To get a trial key
fill out the form below
Team License (a basic version)
Enterprise License (an extended version)
* By clicking this button you agree to our Privacy Policy statement

Request our prices
New License
License Renewal
--Select currency--
USD
EUR
RUB
* By clicking this button you agree to our Privacy Policy statement

Free PVS-Studio license for Microsoft MVP specialists
* By clicking this button you agree to our Privacy Policy statement

To get the licence for your open-source project, please fill out this form
* By clicking this button you agree to our Privacy Policy statement

I am interested to try it on the platforms:
* By clicking this button you agree to our Privacy Policy statement

Message submitted.

Your message has been sent. We will email you at


If you haven't received our response, please do the following:
check your Spam/Junk folder and click the "Not Spam" button for our message.
This way, you won't miss messages from our team in the future.

>
>
PVS-Studio as a SAST solution

PVS-Studio as a SAST solution

PVS-Studio is included in the Forrester Research report "Now Tech: Static Application Security Testing, Q3 2020" as a SAST specialist. Adopting Static Application Security Testing (SAST) methodology improves application security and helps to reduce the impact of security flaws in application lifecycle. Forrester Research is a leading emerging-technology research firm providing data and analysis that defines the impact of technology change on business. The report is available by purchase or with a subscription with Forrester Research.

PVS-Studio helps improve code in three directions: quality, safety, and security.

Quality

No matter what software you develop, the code quality should be high — so that your clients encounter fewer problems, and you develop the project easier and at a lower cost.

The General Analysis diagnostics help find problems related to code quality. They detect:

  • array index out of bounds;
  • null pointer dereference;
  • incorrect function call;
  • synchronization problems;
  • and other defects.

You can find a list of the General Analysis diagnostics here.

Safety

Safety is especially important in software where defects may lead to serious consequences: loss of million dollars or even human lives. Applications in space industry, medicine, and mechanical engineering, have high safety requirements and must contain no errors.

To write safe code, developers use special standards (for example, MISRA C, MISRA C++, AUTOSAR Coding Guidelines).

PVS-Studio detects non-compliance with these standards. Tables of PVS-Studio's diagnostics and how they correspond to the safety standards:

If you work with the MISRA standards, you may need the MISRA Compliance report. You can generate it with utilities from PVS-Studio. Read more here.

Security

Secure code is resistant to malicious attacks: SQL injections, XXE, XSS, and others. Security is important in applications that work with user data (banking software, web applications, etc.).

To make applications secure, teams use secure software development life cycle (SSDLC). One of the life cycle stages is searching for security problems with SAST (static application security testing).

PVS-Studio is a SAST solution that searches for weaknesses and helps increase code security.

Tables that list PVS-Studio diagnostics and how they correspond to potential vulnerabilities and secure development standards:

The most dangerous and common weaknesses are listed in various tops. Find out how PVS-Studio helps fight these weaknesses:

Benchmark suites for testing code analyzers

Benchmarks help evaluate the abilities of static analyzers. It is a set of code fragments that help evaluate whether the analyzer finds problems and whether it issues false positives.

PVS-Studio's coverage of benchmarks is as follows:

  • Toyota ITC Benchmarks: 49%. The evaluation method is here.
This website uses cookies and other technology to provide you a more personalized experience. By continuing the view of our web-pages you accept the terms of using these files. If you don't want your personal data to be processed, please, leave this site.
Learn More →
Accept