Coverity and NT OBJECTives offer 'developer-ready' interactive application security testing solution
April 17, 2013 —
(Page 1 of 2)
Coverity, Inc., the leader in development testing, and NT OBJECTives (NTO), a leading provider of automated, comprehensive and accurate web application security software and services, today announced the companies have formed a partnership to enable the industry's first "developer-ready" Interactive Application Security Testing (IAST) solution. The IAST solution combines and correlates security defects identified by Coverity's highly-accurate Static Application Security Testing (SAST) software and NTO's Dynamic Application Security Testing (DAST) software, providing even more accurate testing results across a broader range of coverage, earlier in the Software Development Lifecycle (SDLC). These results are presented in the development workflow that developers use every day, in a language they understand, enabling them to quickly and efficiently remediate the security defects that matter, as code is written.
As organizations expand security testing into earlier stages of the SDLC, developers need testing solutions that reduce the time they waste with false positives, and enable them to more easily collaborate with security professionals. According to a 2011 Gartner Research report*, "Application and security specialists are in need of technologies that enable a higher accuracy of security testing of the enterprise's application for vulnerabilities such as SQL injection, cross-site scripting and buffer overflow." With this partnership, Coverity and NTO expands DAST from development to production. This provides both development and security teams with the visibility to more easily determine if defects are real, if they are exploitable, and most importantly, which defects need to be fixed first, based on risk.
"Coverity understands what it takes to build security into development—it's more than just integrating into an Integrated Development Environment. Developers at more than 1,100 organizations have relied on our platform to help find and fix quality and security defects, in a unified workflow," said Jennifer Johnson, Chief Marketing Officer for Coverity. "This partnership with NTO is a natural extension of our development testing platform, to increase the breadth of security testing into the development process in a way that developers will adopt. NTO is a valuable addition to our expanding partner ecosystem and we look forward to working with them to bring IAST into development."