Analysts say moves by tech leaders HP and IBM should boost flagging demand for application security tools

With the acquisition of Fortify Software by Hewlett-Packard this week, it’s clear that the major vendors are beginning to zone in on application security.

Recently in San Jose, TMC's CEO Rich Tehrani had a chance to sit down and interview Andy Chou, the Chief Architect of Coverity (News - Alert), who said the company has just launched a new partnership with Armorize Software, which works in enterprise malware detection.

Shares of Japanese auto giant Toyota Motor Corp. (TYO.7203) slipped, Wednesday, despite news that an initial investigation by the US government has revealed that the electronic throttles on Toyota vehicles, long suspected for being defective and causing unintended acceleration, are sound.

With modern military systems increasingly relying on software, new techniques are being adopted to decrease costs and increase the chances for mission success.

Software integrity is an indicator of risk created by software defects. Software integrity risk gauges the potential of a software defect altering the expected behavior, safety, performance or security of products and services operated by software.

To help developers learn about the integrity of all components in their software, Coverity, a supplier of code analysis tools, introduced a Software Integrity Rating program yesterday. The program measures defects in software and lets companies place a Coverity Integrity Seal on their software when it meets industry standards.

U.S. vehicle recalls related to electronic systems have tripled and investigations quadrupled in the past 30 years following a surge in the use of computers to control functions such as acceleration.

Source code analysis (sometimes called "static analysis") is a technology which analyzes source code for the purpose of detecting defects, understanding architecture, collecting statistics on the software and more.

Toyota is not the only car maker navigating around accusations of quality problems with its auto controls, but recent fatalities drove the company into the spotlight. Over the years, Ford, Audi and Nissan had similar troubles. In all cases, government agencies responsible for overseeing consumer safety detoured away from the situation.

The latest cases of uncontrolled acceleration in the Toyota Prius point to software glitches that the car industry needs to address with more rigorous testing, according to a company that specializes in software integrity.

Could software, or faulty logic design, be at the root of runaway acceleration problems plaguing Toyota automobiles?

Could software, or faulty logic design, be at the root of runaway acceleration problems plaguing Toyota automobiles?

How Coverity built a bug-finding tool, and a business, around the unlimited supply of bugs in software systems.

Thomas Schultz discusses tools and techniques that can help cure weaknesses in military software

We all make mistakes -- even software code writers working for major corporations. Coverity's goal is to help catch those mistakes before they become costly problems. The company recently released Version 5 of its software analysis tool, and seven years after starting up as a group of four grad students and their professor, it's now sitting on a list of over 400 customers.

The good news is that tools from companies like Coverity now make it relatively simple to check for software integrity in a more cost-effective and less work-intensive way.

Code analysis vendor combines Agile-friendly static, dynamic, build and architecture analysis in new offering.

Coverity is adding in version 5 of its namesake code scanning tool the ability to map all the downstream effects a change to a particular piece of code will have on the entire application.

Coverity has brought new defect-tracking and identification capabilities to an update of its software integrity suite.

Coverity 5 scans, prioritizes, and maps the impact of defects introduced by software changes

Coverity, a software integrity firm perhaps best known for its SCAN project of open-source software sponsored by the Department of Homeland Security thinks it has the preventive medicine to help organizations avoid the inevitable errors, defects, and failures that software change can introduce.

Many developers who write software in popular open source languages...are writing programs with more high-quality code these days, according to a recent survey conducted by Coverity Inc., a company that creates tools for software development and integrity - good news for security-minded consumers, to say the least.

Latest Coverity Scan report shows lower defect densities but NULL pointer errors are still common

Coverity details the findings from analyzing more than 11 billion lines of open source code from 280 open source projects

Static analysis can protect software organizations from leaking software defects in production and making the kind of front page news that everyone wants to avoid.

Coverity joins debate about the pros and cons of various licences available to free and open source software developer.

David Maxwell Open Source Strategist at Coverity will advocate the BSD license

the BlackBerry Smart Card Reader, together with the BlackBerry Enterprise Solution, provides advanced security features to meet IT requirements in corporate environments and public sectors, including Coverity Certification for Quality Code Level 2 and Secure Code Level 2

The Open Source Report 2008 and the Architecture Library Report, conducted by Coverity for the U.S. Department Homeland Security Cybersecurity Open Source Hardening Project, shows more than 10,000 defects fixed since project launch in March 2006.

There are plenty of ways to support open source without having to shell out cash. This is a very useful one indeed.

The story of how a Linux exploit actually wasn't, thanks to Coverity Prevent static code analysis.

The Scan Project analyzes the Linux kernel on an ongoing basis. This issue was identified months ago, and tracked up until the fix was committed.

There are many techniques for detecting security vulnerabilities, and the innovative companies recognized in this category have demonstrated that their products and services make a real difference.

Ben Chelf, Chief Technology Officer of Coverity, discusses Coverity Integrity Center and the crisis of embedded software development. Static code analysis, dynamic code analysis, architecture analysis to make building embedded software easier.

Studies show that when used correctly, static analysis can improve individual developer productivity by as much as 12.5% by automating the time-intensive task of identifying hard-to-find defects.

Automated static analysis can improve reliability of medical device software. Here are the key criteria that need to be considered when selecting a static analysis tool.

Coverity "has got an inhuman eye for detail. It's like having the most persnickety programmer in the world looking over your shoulder."

"Coverity's new offering may go a long way to changing the software development equation: more investment up front in developing software right the first time could save 10 times the cost of fixing/supporting broken code later."

Coverity's introduction of SAT into software analysis is of greater significance than earlier improvements in statistical analysis. SAT solvers represent a mature, highly developed technology that benefits from decades of optimization by computer hardware companies.

The Coverity Scan resource is probably the most comprehensive and high-level collection of diagrams of open sources projects.

Coverity...are taking steps to look into the build process to detect configuration and build issues sooner in the software development lifecycle than may normally be the case.

The latest version (of Coverity Prevent) beefs up the VS integration and adds support for Windows Mobile, Windows Automotive and Xbox. It also offers C# concurrency defect detection, which according to the company makes Prevent the first product to support this functionality.