

    Coverity Verification Services are designed to help you assure the quality of the code created outside of your organization and to help you address external quality and security mandates and coding standards.

  • Coverity Architecture Analysis

    Visualizes code structure to identify dependency conflicts and interface violations, detect architectural flaws that could create exposure, manage code complexity and enforce architectural design rules.

  • Coverity Solution Overview

    Developers need to deliver more innovation with the same amount of resources. And that creates risk of software defects and security vulnerabilities escaping into the field resulting in lost revenue, damage to customer satisfaction and brand image.

  • Coverity Quality Advisor

    Surface quality defects in the developer workflow, with accuracy and actionable remediation guidance.

  • Coverity Policy Manager

    Enforce development testing across your organization with consistent quality, security and testing standards.

  • Coverity Security Advisor

    Surfaces security defects right in the developer’s workflow, with accuracy and actionable remediation guidance.

  • Coverity Software Testing for Java

    Coverity helps Java developers find hard-to-spot, yet potentially crash-causing defects early in the software development life-cycle, reducing the cost, time, and risk of software errors.

  • Training: Coverity Quality Advisor

    This four day, hands-on and interactive instructor-led course provides you with the knowledge needed to deploy and administer Coverity Quality Advisor in your development environment.

Videos

  • The Most Interesting Defect

    In this video, C# expert Eric Lippert tells us about his favorite defect checker in the Coverity Development Testing Platform.

  • Finding and Fixing Defects in C#

    Hear from C# guru Eric Lippert about the history of C# and how it’s grown in complexity – plus learn about the three most common types of defects within C# code.

  • Hear C# Guru Eric Lippert Break Down Coverity vs. FxCop Code Analysis for C#

    In this video, Eric Lippert discusses the key differences between Coverity’s source code analysis for C# and that of Microsoft’s FxCop. Quick summary: the two solutions are complementary: the Coverity platform looks for critical crash causing issues while FxCop looks for coding style and standard issues.

  • Coverity Development Testing Platform Overview

    The Coverity Development Testing Platform empowers development to build quality and security testing into the development process for fast, resilient and predicable software delivery.  With Coverity, development organizations can transform software testing from reactive to proactive, and into a competitive advantage.

  • Coverity SAVE Whiteboard

    Award-winning analysis engine applies multiple patented techniques for accurate issue detection, based on a decade of research and development and analysis of over 5 billion lines of proprietary and open source code.

Resources By Industry

Safety and
Mission Critical

  • On Demand Webinar

    Best Practices for Becoming Coverity Clean

    Learn how SIGMA3, a leading provider of GeoEngineering solutions for the E&P industry, became “Coverity Clean”  as part of their overall commitment to product quality and to ensure their clients experience minimal Non-Productive Time (NPT) due to software defects.

  • On Demand Webinar

    Improve Your Test Coverage by Testing What Matters Most

    Hear how ACE narrowed the scope of testing and identified 605 functions that were critical to fully test by prioritizing the critical components and filtering out those that were unnecessary to test with Coverity Development Testing.

  • Case Study

    Schneider Electric Trims Hours with Coverity [PDF]

    Read how Schneider Electric was able to trim the engineering hours required to fix critical defects from 2 days to 15 minutes per defect with Coverity, realizing a savings of 2,520 developer hours.

  • White Paper

    Supporting ISO 26262 with Coverity Development Testing

    The International Organization for Standardization, ISO, has put forth ISO 26262 for road vehicle functional safety. It was created to provide guidance to avoid risk of systematic failures and random hardware failures through feasible requirements and processes.

  • Case Study

    NASA Jet Propulsion Lab Relies on Coverity for Curiosity Rover [VIDEO]

    Watch a brief video interview of Jennifer Johnson, VP marketing at Coverity, explaining how the NASA Jet Propulsion Laboratory Relies on Coverity to ensure the seamless touchdown and operation of the Curiosity Rover. Coverity is honored to have been able to contribute to this significant scientific achievement and help NASA unlock the secrets of whether life ever existed on Mars.

  • Case Study

    CERN Improves Scientific Research with Coverity [VIDEO]

    Watch this interview with Axel Naumann from CERN, the European Organization for Nuclear Research. Hear Axel describe how Coverity has improved the integrity of the source code found across projects analyzing data from CERN’s Large Hadron Collider.

Mobile and
Electronics

  • On Demand Webinar

    Improve Your Test Coverage by Testing What Matters Most

    Hear how ACE narrowed the scope of testing and identified 605 functions that were critical to fully test by prioritizing the critical components and filtering out those that were unnecessary to test with Coverity Development Testing.

Networking and
Telecommunications

  • On Demand Webinar

    Improve Your Test Coverage by Testing What Matters Most

    Hear how ACE narrowed the scope of testing and identified 605 functions that were critical to fully test by prioritizing the critical components and filtering out those that were unnecessary to test with Coverity Development Testing.

  • Case Study

    Qosmos Selects Coverity [VIDEO]

    Watch a brief video interview of Erik Larsson and Jérôme Tollet from Qosmos who have deployed Coverity Development Testing to ensure software quality for industry leading network intelligence and Deep Packet Inspection (DPI) technology.

Financial Services
and Insurance

  • On Demand Webinar

    Improve Your Test Coverage by Testing What Matters Most

    Hear how ACE narrowed the scope of testing and identified 605 functions that were critical to fully test by prioritizing the critical components and filtering out those that were unnecessary to test with Coverity Development Testing.

  • White Paper

    PCI Compliance Starts at the Source

    As compliance and software security become more intertwined, software security is being driven by compliance needs.  This paper outlines the PCI DSS requirements around application security and how they can be effectively addressed with Coverity Development Testing to realize time, resource and process efficiencies.

  • Case Study

    Direct Edge Accelerates Time to Market with Coverity [VIDEO]

    Direct Edge, the fourth largest equities exchange in the world, relies on Coverity to help transform its organization by re-architecting development and QA to work more collaboratively together, turn software testing into a proactive process and create a predictable software delivery process.

Software
and Internet

  • On Demand Webinar

    Improve Your Test Coverage by Testing What Matters Most

    Hear how ACE narrowed the scope of testing and identified 605 functions that were critical to fully test by prioritizing the critical components and filtering out those that were unnecessary to test with Coverity Development Testing.

  • Case Study

    SAP Runs Coverity [VIDEO]

    Watch a brief video interview with SAP’s Chief Product Security Officer and TIP Governance & Code Analysis Team Lead, who explain how Coverity helps ensure product security at SAP.

  • Case Study

    Novell Drives Software Quality with Coverity [PDF]

    Thousands of organizations use Novell’s collaboration, endpoint management and file and networking products to become more productive, secure and manageable. With Coverity, Novell has seen enhanced developer productivity, faster time-to-market and greater customer satisfaction.