On-the-Fly Source Code Analysis

Because you want to write code you will be proud of

Consumers demand technology that just works. Developers demand tools that give them the competitive edge. Klocwork enables organizations to meet those demands with compelling desktop tools that ensure secure, reliable code. Code you will be proud of.

We believe the right focus is to be developer focused. That is where the magic comes to life for our customers … with their developers … with you.

Watch the Presentation

Klocwork Insight Overview Demonstration (3:30 minutes)

The power of the desktop

What separates Klocwork Insight from other source code analysis tools is that we seamlessly integrate into your personal workflow, on your desktop. We don't change the way you work; we complement the way you work. We don't make you wait until after a build is run to show you potential security vulnerabilities or reliability issues, we show you "on-the-fly" as you are typing.

Start taking corrective action immediately, and submit more secure, reliable code into the build process.

Read the video transcription

Morley

Hi Morley here. I'm going to show you how Klocwork Insight analysis and productivity tools can improve the security and reliability of your code.

We'll also look at a couple of optional components that reduce the pain of code reviews and improve code base architecture.

OK, Let's get started.

Developers are key players in defending code against defects. Arming them with effective, easy-to-use tools is essential.

Every developer can use Insight. Our plug-ins integrate with top industry IDEs, including Visual Studio, Eclipse and IntelliJ IDEA, putting defect detection right into the developer workflow.

Users of text editors or unsupported IDEs have the option of Klocwork Desktop or command-line tools.

In Visual Studio, on-the-fly analysis detects defects as fast as developers code.

As developers work on new features and debug, they can be confident that desktop analysis will detect security vulnerabilities and critical defects.

Built-in C/C++ refactoring allows developers to improve code structure and reduce risk on the fly.

Here you can see how the function is extracted and replaced with a function call.

Developers are also alerted to other instances where this function occurs, making it possible to refactor in multiple places with a single click.

Klocwork Cahoots, our optional code review add-on, makes it dead-simple to launch pre-checkin code reviews from within an IDE. Post-checkin code reviews are also supported.

Defects identified by Insight are integrated into Cahoots, allowing developers to collaborate on proposed fixes.

Participating in code reviews is also a breeze. Cahoots provides a familiar social network look and feel, allowing team members to follow each other, projects and even code paths, and receive notifications of comments and pending actions.

After developers check their code in, Insight monitors the build process and uses data flow analysis to detect defects, and generate metrics and architectural information.

Build analysis data is then loaded into architectural analysis and reporting tools, giving development managers instant visibility across projects and code branches.

Software architects can optimize software design, maximize code reuse and conduct detailed impact analysis thanks to integrations with Headway Software's Structure 101 and Lattix LDM.

Klocwork Review is Insight's web interface for reporting and project management.

Out-of-the-box support for leading security standards like MISRA, CWE, DISA-STIG and OWASP make it simpler to track code compliance in software builds and on developer desktops. Tweak default coding standards or create your own using Insight's 200+ checkers.

Drag-and-drop reporting makes it easy to create almost any report to answer questions about the security and reliability of your code base.

Get fast information about how defects are distributed in the current build or across modules. Drill down into problematic components and assign critical defects to specific developers.

Create build custom dashboards to monitor key metrics, look for trends and make decisions to improve the development process.

From early defect detection at the developer desktop to powerful build reporting and architecture tools, Klocwork Insight is designed to help you ensure the security and reliability of your source code.

Thanks for watching!

The challenges of embedded development

You face continuous pressure to hit hard-wired release dates, to deliver secure, reliable, innovative code and throughout the release cycle, you need to continuously iterate as other developers impact your code. On-the-fly desktop analysis from Klocwork protects you and helps you deliver insanely cool code you will be proud of.

Take a look at what Klocwork offers:

From your desktop, you control your code on many fronts:

Start your free trial of Klocwork Insight today

In this section

Relevant Resources

WEBINAR: Static Analysis: Dispelling the Myths

There are a lot of myths about what static analysis tools can and can't do. Watch this short webinar where we'll dispel the myths and show you how using static analysis can help you develop the most secure code possible.

RESEARCH: The Value and Importance of Code Reviews

This exclusive study commissioned by Klocwork and conducted by Forrester Consulting provides valuable data and insights that will help you benchmark and improve your peer code review practices [...]