As I mentioned earlier,
Coverity is one of the vendors to watch. They really can make your code cleaner, more reliable, and more secure.
I saw a presentation given by Coverity CTO, Ben Chelf , that unequivocally proved to a room full of highly skilled developers that it is neither simple or pleasant to cover 100% of your code when searching for bugs and the simplest of things are not really as simple as they appear. At the end of the session, developers were clamoring to find out more about what Coverity could do for them. This is what every good demo sets out to accomplish.
Coverity views the software life cycle as “design / code / system test / QA / release." The Coverity products fit squarely in the “code and system test” portion of the life cycle and focus on quality, security, and concurrency. By conducting 100% code coverage of all possible paths in the source code, Coverity can uncover bugs early in the life cycle – read as - before deployment of the code. This basic truth about detecting bugs earlier in the life cycle has been around for quite some time, yet many development organizations choose to not invest in this practice? Why?
The area of application security is another gold mine for Coverity. Coverity knows that the same security issues that exist in enterprise software applications will make appearances in device software. There is a remarkable bridge here with what Coverity can deliver in terms of application security. Yes, network security is important, but application security represents the last mile and the most opportunity for any would be hackers. One of the largest objections to application security tools has been the high rate of false positives. Coverity promises the false positive rate to be less than 20%. Security vulnerabilities are coming to a device or an application near you, so be prepared.
And, finally, Coverity can handle concurrency issues by detecting errors in multi-threaded programs.
Coverity has a stable of innovative products to help developers eliminate costly bugs and security vulnerabilities. And, Coverity understands that source code is source code regardless of where and what it may be powering. Software bugs show no favoritism and will appear in enterprise software or device software – it is up to the wise developer to eliminate them early and easily.
What’s next?...we live in a global world, shouldn’t your products and applications?