The Coverity Development Testing Platform 7.0 arrives this week with claims of being the industry's first enterprise-scale solution which combines code analysis, change-aware unit test analysis, and policy management across C/C++, Java, and C#.
The firm is now offering 21 new (or enhanced) C# analysis algorithms further for defect detection in C# codebases, providing developers (in theory) with the information they need to fix quality defects, such as resource leaks, concurrency issues, and null references.
There is also expanded Java web application security coverage in the form of expanded coverage for the Open Web Application Security Project (OWASP) Top 10 and Common Weakness Enumerations (CWE) security vulnerabilities in Java applications.
Along with 17 new analysis algorithms for Java and C/C++ codebases, the firm highlights options to import critical defects into SonarQube, a popular open source quality management platform used in Java development, to view and manage a broader range of defects in Java applications within a single workflow.
CEO Anthony Bettencourt also points out new security audit and compliance views and reports within Coverity Connect and Coverity Policy Manager, which zoom into critical security issues identified, fixed, and outstanding, as well as report on compliance with regulations and standards such as the Payment Card Industry (PCI) Data Security Standard and the OWASP Top 10.
"New Coverity Test Advisor integrations with the Eclipse and Microsoft Visual Studio IDEs provide developers with intelligence into which unit tests they need to write and run based on the impact of a code change, right from the developer's desktop. In addition, Coverity Test Advisor has expanded support for unit test analysis on devices that run on the Android and Wind River platforms," said the company.
The Coverity platform now supports the Clang compiler, which is rapidly growing in popularity for mobile and web application development, and is commonly used in Objective-C and C/C++ software development.