Coverity has announced Coverity Build Analysis, a precision software analysis module available in the Coverity Integrity Center. Coverity Build Analysis technology addresses the wasted time and money consumed by inefficient and inaccurate build systems during software development. Coverity claims that Build Analysis is the first technology in the industry that automatically scans software builds to help companies eliminate quality, security, and compliance problems that can threaten to delay the delivery of products to market.
According to a recent customer survey, more than 60 percent of Coverity customers report software builds as a common point of failure in their business. With deep visibility into build processes, for the first time organizations can eliminate the financial burden broken builds inflict -- lost developer time, product delays and costly field defects. Coverity Build Analysis provides developers, build engineers, and security teams with the capabilities to:
- Improve Software Quality. Automatically identify the source of defects that occur due to improper or accidental inclusion of wrong object files.
- Reduce Wasted Time. Recapture productivity lost due to unnecessary build bottlenecks such as broken make files or redundant and long running processes.
- Prevent Security Risks. Halt the introduction of malicious or unintentional vulnerabilities through software components or open source packages that may contain known security problems.
- Stop Compliance Violations, Put an end to the creep of compliance violations caused by the lack of visibility in the assembly process with a comprehensive bill of materials that confirms the version and origin of all internal and open source code.
"Build systems today lack transparency, and as a result, organizations face costly problems associated with code from many outside sources that makes it into the build," said Mark Tolliver, Palamida CEO. "From a Palamida perspective, that means security and intellectual property risks due to open source code. We are pleased that we are working with Coverity to leverage their build analysis data with Palamida composition analysis to let customers know exactly what security vulnerabilities and IP risks exist in the open source shipping in their software."