Build Security Into Your SDLC With Coverity


Are your developers getting discouraged by too many false positives from security tools that slow them down? You need a solution that boosts their productivity, finds real vulnerabilities, and provides expert remediation guidance. Coverity will help you achieve this and more. Learn about Coverity’s unique technical capabilities and why it should be your go-to solution for static analysis secu... » read more

Managing Web Application Security With Coverity


While security practitioners can and should play an active role in web application security, only developers are familiar enough with the code to fix software vulnerabilities. For this reason, security teams can most effectively prevent software vulnerabilities from entering production by equipping their development teams with the tools to fix security issues as they’re building applications.... » read more

How To Integrate SAST Into DevSecOps With Coverity


To reduce your time to market, your development teams must be able to scan every build for security weaknesses and vulnerabilities without sacrificing the efficiency of your development process. How can you effectively integrate application security testing tools throughout your CI/CD pipelines to create an exceptional DevSecOps culture and build secure, high-quality software faster? Ride th... » read more

2017 Coverity Scan Report


Today, open source software (OSS) development is one of the primary driving forces of technological innovation. From artificial intelligence to the Internet of Things, autonomous driving, and cloud computing infrastructure, OSS plays a pivotal role in the evolution of a wide range of technologies. But what are the implications of its dominance? To answer this, we review what we’ve learn... » read more

The Week In Review: Design


M&A Synopsys will acquire Black Duck Software, a provider of software for securing and managing open source software. Synopsys already has a stake in this area from its Coverity acquisition in 2014, which it has been using to analyze security practices in open source software. Founded in 2003 and headquartered in Massachusetts, Black Duck's products automate the process of identifying and ... » read more

EDA Moves Out Of The Shadows


EDA has long harbored ambitions that are larger than a piece of silicon. The engineering challenges being solved on a nanometric scale are remarkably similar to ones being solved at a much higher level—architectural design, layout, validation, verification, debug, thermal mapping, and a lot more. The problem, at least until recently, is that it has been difficult to gain a foothold in larg... » read more

Embedded Software Verification Issues Grow


Embedded software is becoming more critical in managing the power and performance of complex designs, but so far there is no consensus about the best way to approach it—and that's creating problems. Even with safety-critical standards such as DO-178C for aerospace and [gettech id="31076" comment="ISO 26262"] for automotive, different groups of tool providers approach software from differen... » read more

Transforming Testing Through Automation


"Test your code as you write it.” That’s a common mantra heard in many development teams today. However, for too many, that practice remains a lofty goal as opposed to a business reality. They lack the appropriate metrics and processes to make and measure progress and often underestimate the effort required to manage the cultural change. In this paper you will learn how Coverity: Red... » read more

Development Testing For C# Applications


Static analysis shouldn’t be about finding loads of coding style or standard issues. It should be focused on finding the most critical defects. Although traditional byte code analysis solutions such as FxCop are useful, they can miss critical, crash causing defects - plus produce a large set of coding style issues, which can slow down the development team. Learn how the Coverity Development T... » read more

Managing Quality With Developer Desktop Analysis


Even the most seasoned developer is prone to introducing a few new bugs in new or modified code. Static analysis is a great solution to help development teams find and fix those issues. Now with Coverity’s new desktop analysis capabilities, developers can find and fix their own defects before checking their code into the source control management system – and before anyone else finds the de... » read more

← Older posts