Integrated solution for software integrity

Coverity and Armorize Technologies announced the integration of Coverity Static Analysis and Armorize CodeSecure. This partnership is intended to deliver a combined solution that unifies quality and security analysis.

Together, the products will enable development teams to address security vulnerabilities as software code is written. Developers will be able to perform both security and quality analysis at every iteration without having to become security experts or being forced to use security audit tools.

“Despite advances made in software security over the last ten years, there continues to be a disconnect between security and development that creates risk by leaving critical business applications vulnerable to attack,” said Caleb Sima, CEO of Armorize Technologies. “We’ve been forcing developers to adapt to security, but the only effective way to address this risk is to have security adapt to the way developers work. Not the other way around. The Coverity and Armorize integration will be the first step in solving this problem.”

This partnership is designed to provide value to developer and security teams by:

  • Unifying quality and security into a combined and integrated solution: Coverity and Armorize will provide the first integrated development and security source code analysis solution.
  • Providing actionable security for development: Developers will be more easily able to take action and fix high priority security vulnerabilities and quality defects using their existing development and triage workflow.
  • Improving the collaboration between security and development: Will provide security and development with the ability to collaborate on fixing security vulnerabilities with every iteration, without requiring developers to become security experts.

The planned integrated offering from Coverity and Armorize is intended to provide:

  • Project visibility and security policy enforcement to help security teams automatically be notified of active development projects and easily set security policies aligned to the development project goals, type of application, and project-specific standards.
  • Continuous quality and security analysis with every code change and iteration and resolution management of both quality and security defects in the developer’s existing workflow.
  • Software integrity and compliance reporting for both security teams and quality teams so security experts know when vulnerabilities are fixed and development knows overall state of defect resolution.

Don't miss