.
HP Fortify Static Code Analyzer helps verify that the software is trustworthy, reduce costs, increase productivity and implement secure coding best practices. Static Code Analyzer automates all aspects of successful SSA program, scans source code, identifies root causes of software security vulnerabilities and correlates and prioritizes results--giving line-of-code guidance for closing gaps in the security. To verify that the most serious issues are addressed first, it correlates and prioritizes results to deliver an accurate, risk-ranked list of issues.
Points: 0
You voted ‘up’
Parasoft Development Testing Platform (DTP) enables Continuous Testing. Leveraging policies, DTP consistently applies software quality practices across teams and throughout the SDLC. It enables your quality efforts to shift left-delivering a platform for automated defect prevention and the uniform measurement of risk.
Batik is a pure-Java library that can be used to render, generate, and manipulate SVG graphics. (SVG is an XML markup language for describing two-dimensional vector graphics.). Batik provides a set of core modules that provide functionality to:
The Batik distribution also contains a ready-to-use SVG browser (called Squiggle) making use of the above modules.
CodeTrax can be used to ensure compliance with coding standards. The tool automates the code review process and reduces the effort and resources required. CodeTrax allows the user to benchmark the code developed in C against user defined coding standards. This product can be used any time during the project life cycle. However the best use of this product is from the start of the coding phase and while performing static analysis.
VectorCAST/QA enables teams to implement consistent and repeatable processes for managing test activities and reporting key quality metrics.
LDRArules is a stand-alone rules checker that doesn't require investment in a complete tool chain. It enforces compliance with industry- or user-defined coding standards and provides clear visibility of software flaws that might typically pass through the build and test process and become latent problems.
LDRArules helps to see how your source code:
CodeSonar has been proven to provide the deepest static analysis, finding more critical defects than other static analysis tools on the market. CodeSonar has performed best on several static analysis tool benchmarks in finding static memory, resource management, concurrency, and other defects.
By analyzing both source code and binaries, CodeSonar enables teams to analyze complete applications, enabling you to take control of your software supply chain and eliminate the most costly and hard-to-find defects early in the application development lifecycle.
SonarQube -the open source quality platform- has become a must-have of any mature development projects. SonarQube is a code quality management platform, dedicated to continuously analyze and measure technical quality, from the projects portfolio to the class method. The SonarQube platform provides Continuous Inspection capability on applications portfolios to track quality defects and report them into customizable dashboards (technical debt, test coverage, duplications, architecture integrity, rule compliance, complexity, etc.). SonarQube performs analysis on billions lines of code.
EclEmma is a free Java code coverage tool for Eclipse, available under the Eclipse Public License. It brings code coverage analysis directly into the Eclipse workbench: Fast develop/test cycle: Launches from within the workbench like JUnit test runs can directly be analyzed for code coverage. Rich coverage analysis: Coverage results are immediately summarized and highlight;ed in the Java source code editors. Non-invasive: EclEmma does not require modifying your projects or performing any other setup. Since version 2.0 EclEmma is based on the JaCoCo code coverage library. The Eclipse integration has its focus on supporting the individual developer in an highly interactive way.
Patterson Consulting's Test Design Studio is an exciting product that serves as an integrated development environment (IDE) for Unified Functional Testing (formerly QuickTest® Professional) scripts, VBScript files, and other assets used for test automation. Extensive support for HPE ALM (Application Lifecycle Management, formerly Quality Center) assures tight integration with the tools you use.
AppPerfect Java Unit Test is a complete unit testing system. It automates the generation and execution of unit tests. Unit testing forms the basis of software testing at the developer level. It is sometimes referred to as "developer testing". AppPerfect Java Unit Tester is ideal for implementing Agile development and testing methodology in your organization.
AppPerfect Java Unit Test uses the JUnit testing framework for generation and execution of test cases for Java source files. It uses the HtmlUnit framework for generation and execution of test cases for JSP files. AppPerfect Java Unit Test builds on concepts of mock objects and provides a complete framework to define and manage reusable simulated objects defined in your applications.
AppPerfect Java Code Test is a static Java code analysis software designed to perform the following two key tasks: Automate Java code review and Enforce Good Java Coding Practices. AppPerfect Code Test analysis your Java and Java Server Pages (JSP) source code and applies over 750 Java coding rules to apply the collective knowledge of leading experts in the Java programming field to your code.
