Coverity, Inc.

Coverity, the leader in software integrity, is the trusted standard for companies that have a zero tolerance policy for software failures, problems, and security breaches. Coverity's award-winning portfolio of software integrity products enables customers to prevent software problems throughout the application lifecycle. Over 100,000 developers and 600 companies including ARM, Phillips, RIM, Rockwell Collins, Samsung and UBS rely on Coverity to help them ensure the delivery of superior software. Coverity is a privately held company headquartered in San Francisco with offices in 6 countries and more than 150 employees.

Our Website:

Latest Content From Coverity, Inc.

Whitepaper: Effective Management Of Static Analysis Vulnerabilities And Defects

by Coverity, Inc.Jul 01, 2009

Whether your organization utilizes an agile or waterfall development methodology, the addition of static analysis will bring about a change in the way your development team thinks about their code. This is because an accurate static analysis tool is a source of information that demands the attention of developers, QA testers, and managers alike. With objective and actionable information regarding source code quality and security, developers need to decide in advance how they will manage an array of newly identified defects in their code.

Whitepaper: Controlling Software Complexity

by Coverity, Inc.Jun 06, 2009

Software developers today face significant opportunities and challenges. The appetite that both organizations and consumers share for software has made development a dynamic and competitive business, creating opportunities for large companies and start-ups alike.

Because of the increasing role that software plays in almost every facet of our lives and businesses, developers are under constant pressure to perform. Today, developers are challenged to deliver increasingly advanced applications on stringent timetables. Compound this with the growing complexity of applications themselves, add distributed or outsourced development teams, and it's easy to see why software is becoming larger and more complex to produce and manage.

Whitepaper: Software Build Analysis

by Coverity, Inc.Jun 01, 2009

Software builds are a pulse of progress for any software development cycle. An agile, well-designed build system should seamlessly assemble software as it is being developed in the most efficient way possible. Today, too few organizations are able to bring this ideal to fruition. Many development projects are plagued with builds that are too slow, break often, or cannot easily be modified. These limitations constrict the ability of developers to incorporate new or acquired code into existing applications.

Whitepaper: The Next Generation Of Static Analysis

by Coverity, Inc.Jun 01, 2009

This white paper will provide a brief overview of the history of static analysis and explain how the use of SAT in static analysis is enabling developers to improve the quality and security of their code by identifying a greater number of critical defects in their code with a low rate of false-positive results.

Whitepaper: Meeting DO-178B Software Verification Guidelines With Coverity Integrity Center

by Coverity, Inc.May 15, 2009

Development organizations that create safety-critical airborne software systems must have the systems approved for use by the Federal Aviation Administration (FAA). The FAA recognizes DO-178B as an acceptable means of compliance for securing the Federal Aviation Administration�s (FAA) approval of software in airborne systems and equipment. Created by RTCA, this standard provides guidelines for determining that the software aspects of airborne systems and equipment comply with airworthiness requirements. Many of the guidelines in the Software Verification and Software Lifecycle Data section of this standard can be supported with the use of the Coverity Integrity Center, a software analysis solution used to find critical defects throughout the software development life cycle.

Whitepaper: Ensuring Code Quality in Multithreaded Applications

by Coverity, Inc.May 15, 2009

Today, the world of software development is presented with a new challenge. To fully leverage this new class of multi-core hardware, software developers must change the way they create applications. By turning their focus to multi-threaded applications, developers will be able to take full advantage of multi-core devices and deliver software that meets demands. But this paradigm of multi-threaded software development adds a new wrinkle of complexity for those who care about software quality. Concurrency defects such as race conditions and deadlocks are software defect types that are unique to multi-threaded applications. Complex and hard-to-find, these defects can quickly derail a software project. To avoid catastrophic failures in multi-threaded applications, software development organizations must understand how to identify and eliminate these deadly problems early in the application development lifecycle.

Whitepaper: The Seven Deadly Myths Of Software Security

by Coverity, Inc.Jan 12, 2009

With the reality of software security vulnerabilities coming into sharp focus over the past few years, businesses are wrestling with the additional risk that poor security introduces. And while the risk is becoming clearer, methods to defend applications from attack remain murky. Further clouding the picture, the responsibility for application security tends to fall organizationally in a netherworld between the offices of the CSO (compliance and risk), the CTO (application development), and the CIO (information operations). All three groups are committed to the business succeeding (which also means keeping the business safe), but their charters and approaches tend to be very different. For any given aspect of security or functional role within the organization, one can find lists of �best practices� from a wide range of sources. While these lists can sometimes be helpful, unfortunately, they have lead to many �myths� about application security that have taken root. In this paper, Coverity addresses some of the most prevalent myths about security to consider when looking to improve the security of your software.

Whitepaper: Open Source Quality And Security Report

by Coverity, Inc.Oct 10, 2008

In January 2006, Coverity was awarded a contract from the U.S. Department of Homeland Security as part of the agency�s Open Source Hardening Project, designed to improve the security and quality of open source software. As part of this project, Coverity Prevent, a static analysis tool, was made available to open source software projects via the Scan web site. Through the Scan site, open source developers can retrieve the defects identified by Prevent analyses through a portal accessible only by qualified project developers.