![[Deutsch]](flaggeD.jpg){kind=small}
Coverity Prevent - Security
Coverity Prevent reduces the risk of application-level security vulnerabilities in source code. By automating the process of scanning, reporting and monitoring for vulnerabilities, Coverity eliminates significant risk posed by flawed programming. Coverity analyzes 100% of all possible paths to find the most critical security vulnerabilities and performs its analysis noninvasively without disrupting the development process.
With Coverity, developers and security teams identify and eliminate source level vulnerabilities that can be triggered from the outside. With an increasing number of high profile security attacks being traced back to the source code, Coverity enables engineers to address security problems at the source where they can be eliminated completely.
Leading edge security customers such as Department of Homeland Security, Symantec, PGP, Checkpoint and McAfee secure their code with Coverity's products to ensure stability and security. By leveraging the Coverity Analysis Engine, Coverity Prevent leverages the industry-leading interprocedural data flow analysis capability to find and report complex defects with unparalleled depth, accuracy and precision.
Finding Vulnerabilities at the Source
Coverity detects vulnerabilities by precisely identifying unsafely coded software. Coverity's low false positive rate enables security teams to focus on real issues. Leveraging the power of the Coverity Analysis Engine, Coverity Prevent analyzes code for many critical vulnerability categories including:
|
|
Additional checks are also performed which may affect security. Please see the quality and concurrency checkers on the separate product pages.
Coverity's analysis goes far beyond elementary contextual code analysis. In addition to looking at individual lines of code, Coverity pinpoints vulnerabilities across complex code processes and functions. With Coverity, you don't just get warnings about individual lines of code; you get a full picture of every event that contributed to a detected vulnerability so that it can be quickly identified and fixed.
Reporting
By pinpointing vulnerabilities across complex code processes and functions, our customers track the complex progression of software operations to detect improperly constructed code. Coverity provides reports that can be used to perform overall assessments as well as hone in on risk areas. These can be at the granularity of entire code bases down to individual functions, files and components levels.
Extensibility
Create customized security analysis based on unique organizational security requirements. By leveraging the Coverity Analysis Engine, creating detailed customized vulnerability checkers takes only minutes. To learn more about the Extend product, please see the Extend product page.
Coverity offers a free code audit to demonstrate and prove the capabilities of Coverity Prevent . To learn more, click here.
 Coverity Mainpage |
 |
 Next page |
last updated: 12.02.2008
© 2004-2008 Coverity Inc.
Prevent and Extend are products and trademarks of Coverity,
San Francisco (USA)
all other trademarks of this site are the property of their respective owners.