Polyspace Bug Finder™ identifies run-time errors, concurrency issues, security vulnerabilities, and other defects in C and C++ embedded software. Using static analysis, including semantic analysis, Polyspace Bug Finder analyzes software control, data flow, and interprocedural behavior. By highlighting defects as soon as they are detected, it lets you triage and fix bugs early in the development process.
Polyspace Bug Finder checks compliance with coding rule standards such as MISRA C®, MISRA C++, JSF++, and custom naming conventions. It generates reports consisting of bugs found, code-rule violations, and code quality metrics, including cyclomatic complexity. Polyspace Bug Finder can be used with the Eclipse™ IDE and integrated into build systems.
RevDeBug Reverse Debugger for .NET RevDeBug records what an application does “under the hood” on each line of code and allows you to step backwards in time, which helps in finding the root causes of bugs. Finally you don’t need to restart your debugging session over and over again. Now you can trace the root cause of bugs just by stepping back in time.
Assess software reliability, security, and conformance to ISO coding best practices while reducing development time.
The Coverity® Code Advisor solution includes Coverity Quality Advisor and Coverity Security Advisor. The solution surfaces quality and security defects in the developer workflow, with accurate and actionable remediation guidance, based on patented techniques and a decade of research and development and analysis of over 10 billion lines of proprietary and open source code.
Unity is a unit test framework written entirely in the C language. It is lightweight and possesses special features for embedded systems. Unity has scaled well from small to large embedded projects but can be used for any C project. At only one source file and a couple of header files, it doesn’t get much smaller.
JCR (or jcodereview) is a web-based tool for performing and managing code reviews. It can be used for code in any language, but provides some extra features for Java. It can be used for reviews of any type of source code, although it has some special smarts for reviewing Java projects. It has special features to make large-scale reviews not only practical but easy and fast. JCR is intended to assist: Reviewers, Project owners, Process bigots, Architects and developers. JCR is generally targeted at larger-scale and more formal code reviews than other review tools (such as Crucible, Review Board, Rietveld and Codestriker). JCR is used to review more than half of the code.
FindBugs is a defect detection tool for Java that uses static analysis to look for more than 200 bug patterns, such as null pointer dereferences, infinite recursive loops, bad uses of the Java libraries and deadlocks. FindBugs can identify hundreds of serious defects in large applications (typically about 1 defect per 1000-2000 lines of non-commenting source statements). FindBugs is open source, and has been downloaded more than 230,000 times, and is used by many major companies and financial institutions.
Findbugs can be used from the command line or within ant, eclipse, maven, netbeans and emacs.
LDRAcover is a stand-alone code coverage tool that doesn’t require investment in a complete tool chain. LDRAcover addresses the rigorous structural coverage objectives of standards such as DO-178B/C (Avionics) up to and including Level A as well as other safety-critical software applications. LDRAcover lets you quickly and easily view coverage analysis results such as callgraphs, flowgraphs, and code coverage reports in an interactive easy-to-use interface with powerful filtering capabilities.
T3 is a powerful automated unit testing tool to test Java classes. Given a target class to test, it randomly generates sequences of calls to the class' methods to test it. It catches unexpected exception; but if you had written assertions in the class, then violations to those will be caught as well. T3 is the successor of T2. The main idea is still the same as T2, however the engine has been completely revamped. Internally, T3 makes a lot of use of Java 8's closures, to make its generators infrastructure more customizable
Collector runs the NCover Service, which does the code profiling, but projects cannot be created or modified in Collector, and are pushed down from Code Central in a read-only view.
Each Collector is connected to the Code Central server. After Collector gathers coverage on a locally-running executable or unit test, it automatically sends the coverage data to Code Central, where it can be fully analyzed.
Cleanscape TestWise is a software visualization toolkit for testing, analyzing, and understanding C or C++ programs on UNIX, Linux or Windows platforms. TestWise allows developers to integrate redundant test processes into an automated test process that helps them identify and eliminate problems early in the development cycle-- reducing resource allocation while increasing software quality. TestWise is powerful software visualization and analysis toolset that automates test and maintenance of software applications for faster, better, smarter, cheaper and cleaner software development.
TestWise include the following testing utilities:
Application to record tests for Celerity, SODA, WatiR, and WatiN. Tests can be saved and compiled into an executable or assembly.
