Coverity has introduced a development testing maturity model to promote a new level of adoption for development testing into the software development lifecycle. This model comes with new software services designed to address the risk of quality and security issues in third party, externally developed code.
- Back to Basics with Log Management, SIEMs & MSSPs
- IDC SpotLight: Protecting Against Threats with Application Security Testing
- Security Professionals, We Need Your Input: Got 10 mins to spare?
- Salary Survey: Can you spare 10 minutes?
- Vendor ATT&CK Misdirection and How to Avoid It
- The Cost of Industrial Cyber Incidents & How to Prevent Them
As quality and security software compliance mandates now spiral around us, the firm's Development Testing Maturity Model is a branded product that champions a "phased-in approach" to development testing adoption and software development lifecycle integration.
These services use the SAVE static analysis verification engine as a foundation and the total package here includes code verification services, training, and developer certification. An audit service provides visibility into the quality and security of code supplied by third parties.
Also included is a security service that addresses the top OWASP and CWE issues that impact Java web applications — and this enables them to reduce their risk of security vulnerabilities as well as improve the collaboration between internal development and security teams.
"Development testing is now an industry best practice for all types of companies that develop software-based products and services. However, even with the benefits of development testing, organizations need to ensure its implementation doesn't disrupt the software development process or distract the team from getting products to market quickly and on-schedule," said Coverity's Sunil Nagdev.