Armorize, Coverity unite to combine quality, security analysis
July 13, 2010 —
The usually separated tasks of quality and security analysis are unified with the Coverity-Armorize Product Integration, a new solution announced today that combines Coverity Static Analysis and Armorize CodeSecure.
Bringing to the table its static analysis offering, Coverity enables development teams to see and resolve quality defects, as well as see false positives and the severity of security vulnerabilities detected by security teams. This way, “developers are fixing security and quality problems side by side and are treated the same way,” said Andy Chou, Coverity’s CTO.
“It’s hard for security and development teams to collaborate with each other,” he added, “and it’s one challenge I think we can solve with this partnership of unified quality and security static analysis.”
Armorize’s CodeSecure, a static source code analysis platform, aids in the collaboration of security and development teams. Each security team is given its own CodeSecure console where projects from Coverity are pulled in, explained Caleb Sima, Armorize’s CEO and the former founder of code analysis software maker SPI Dynamics, which was acquired by HP in 2007.
With the console, security teams can assess the risks of the applications, apply security policies such as scanning for cross-site scripting, and prioritize the vulnerabilities, Sima said. The vulnerabilities are then automatically routed to the right developer in the defect management interface, Coverity Integrity Manager, to be fixed, he added. CodeSecure also shows security teams when vulnerabilities are resolved on the development side.
“Traditionally, security has had to force its way into development and has always had to work to produce secure applications without delaying a project,” Sima said. But with this solution, the two teams can work seamlessly together, reducing development time, he said.
The solution is expected to be out of beta by the end of this year.
Related Search Term(s): Armorize, Coverity, security
Share this link: http://sdt.bz/34473
Most Read Latest News Blog Resources
Appcelerator Acquires Cocoafish to Add Instant Mobile Cloud Capabilities to its Industry Leading Titanium Platform
Appcelerator Offers Messaging, Social, Location and Storage Mobile Cloud Services to All Mobile App Publishers
|
|
Taking enterprise architecture to the business side
Startup Corso is bringing out a cloud-based planning platform that ties into business plans
|
|
ComponentOne Releases a Collection of 40+ UI Widgets Powered by HTML5 and jQuery
ComponentOne has announced the 2012 release of Wijmo: a kit of UI widgets for HTML5 and jQuery development
|
|
Top five apps to manage your workload
Web applications offer new ways to track your “to-do” lists
|
Taking enterprise architecture to the business side
Startup Corso is bringing out a cloud-based planning platform that ties into business plans
|
|
Top five apps to manage your workload
Web applications offer new ways to track your “to-do” lists
|
|
Not so fast when it comes to testing in the cloud
Developers face outsourcing, virtual lab management and mobile devices as obstacles
|
|
Xceed releases UX-focused suite for Microsoft’s WPF
"Blendables" helps match user experiences to developer visions
|
Are you at risk for burnout?
Burnout is a severe problem and it can strike at any time. Here's how to tell if you are nearing the edge.
|
|
Agility, mom, and apple pie
If we're to evaluate the state-of-the-art in software development, we should start with the values espoused in the Agile Manifesto.
|
|
RIM woos developers with free tablet
How do you get more apps ported to the BlackBerry PlayBook? By giving every developer a free tablet, of course!
|
|
GitHire: Use Headhunters to Find Your Perfect Programmer
Are you a hiring manager tired of scouring the job boards? Check out this new service that will find 5 people interested in your jobs.
|
The Hidden Costs of Software Licensing
Moving beyond paper-based software licensing to more flexible, software-based licensing is a business decision. There is a growing trend tow...
|
|
Case Study: You May Need a Development Mechanic
As a contractor for a major financial player in Germany, SOBEGE, a German-based consultancy specializing in embedded IT and web services, wa...
|
|
Ensuring Software Quality at a Major International Bank
One of the world’s leading international banks has adopted AgitarOne technology for delivering generated unit tests for their Java software...
|
|
Load Testing Adobe Flex Applications
Adobe Flex applications may be different from applications you’ve worked with before. For classic HTML web applications, the server does all...
|