Klocwork is part of Perforce’s overall testing solution which features static application security testing (SAST), static analysis for functional safety compliance, enterprise-class web and mobile testing solutions, and compliance traceability. The single solution simplifies security defect analysis, and provides comprehensive coverage for multi-language apps.
The new release, Klocwork 2020.3, broadens Klocwork’s Continuous Compliance functionality with faster analysis, broader coverage, increased accuracy, and seamless integration into workflows.
Klocwork simplifies automated security testing by offering integrations for development and DevOps tools. This feature enables developers to run an analysis anywhere. The integrations includes support for desktop IDEs, CI/CD pipelines, containers, cloud build systems, and machine provisioning.
Klocwork eas designed to integrate seamlessly with CI/CD pipelines for the automation of Continuous Compliance to safeguard software from vulnerabilities with each commit. Klocwork’s Differential Analysis plays a large part in this by delivering fast results by analyzing only the files that have changed.
Klocwork 2020.3 includes an improved C# and Java analysis engine that has wider language support, better accuracy, and new defect detection.
Other improvements include:
• C# analysis engine provides greater accuracy with a 33%* increase to defect detection and the ability to write custom syntactic and interprocedural data-flow rules.
• Java analysis engine provides 130% greater accuracy with a 2.5% increase to defect detection and broader framework coverage.
• New and expanded security coding standard coverage and vulnerability checks for CWE, CERT, and PCI DSS.
• Klocwork Community — A framework for users to help shape the future of our coding standard coverage.
• New DevOps Integrations
◦ Klocwork Jenkins Plugin — Setup a security testing pipeline easily.
◦ Klocwork CLion IDE Plugin — Shift defect detection to your desktop.