Coverity has introduced a development testing maturity model to promote a new level of adoption for development testing into the software development lifecycle. This model comes with new software services designed to address the risk of quality and security issues in third party, externally developed code.
- Stop Malware, Stop Breaches? How to Add Values Through Malware Analysis
- Vulnerability Threat Management in 2015
As quality and security software compliance mandates now spiral around us, the firm's Development Testing Maturity Model is a branded product that champions a "phased-in approach" to development testing adoption and software development lifecycle integration.
These services use the SAVE static analysis verification engine as a foundation and the total package here includes code verification services, training, and developer certification. An audit service provides visibility into the quality and security of code supplied by third parties.
Also included is a security service that addresses the top OWASP and CWE issues that impact Java web applications — and this enables them to reduce their risk of security vulnerabilities as well as improve the collaboration between internal development and security teams.
"Development testing is now an industry best practice for all types of companies that develop software-based products and services. However, even with the benefits of development testing, organizations need to ensure its implementation doesn't disrupt the software development process or distract the team from getting products to market quickly and on-schedule," said Coverity's Sunil Nagdev.