Coverity™ Introduces New Static Analysis Solution for C#

Coverity Prevent™ to Help Developers Eliminate Quality and Security Defects from Applications Built on Microsoft .NET Framework

Coverity™, Inc. announced Coverity Prevent™ for C#. The product utilizes a new analysis engine developed by Coverity’s research and development lab that is designed specifically for detecting defects in applications built on Microsoft’s .NET framework. Prevent for C# expands the language coverage of Coverity’s static analysis products, and brings the company’s proven expertise in automatic defect detection to developers programming in C#. Over 450 development organizations currently use Coverity Prevent to ensure the quality and security of their C/C++ and Java code.

“To remain competitive, software development team leads need to stock their developer’s tool-box with advanced technology to maintain or improve productivity that helps them deliver higher quality code to everyone upstream,” said Theresa Lanowitz, founder of voke, a technology analyst firm. “As a language, C# is playing an increasing role in failure-intolerant devices, particularly in the embedded space. Coverity's expertise in static analysis will be a welcome addition to the tool-box of any C# developer.”

Unlike other static tools that simply extend existing analysis capabilities to encompass a new language, Prevent for C# is based on an entirely new analysis engine designed and optimized for Microsoft .NET-based applications. It seamlessly handles features of the C# language such as operator overloading, properties, and idioms for iteration and resource management. Prevent for C# also automatically finds third party .NET assemblies to ensure a complete analysis result, no matter how complex the application.

Coverity Prevent for C# automatically analyzes large, complex C# code bases and detects critical, must-fix defects that could lead to system failures, memory corruption or performance degradation. Because the product is the only C# static analysis tool to deliver 100% path coverage, it delivers the most comprehensive and accurate C# source code analysis. Prevent for C# requires no changes to existing build processes or code, and easily integrates into existing build processes and requires little or no additional hardware. Key capabilities of Prevent for C# include: Detect Critical Defects - Automatic detection of defects in C# source code that can cause crashes, performance degradation and incorrect program behavior

• 100% Path Coverage - Analysis of every path in C# code bases, ensuring that all possible execution branches are followed
• Low False Positive Rate - Accurate, actionable results help developers immediately begin improving the quality and security of their code
• Flexible Workflow - Defect Manager product interface allows teams to collaboratively view analysis results, triage defects, assign ownership, and provides comprehensive workflow capabilities
• Highly Scalable - Millions of lines of code can be analyzed in a matter of hours

“Coverity developed Prevent for C# in response to requests from our existing customer base and the growing use of the .NET application framework in mission-critical systems where software defects can be tremendously costly,” said Andy Chou, chief scientist and co-founder at Coverity. “Delivering new technology so that our static analysis product line covers C, C++, C# and Java is a significant milestone on our roadmap for our flagship static analysis solution.”

About Coverity
Coverity (www.coverity.com), the leader in improving software quality and security, is a privately held company headquartered in San Francisco. Coverity’s groundbreaking technology enables developers to control complexity in the development process by automatically finding and helping to repair critical software defects and security vulnerabilities throughout the application lifecycle. More than 450 leading companies including ARM, Phillips, RIM, Rockwell-Collins, Samsung and UBS rely on Coverity to help them ensure the delivery of superior software.