Accelerate development with continuous static code analysis

The adoption of Agile methods, DevOps, and continuous integration (CI) has taken the velocity of software development to unprecedented levels ... and now Klocwork accelerates the pace by introducing continuous static code analysis (CSCA).

Continuous static code analysis is where comprehensive security, safety, reliability, and performance checkers meet continuous integration tools to provide rapid feedback on the health of incremental check ins across the development team. This is made possible by the unique architecture of the Klocwork analysis engine, designed to maximize scalability and performance for multiple concurrent analysis at a time. In other words, if you're delivering many releases a day, only Klocwork CSCA handles the frequency and complexity of code changes to give every developer accurate results without the analysis engine getting confused or slowing down.

Results where you want them

Klocwork integrates with popular CI tools, such as Jenkins and TeamCity, and supports any system that uses scripting and the command line. Along with on-the-fly analysis, this enables robust automated testing across the full spread of development activities: on the desktop as developers are coding, on incremental updates at check-in time, and during integration builds on the overall release. At any time, developers and testers get quick, insightful analysis to pinpoint issues and resolve them faster.

All checkers, all the time, or a customized set applied right when you want it, Klocwork meets your team right where testing happens.

More than just bugs

Klocwork is known as the most advanced static code analysis tool in the world, covering security, safety, reliability, and performance checks for C/C++, Java, and C#. Klocwork also measures compliance to many industry standards, helping you determine where the gaps are. Here's a sampling of the types of checks you'll get:

  • Buffer overflows
  • Un-validated user input
  • Injection
  • Cross-site scripting
  • MISRA
  • OWASP
  • CWE/SANS Top 25
  • CERT
  • Memory leaks
  • Dereferencing NULL pointers
  • Concurrency violations
  • Infinite loops
  • Usage of uninitialized data
  • Resource management
  • Memory allocation errors

Plus, our analysis engine can be tailored to enforce different rules to meet your specific testing and standards compliance needs. With Checker Studio, you get a complete and open customization environment through the web that's easy to use for anyone familiar with XML - no proprietary language training necessary.

Klocwork is used in many of the largest, most demanding software development environments in the world. Try it on your code today by requesting a free product trial.

Learn more about our capabilities.