Industry's Leading Static Analysis Product

Coverity Static Analysis, formerly Coverity Prevent, leverages the most sophisticated, patented analysis techniques for finding and eliminating hard-to-spot, crash-causing defects in your code at the earliest phase of the development lifecycle. The most accurate static code analysis solution available today, Coverity Static Analysis automatically scans complex heterogeneous C/C++, Java and C# code bases with no changes to your code or build system, scaling to any size code base in a single analysis. Coverity Static Analysis’ intuitive interface makes it easy for developers to quickly find the defects they own, zoom in instantly on the priority defects that matter, and save resolution time through state of the art defect triage, increasing productivity and reducing the risk of costly product quality issues.

Customizable Analysis

Coverity Static Analysis provides the ability to fine tune analyses by modifying either the number of checkers deployed, or the settings specific to an individual checker, such as the threshold for null pointer dereferences. The ability to configure Coverity for a particular code block, or application, allows developers to select the level of performance most appropriate for their application, and leads to more accurate and reliable results. The Coverity Software Development Kit allows you to detect unique defect types in C and C++ code by creating custom checkers. This is in addition to creating custom checkers for finding concurrency, exception handling, and other critical issues. Learn More

Patented Techniques for Quality, Performance and Security Defect Analysis

Coverity Static Analysis uses sophisticated, in-depth analysis techniques to uncover the critical, must-fix defects that matter most to developers. The only provider of Path Simulation (through dataflow analysis) plus Boolean Satisfiability (SAT) solving, Coverity achieves 100% coverage of code and execution paths, delivering the deepest and most accurate static analysis available#8212;with false positive rates for some users as low as 5%. Because it produces a complete understanding of your build environment and source code, Coverity Static Analysis is the tool of choice for developers who need flexible, deep, and accurate source code analysis. The sophisticated technology that powers Coverity Static Analysis ensures the most accurate and comprehensive static analysis currently possible, with the lowest average false positive rate of any static analysis tool on the market.

Automatic Defect Analysis for Any Size Code Base

Hundreds of development organizations worldwide use Coverity Static Analysis to automatically analyze large, complex code bases, and root out the critical, must-fix defects that lead to system failures, runtime exceptions, security vulnerabilities, and performance degradation. A priority for our large customers is scaling the Coverity web application to hundreds of users, triaging thousands of defects, in millions of lines of code. Coverity Static Analysis scales to hundreds of users and multiple large code bases in a single instance. Coverity Static Analysis runs on top of either the customer's installed Oracle instance, or a robust, enterprise-grade open source database known as PostgreSQL. The web services standards makes it easy to extract and manipulate data stored in the Coverity Static Analysis in any programming language or scripting language. For Coverity Static Analysis administrators, the web services interface will give them the flexibility to fully integrate Coverity into the enterprise workflow.

Zero Impact integration with Build Environment

Developers run Coverity Static Analysis on large code bases (millions of lines), and very large code bases (tens of millions of lines or larger), on a nightly basis in central build environments. At Coverity’s largest customers, Coverity Static Analysis analyzes in excess of 50 million lines of code on a nightly basis. In addition to scalability in the central build environment, Coverity Static Analysis also delivers local/desktop analysis for developers to ensure their code is "clean before check-in". Developers using Eclipse and Visual Studio IDEs have the ability to analyze, triage, and repair their code prior to nightly builds on the central server.

Contact us to find out how static source code analysis can shorten your development cycles and improve your code quality.