Klocwork widens SAST continuous compliance coverage

September 10, 2020 //By Ally Winning
Perforce’s has announced a new release of the company’s Klocwork testing solution, which offers improved SAST continuous compliance coverage.
Perforce’s has announced a new release of the company’s Klocwork testing solution, which offers improved SAST continuous compliance coverage.

Klocwork is part of Perforce’s overall testing solution which features static application security testing (SAST), static analysis for functional safety compliance, enterprise-class web and mobile testing solutions, and compliance traceability. The single solution simplifies security defect analysis, and provides comprehensive coverage for multi-language apps.

The new release, Klocwork 2020.3, broadens Klocwork’s Continuous Compliance functionality with faster analysis, broader coverage, increased accuracy, and seamless integration into workflows.

Klocwork simplifies automated security testing by offering integrations for development and DevOps tools. This feature enables developers to run an analysis anywhere. The integrations includes support for desktop IDEs, CI/CD pipelines, containers, cloud build systems, and machine provisioning.

Klocwork eas designed to integrate seamlessly with CI/CD pipelines for the automation of Continuous Compliance to safeguard software from vulnerabilities with each commit. Klocwork’s Differential Analysis plays a large part in this by delivering fast results by analyzing only the files that have changed.

Klocwork 2020.3 includes an improved C# and Java analysis engine that has wider language support, better accuracy, and new defect detection.

Other improvements include:

• C# analysis engine provides greater accuracy with a 33%* increase to defect detection and the ability to write custom syntactic and interprocedural data-flow rules.

• Java analysis engine provides 130% greater accuracy with a 2.5% increase to defect detection and broader framework coverage.

• New and expanded security coding standard coverage and vulnerability checks for CWE, CERT, and PCI DSS.

• Klocwork Community — A framework for users to help shape the future of our coding standard coverage.

• New DevOps Integrations

◦ Klocwork Jenkins Plugin — Setup a security testing pipeline easily.

◦ Klocwork CLion IDE Plugin — Shift defect detection to your desktop.

More information

https://www.perforce.com/products/klocwork/whats-new

Related news

Collaborative code development controlled by versioning software

Audio added to SEGGER emUSB-Host

SEGGER launches  third product in  emCompress software range

IAR adds static code analysis in Linux build tools

 


Vous êtes certain ?

Si vous désactivez les cookies, vous ne pouvez plus naviguer sur le site.

Vous allez être rediriger vers Google.