Pour obtenir une clé
d'essai remplissez le formulaire ci-dessous
Demandez des tariffs
Nouvelle licence
Renouvellement de licence
--Sélectionnez la devise--
USD
EUR
RUB
* En cliquant sur ce bouton, vous acceptez notre politique de confidentialité

Free PVS-Studio license for Microsoft MVP specialists
To get the licence for your open-source project, please fill out this form
** En cliquant sur ce bouton, vous acceptez notre politique de confidentialité.

I am interested to try it on the platforms:
** En cliquant sur ce bouton, vous acceptez notre politique de confidentialité.

Votre message a été envoyé.

Nous vous répondrons à


Si vous n'avez toujours pas reçu de réponse, vérifiez votre dossier
Spam/Junk et cliquez sur le bouton "Not Spam".
De cette façon, vous ne manquerez la réponse de notre équipe.

>
>
PVS-Studio as a SAST solution

PVS-Studio as a SAST solution

PVS-Studio is included in the Forrester Research report "Now Tech: Static Application Security Testing, Q3 2020" as a SAST specialist. Adopting Static Application Security Testing (SAST) methodology improves application security and helps to reduce the impact of security flaws in application lifecycle. Forrester Research is a leading emerging-technology research firm providing data and analysis that defines the impact of technology change on business. The report is available by purchase or with a subscription with Forrester Research.

PVS-Studio helps improve code in three directions: quality, safety, and security.

Quality

No matter what software you develop, the code quality should be high — so that your clients encounter fewer problems, and you develop the project easier and at a lower cost.

The General Analysis diagnostics help find problems related to code quality. They detect:

  • array index out of bounds;
  • null pointer dereference;
  • incorrect function call;
  • synchronization problems;
  • and other defects.

You can find a list of the General Analysis diagnostics here.

Safety

Safety is especially important in software where defects may lead to serious consequences: loss of million dollars or even human lives. Applications in space industry, medicine, and mechanical engineering, have high safety requirements and must contain no errors.

To write safe code, developers use special standards (for example, MISRA C, MISRA C++, AUTOSAR Coding Guidelines).

PVS-Studio detects non-compliance with these standards. Tables of PVS-Studio's diagnostics and how they correspond to the safety standards:

If you work with the MISRA standards, you may need the MISRA Compliance report. You can generate it with utilities from PVS-Studio. Read more here.

Security

Secure code is resistant to malicious attacks: SQL injections, XXE, XSS, and others. Security is important in applications that work with user data (banking software, web applications, etc.).

To make applications secure, teams use secure software development life cycle (SSDLC). One of the life cycle stages is searching for security problems with SAST (static application security testing).

PVS-Studio is a SAST solution that searches for weaknesses and helps increase code security.

Tables that list PVS-Studio diagnostics and how they correspond to potential vulnerabilities and secure development standards:

The most dangerous and common weaknesses are listed in various tops. Find out how PVS-Studio helps fight these weaknesses:

Benchmark suites for testing code analyzers

Benchmarks help evaluate the abilities of static analyzers. It is a set of code fragments that help evaluate whether the analyzer finds problems and whether it issues false positives.

PVS-Studio's coverage of benchmarks is as follows:

  • Toyota ITC Benchmarks: 49%. The evaluation method is here.
Unicorn with delicious cookie
Nous utilisons des cookies pour améliorer votre expérience de navigation. En savoir plus
Accepter