Coverity tool supports new programming languages
Synopsys has announced its Coverity 2018.01 release of its static analysis tool, which analyses source code to detect critical quality and security defects early in the software development life cycle.
Coverity 2018.01 extends the tool’s support for new programming languages, coding standards, and development tool integrations. The latest version introduces support for Scala and VB.NET, provides full support for SEI CERT C coding standard rules (2016 edition), and includes enhanced plug ins for Jenkins continuous integration (CI) server to enable automated testing in DevOps environments
The tools used to find defects and potential security vulnerabilities throughout the development life cycle need to evolve to meet security and processing demands. By supporting new programming languages, secure coding standards, and out-of-the-box integrations with modern development tools, Synopsys says that it enables organisations to expand their software portfolios and embrace new development paradigms like DevOps with the assurance that their code is high quality and secure.
Coverity has been recognised as a leading application security testing solution by Gartner, Forrester, IDC, and VDC, and is a core component of the Synopsys Software Integrity Platform.
Enhancements include expanded language coverage. Coverity enables organisations to proactively build security and quality into their applications, even as they broaden their software portfolios and embrace new languages, frameworks, and technologies such as mobile and microservices. With each release, Synopsys expands Coverity’s support for new programming languages while strengthening its security analysis for existing languages. Coverity 2018.01 adds support for two new languages. The first is Scala, commonly used in microservices-based application development, and the second is VB.NET. The latest Coverity release also provides enhanced security analysis for Swift, PHP, Python, JavaScript, Java, C#, and Node.js. With these additions, Coverity supports the key programming languages used to build embedded and enterprise software, says Synopsys.
The release supports secure coding standards. Coverity enables organisations to comply with coding standards that promote the security, reliability, and safety of critical embedded software explains Synopsys. With the latest 2018.01 release, Coverity supports SEI CERT C (2016 edition), an industry standard for secure coding. In addition to CERT C, Coverity also supports all versions of the MISRA coding standard and is ISO 26262 certified.
Coverity is designed to support rapid and automated development workflows, with support for and integration with many of the popular development tools. Coverity 2018.01 provides plug ins for the latest IDEs, including Visual Studio, Eclipse, IntelliJ and Android Studio. For streamlined security testing, the latest release also supports out-of-the-box integration with Jenkins CI server. Coverity’s new Jenkins plug in has improved Jenkins Pipeline support, which enables retrieval of found issues by project and has enhanced data-filtering capabilities.
Synopsys’ Software Integrity Platform unites leading testing technologies, automated analysis, and experts to create a portfolio of products and services to help companies to develop personalised programs for detecting and remediating defects and vulnerabilities early in the development process.
http://www.synopsys.com/software
