Product Overview of Coverity
What is Coverity?
Coverity is a proprietary static code analysis tool developed by Synopsys, designed to empower developers and security teams to deliver high-quality, secure software. It is a leading solution in the Static Application Security Testing (SAST) market, with over 15 years of experience in scanning tens of thousands of applications.
Key Features and Functionality
Comprehensive Code Scanning
Coverity provides comprehensive code scanning that identifies critical software quality defects and security vulnerabilities early in the development process. This early detection makes it least costly and easiest to fix issues, ensuring compliance with security, functional safety, and industry standards such as OWASP Top 10, CWE Top 25, MISRA, and CERT C/C /Java.
Integration and Automation
Coverity seamlessly integrates automated security testing into CI/CD pipelines and supports existing development tools and workflows. It can be used on-premises or in the cloud via the Polaris Software Integrity Platform (SaaS), a highly scalable, cloud-based application security platform. This integration allows for automated scans on code commits and pull requests, uncovering issues early without impacting releases.
Real-Time Analysis with Code Sightâ„¢
The Code Sightâ„¢ IDE plugin extends Coverity analysis to the developer desktop, enabling developers to find and fix quality and security defects as they code. This plugin provides fast and accurate incremental analysis in the background, minimizing disruption and offering real-time results, including CWE information, remediation guidance, and relevant security training directly within the IDE.
Broad Language and Framework Support
Coverity supports more than 22 programming languages and over 200 frameworks and templates, as well as popular infrastructure-as-code platforms and file formats. This extensive support ensures that it can analyze applications of any size, even those with thousands of developers and tens of millions of lines of code.
Detailed Reporting and Compliance
Coverity provides built-in reports that offer insights into issue types and severity, helping teams prioritize remediation efforts and track progress toward compliance with various standards across teams and projects. This feature is crucial for managing compliance with coding standards that matter to the business.
Rapid Scan and Full Path Coverage
Coverity includes a Rapid Scan feature, a fast, lightweight static analysis engine that can scan web and mobile applications, microservices, and infrastructure-as-code (IaC) configurations quickly. Additionally, Coverity SAVE provides full path coverage, ensuring that every line of code and every potential execution path are tested using multiple patented techniques.
Use Cases and Benefits
- Accelerate Development: Coverity helps developers build better code without slowing them down, integrating seamlessly into their existing workflows.
- Increase Security and Quality: By identifying and fixing security and quality defects early, Coverity ensures application resiliency and reduces risk.
- Ensure Compliance: It helps track and manage compliance with industry standards and coding best practices.
- Scalability: Coverity is highly scalable, making it suitable for large codebases and extensive development teams.
In summary, Coverity is a powerful SAST tool that combines best-in-class security and software code quality analysis, providing developers and security teams with the tools they need to deliver secure, high-quality software efficiently and effectively.