New System Finds, Fixes Java, C++ Bugs

Coverity's new software seeks out flaws using multiple code analysis engines, along with a resolution system.

Sharon Gaudin, Contributor

May 2, 2007

2 Min Read
InformationWeek logo in a gray background | InformationWeek

A software security company released a new software product this week specifically designed to find flaws in C++ and Java coding that could cause vulnerabilities.

Coverity, Inc. announced the availability of its Coverity Prevent SQS (Software Quality System), an automated solution that is geared to not only identify but resolve critical defects in C, C++ and Java source code. The company said in a release that it maps 100% of the paths in any piece of software, using a technology it calls Software DNA Mapping.

A patent is pending for the mapping technology.

"Mapping the complete source code in an application is vital to being able to find and fix the most critical errors," said Theresa Lanowitz, founder and CEO of Voke, Inc., an industry analyst firm, in a written statement. "Coverity's technology is a major step in that direction. "In the real world, it is no longer enough to simply identify defects in source code... Discovering, managing, and fixing defects more quickly equates to greater customer satisfaction and accelerated time-to-market."

According to Coverity, its technology uses multiple code analysis engines, along with a resolution system, which is set up to allow organizations to mirror their existing software quality processes to fix coding defects automatically.

"After analyzing one billion lines of code, we have come to understand that identifying software defects is only one part of improving software quality," said Ben Chelf, chief technology officer of Coverity. "By understanding build systems automatically, understanding code automatically, and plugging in a workflow system that developers want to use, we now have a new solution to the software quality problem that customers can deploy quickly and easily."

Coverity's new tool can be licensed on an annual basis. Pricing is based on the number of lines of code to be analyzed.

About the Author

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights