Coverity, Inc., the software integrity leader, has unveiled Coverity 5, a software integrity offer that automatically scans, prioritizes and maps the impact of defects introduced by software changes. This new offer is specifically designed to help development organizations mitigate the business risk of software changes across their entire product portfolio. It is available from Embedded Logic Solutions .
Coverity 5 is the next generation of the entire Coverity software integrity product line, including the industry leading Coverity Static Analysis product. As part of this launch, Coverity is showcasing two major change impact innovations:
- The new Coverity 5 defect impact mapping capability is the first to enable developers to automatically map and identify how a single defect impacts multiple code bases, projects and products across the portfolio. Prior to Coverity, mapping impact of defects was a highly manual, inaccurate and time-consuming process.
- The new Coverity 5 unified defect management interface is the first to enable developers and management to review, prioritize and triage their C/C++, Java and C# defects in a single workflow, providing a single version of the truth for the state of integrity across the entire product portfolio.
Software changes introduce defects that can seriously damage products in the portfolio sharing the same code. Using traditional software analysis approaches, it is difficult, if not impossible, for developers to know exactly which projects, teams and products are impacted by new defects introduced by software changes. Coverity 5 is the first to enable developers to automatically scan software for new defects introduced by changes, instantly prioritize defect severity, and map impact to all products sharing the same code.
“Mitigating the risk of software changes is one of the biggest challenges for our global customer base, and we are tackling this problem head on with Coverity 5,” said Seth Hallem, Coverity CEO. “Our new defect impact management capabilities mark the most significant innovation in the software integrity market since our introduction of commercial static analysis. Coverity 5 delivers an unprecedented level of defect impact visibility to developers so they can make highly informed business decisions on how they prioritize and triage software problems.”
Coverity 5 provides the following new capabilities and enhancements:
New Defect Impact Management Capabilities:
- Defect impact mapping is a turnkey way for developers to know all other code bases, teams, projects and products that are affected by a single defect, providing them with powerful business context for prioritization and remediation.
- Unified defect impact management console is a rich web-based interface that allows developers to manage their C/C++, C# and Java defects in a single interface.
- Rich defect knowledge base gives developers detailed information on every defect discovered by Coverity, including plain language defect explanations and an assessment of the potential impact of the defect from both Coverity’s proprietary defect index and the industry standard Common Weakness Enumeration (CWE).
- Automatic severity filtering easily guides developers to high impact defects, cutting the guesswork out of triage prioritization.
Developer Productivity Enhancements:
- New state of the art code browser provides advanced defect drill-down capabilities, easy-to-use defect markers, shared views, and in-line expansion into inter-procedural defect details.
- Advanced defect reporting provides developers and managers an easy way to track defects fixed, defect trends, the overall state of integrity across the entire product line and evidence for defect remediation for compliance reporting.
- Robust scalability enhancements enable more concurrent users and simultaneous analysis commits, all powered by an industrial strength relational database.
Coverity Integrity Center Module Enhancements:
- Coverity Static Analysis and Coverity Dynamic Analysis now share a powerful interface to enable customers to manage all of their defects in the same workflow.
- Coverity Architecture Analysis now has new call graph and class hierarchy visualization that makes it easier for developers to see the internal structure of their program for program understanding and maintenance.
- Coverity Build Analysis now has new build reports that show build processes and file inputs and outputs so build engineers know if any unauthorized files are being accessed or whether there are processes that could compromise the security or behavior of the end product.
Coverity 5 will be generally available by the end of the first quarter of 2010. Coverity 5 is the new version of the entire Coverity software integrity product line.