Skip to main content

Coverity® Security Advisor 6.5

Tab navigation

Coverity® Security Advisor surfaces security defects in the developer workflow, with accuracy and actionable remediation guidance.

  • Enable your developers to troubleshoot and fix the security defects that matter quickly and efficiently, without requiring deep security expertise.
  • Effectively build security into development to reduce re-work costs and delayed time to market resulting from defects found late in the cycle.
  • Reduce the risk of costly and brand-damaging security breaches in the field or in production.

Security Advisor surfaces defects identified by the Coverity® Static Analysis Verification Engine (Coverity SAVE™) for fast and easy remediation. Coverity SAVE intelligently tests code with a deep understanding of behavior and criticality to accurately identify defects in both C/C++ and Java applications, including buffer overflows, integer overflows, format string errors, SQL injection and cross-site scripting (XSS).

Coverity SAVE analysis innovations for Java web application security include:

  • Enterprise Framework Analyzer: augment source code analysis by providing a deep understanding of modern web applications including dependency injection, entry points and the MVC paradigm.
  • White Box Fuzzer: automatically validate that data sanitization routines perform sufficient sanitization of untrusted data and are used in the right context.

Business information

Show all   |   Hide all


  • + Functional details

    Security Advisor defects are surfaced within a unified issue management console providing:

    • Defect ranking based on criticality and impact
    • Source code navigation to identify the exact path to the defect
    • Automatic identiication of every defect occurence
    • CWE mapping and knowledge base for each defect
    • Automatic defect assignment

     Through a deep understanding of the code and application, the Security Advisor remediation engine ensures your developers remediate defects faster, and ‘get it right the first time’.  Security Advisor also integrates with existing lifecycle tools to make development testing a natural part of the SDLC process.

     

  • + Business problem

    Most of the attacks are now perpetuated at the application level, yet the majority of security measures put in place today focus on protecting the infrastructure or the network perimeter. By enabling developers to fix security defects early in the development lifecycle, a large portion of security defects can be removed before they reach QA or escape into the field, enabling you to reduce the risk of costly and brand-damaging security vulnerabilities in production.

  • + Return on investment

    By moving testing upstream into development, issues are identified earlier in the process when they cost less to fix.

    Software Development Lifecycle impact:

    • shrink QA and security testing cycles—and focus testing on areas which require their expertise
    • improve collaboration between Development and Security teams
    • reduce the cost and time of troubleshooting and re-work
    • allocate more time and resources to feature development
    • minimize the number of defects that escape into production

    Business impact:

    • accelerate time to market
    • enhance customer satisfaction
    • increase revenues and reduce costs
    • reduce the risk of costly and brand damaging security breaches

  • + Competitive advantage

    One of the primary reasons that legacy security tools have failed in development is due to high false positives, or inaccurate results. We designed and built our engine from the ground up to address the complexity of today's modern applications which leads to more accurate results.This  ensures that developers will not waste time chasing down false positives or false negatives, but instead focus their efforts on fixing real, relevant and critical issues.

    Another key reason legacy security tools have failed in development is because they require security expertise and lack actionable remediation guidance. Through a deep understanding of the code and application, the Security Advisor patent pending remediation engine provides precise guidance with specific information about the right way to fix a defect and the best place to fix it in the code. This ensures your developers remediate defects faster, and ‘get it right the first time.’

  • + Industries

    Aerospace & Defense Industry
    Automotive Industry
    Banking Industry
    Chemicals & Petroleum Industry
    Computer Services Industry
    Consumer Products Industry
    Education Industry
    Electronics Industry
    Energy & Utilities Industry
    Financial Markets Industry
    Government Central/Federal industry
    Government, State/Provincial/Local Industry
    Healthcare Industry
    Industrial Products Industry
    Insurance Industry
    Life Sciences Industry
    Media & Entertainment Industry
    Professional Services Industry
    Retail Industry
    Telecommunications Industry
    Travel & Transportation Industry
    Wholesale Distribution & Services Industry

  • + Solution areas

    Cross industry
       Product Lifecycle Management
          Design
          Engineering and Analysis
          Implementation
          Planning

  • + Customer size

    Very Small Business (Less than 50 employees)
    Small Business (50 to 99 employees)
    Midmarket Business (100 to 499 employees)
    Midmarket Business (500 to 1000 employees)
    Large Business (greater than 1000 employees)

  • + Languages supported

    English
    Japanese

  • + Countries/regions available for distribution

  • + Solution collateral

    Name Date Categories
    Oct 4, 2012 Products
    Sales
    Sales Kits
    Oct 4, 2012 Products
    Sales
    Sales Kits
    Oct 4, 2012 Products
    Sales
    Sales Kits

Technical information

Show all   |   Hide all


  • + Hardware/OS platforms

    AIX 6.1
       IBM Systems: Power
    Windows Server 2008 (inclusive)
       IBM Systems: System x
    RHEL6
       IBM Systems: System x


Date last modified:    Oct 24, 2012


Coverity_Logo.jpg

Contact information

Joshua Haims
1-415-516-2789

Company

Coverity, Inc.
185 Berry Street
Suite 6500
San Francisco, CA 94107
United States

+1 415 3215200

Contact PartnerWorld

Live Chat is currently unavailable


The live chat service is normally available weekdays 8am-8pm Eastern Time. Use the 'Contact us' link or one of the other links for help now.