Coverity and Armorize link code quality, security analyses

Tuesday, July 13, 2010 11:18
Posted in category Uncategorized
3 Comments

Code quality and security analyses are being united through the integration of products from Coverity and Armorize Technologies, the companies are announcing on Tuesday.

The integration will link Coverity Static Analysis, for code analysis, with Armorize CodeSecure, for security analysis. Integrations will be featured in upgrades of the two products planned for the end of this calendar year.

[ InfoWorld's Paul Krill reported in February about Microsoft promoting security exercises for software development. ]

“We really believe that security needs to be addressed during the development process and not as a separate step afterward,” said Andy Chou, chief scientist and co-founder at Coverity. This way, developers can prioritize security defects in the same manner at quality defects — when writing of code is still fresh on their minds, he said. Usually, security is addressed later on in the application development lifecycle, Chou said.

Coverity’s Static Analysis looks for issues such as buffer overflows and concurrency problems, Chou said. CodeSecure looks for issues such as SQL injection and cross-site scripting problems, said Caleb Sima, CEO of Armorize.

The integration creates a new level of collaboration between security and development, providing assurance that development is fixing security vulnerabilities with every iteration without developers having to become security experts, the companies said.  

This article, “Coverity and Armorize link code quality, security analyses,” was originally published at InfoWorld.com. Follow the latest developments in business technology news and get a digest of the key stories each day in the InfoWorld Daily newsletter and on your mobile device at infoworldmobile.com.

Read more about software development in InfoWorld’s Developer World Channel.

Share This:
  • Facebook
  • Twitter
  • StumbleUpon
  • Reddit
  • Digg
  • LinkedIn
  • MySpace
  • del.icio.us

Related Posts

  1. Klocwork tunes software code analysis suite for agile projects
  2. IBM looks to pair security technologies for software development
  3. Microsoft links security guidelines to agile development
  4. Oracle buys data quality vendor
  5. Old Apple QuickTime code puts IE users at security risk
You can leave a response, or trackback from your own site.
Tags: ,

3 Responses to “Coverity and Armorize link code quality, security analyses”

  1. Auction firm turns wrecked cars to cold cash. (Los Angeles Auto Salvage/Insurance Auto Auctions Inc.): An article from: National Underwriter Property & Casualty-Risk & Benefits Management | Flood Damaged Cars says:

    July 19th, 2010 at 12:26 pm

    [...] Coverity and Armorize link code quality, security analyses – genpop.net [...]

  2. JUNK CAR PARKING wreck tow NEW novelty sign | Flood Damaged Cars says:

    July 19th, 2010 at 2:39 pm

    [...] Coverity and Armorize link code quality, security analyses – genpop.net [...]

  3. Salvage vehicle title reform: Hearing before the Subcommittee on Commerce, Consumer Protection, and Competitiveness of the Committee on Energy and Commerce, … Congress, second session, September 21, 1994 | Flood Damaged Cars says:

    July 19th, 2010 at 10:49 pm

    [...] Coverity and Armorize link code quality, security analyses – genpop.net [...]

Leave a Reply

«
»