SourceMeter is a simple, command line-based QA tool for static source code analysis of Java projects. This tool makes it possible to find the weak spots of a system under development from the source code. Rule violations are based on an optimized version of the widely used PMD rule–set as well as a collection of unique rules developed specifically for source code quality management. Using the results of the analysis, the quality of the analyzed source code can be improved and developed both in the short– and long term in a directed way. All features of SourceMeter are free, except the VulnerabilityHunter and FaultHunter modules.
AgitarOne JUnit Generator is a comprehensive server-based solution for creating, using, and managing unit-level tests for Java code. AgitarOne JUnit Generator creates tests that document the behavior of your code as it exists today. Powered by Agitar's innovative software agitation technology, the analysis that AgitarOne JUnit Generator performs on your code routinely achieves JUnit coverage of 80% or better. With a sufficient server configuration it can generate 250,000 lines or more of JUnit per hour.
EMMA is a fast Java code coverage tool based on bytecode instrumentation. It is an open-source toolkit for measuring and reporting Java code coverage. EMMA distinguishes itself from other tools by going after a unique feature combination: support for large-scale enterprise software development while keeping individual developer's work fast and iterative.
Crucible is a collaborative code review application. It is a Web-based application primarily aimed at the enterprise, and certain features that enable peer review of a codebase may be considered enterprise social software. Crucible is particularly tailored to distributed teams, and facilitates asynchronous review and commenting on code. Crucible also integrates with popular source control tools, such as Git and Subversion.Code reviews = quality code. Review code, discuss changes, share knowledge, and identify defects with Crucible's flexible review workflow. It's code review made easy for Subversion, CVS, Perforce, and more.
Leveraging our core capabilities, QA·C++ is the most sophisticated static analysis solution for advanced C++ environments, combining language compliance (up to the latest C++11 version) with advanced language and dataflow analysis. With compliance packages for MISRA C++, HIC++ and JSF AV C++ coding standards, QA·C++ offers an automated, highly effective means of analyzing your code against your chosen coding standard, with metrics and code structure visualizations bringing a further level of clarity to complex C++ projects.
AgitarOne Agitator provides a unique interactive understanding of code behavior as a developer writes or modifies Java classes or methods. Agitation helps developers validate the expected behavior of their code and discover unexpected behaviors. Agitator automatically creates dynamic test cases, synthesizes sets of input data, and analyzes the results. When objects depend on other objects, Agitator automatically constructs those objects, enabling full analysis of the possible behaviors of the code, even if it depends on third-party libraries.
Squish Coco utilizes source code instrumentation to analyze the applications' source code. No changes to the source code are necessary. Executing a test suite against an instrumented application produces data that Squish Coco can analyze. This analysis can be used to ensure that complete test coverage is achieved since it:
Klocwork helps developers create more secure and reliable software. Klocwork puts static code analysis at the desktop, identifying critical safety, reliability, and coding standards issues in front of developers' eyes - well before check in. Unlike other static code analysis tools, Klocwork integrates seamlessly into desktop IDEs and into the team's natural workflow. Mirroring how code is developed, Klocwork prevents defects and finds vulnerabilities on-the-fly, as code is being written.
ReSharper is the leading productivity tool for .NET developers, which fully integrates with Microsoft Visual Studio 2010, 2012, 2013 and 2015. It helps developers create and improve code in C#, VB.NET, ASP.NET, ASP.NET MVC, JavaScript, TypeScript, CSS, HTML, XML, and XAML. ReSharper makes thousands of .NET developers worldwide more productive by providing code inspections, automated refactorings, blazing fast navigation, and coding assistance.
Isolator++ enables easy unit testing of existing and new C++ code on Windows 32/64 bit. Isolator++ allows you change the behavior of dependencies in your code, without changing it. You build a test application using the framework of your choice (GoogleTest, UnitTest++, CppUnit, etc.), include Isolator++ header file, link with the Isolator++ library and then use the Isolator++ APIs in your tests to change the behavior of method calls to dependencies. All this without changing their code. Isolator++ contains innovative features to keep your tests short, readable and robust.
Update Tool Summary HERE
QualityGate is a comprehensive software quality management platform capable of calculating exact quality values from source code using a wide range of software quality metrics. It is empowered by a quality model conforming to the ISO/IEC 25010 standard and has a built-in benchmark containing analysis data from a large number of both open and closed source systems. This makes it possible to calculate objective quality attributes and estimate upcoming development costs out of the box.
Theme by Danetsoft and Danang Probo Sayekti
