Coverity Integrity Control

Coverity® Integrity Control is the first solution for code governance enabling software development organizations to set standard policies for source code quality, security, and development efficiency and then manage, monitor and report on these policies as code is tested. With Coverity Integrity Control, companies can automatically and consistently manage and enforce standard code testing policies across in-house development teams, outsourced development teams, and software provided by third party suppliers, which enables deep visibility into development risk across the software supply chain. Coverity Integrity Control is an integrated solution which leverages the development testing results from Coverity analysis solutions, and provides early warning into risk.

"From developer usability to management visibility, Coverity 5.5 makes the process of finding and fixing defects so easy for our development team that it is a natural part of their everyday workflow, not a chore or an afterthought." - Lou Montulli, VP of Engineering, at Zetta.net

Get Development Efficiency

Organizations are under extreme pressure to deliver high-quality releases faster in order to better meet customer demands and product release schedules. Centralized tools teams are being tasked with driving the adoption of tools to help development teams rapidly deliver innovation while maintaining product quality. Coverity Integrity Control enables organizations to establish and enforce policies for quality and efficiency standards, and report on improvements over time. Managers can quickly see which areas have adopted development testing as part of their quality improvement efforts. This increased visibility provides managers with a critical understanding of the areas of risk in their projects and teams and helps ease tool adoption.

Set Common Standards

Almost all organizations receive code from third party providers. Often, third party code is not treated with the same level of rigor as in house developed code which can lead to increased risk to the project and the business. Coverity Integrity Control enables organizations to establish clear and specific acceptance criteria up front such as the amount of high risk defects, the type of defects allowed, or the amount of technical complexity which can be tolerated. This common understanding of quality and security requirements helps improve collaboration. With the click of a button, teams get immediate visualization of the compliance to thresholds and where risk exists in their project by team or supplier.

Companies can easily audit supplier code on-demand and notify third party suppliers of code governance violations by automatically producing and sending a Coverity Software Integrity Report that summarizes the high-risk defects that exist in their software and components. Suppliers can also build policies aligned to established SLAs and self-certify their code upon delivery to their supply chain partners.

Manage Distributed Teams

Managing distributed teams can be a tremendous challenge. Too often managers lack the visibility into the problem areas in their organization that could impact product quality, time to market and overall customer satisfaction. Managers may have a sense that they have a problem area but they lack the concrete data and metrics to get to the root of the problem. Coverity Integrity Control provides managers with a means to establish and enforce consistent standards for quality, security and development efficiency across their organization. Managers can establish specific policies or benchmarks for the organization and track the performance of the individual teams against those policies for clear visibility into areas of risk.

Meet FDA Compliance

Coverity Integrity Control provides out-of-the-box policy management that assists organizations in meeting FDA guidelines for software validation and other organization-wide software development standards. Organizations can test their code against the specified policies, identify safety risks in medical device software, and visualize areas where improvement is necessary. Using this process throughout the software development cycle, development teams can follow regulatory guidelines while at the same time drive productivity and continuously improve overall software quality. In addition, the solution provides the ability to generate a Coverity Software Integrity Report that contains a snapshot into the state of the software and it's compliance to the regulatory guidelines. This report can be included in FDA Premarket Approval (PMA) submission, or can be used to provide ongoing validation as software is changed post release.

Learn more about Coverity solutions for Medical Devices.

Meet DISA STIG Compliance

Coverity Integrity Control provides out-of-the-box policy management for Defense Information Systems Agency Security Technical Implementation Guide (DISA STIG) compliance. STIG provides security guidance for use throughout the application development lifecycle. Now software development, design, and testing sites can test their code against the specified policies and ensure that they stay aligned to the DISA guidelines throughout the application development lifecycle. The solution provides visibility into the areas of code that do not adhere to the defined policies, pin-points the corresponding violations and the specific defects in code responsible for the violations. An automated Coverity Software Integrity Report can be generated at any time that contains a snapshot into the state of the software and it's compliance to the STIG guidelines.

Learn more about Coverity solutions for Aerospace and Defense.

Related News and Articles

Press Releases

News Articles

Featured Resources

White Paper

Datasheet

Demos

Webinars

Additional Links

Next Steps

Connect