Klocwork has reached the 9.5 version release of its Insight source code analysis (SCA) tool. Attempting to break open a new demand stream for its product, the company has adjusted its usage model to make it work on-the-fly in the style of a spellchecker to analyze code as a developer types. Klockwork is now making a conscious effort to move away from “batch processing” deployments where all code analysis is centralized; the company hopes to give C/C++ programmers the same kind of tools that many web developers are already used to.
With a direct emphasis on security vulnerability and defect detection, Klockwork asserts that source-code analysis should be viewed as a developer tool, not an audit tool. CEO Mike Laginski describes a new on-the-fly user model, where a developer’s interaction with the tool has been simplified. By underlining code defects in the style of spell checker as code is written, Insight then provides syntax and dataflow analysis, build comprehension, and incremental analysis running continuously in the background to ensure “thorough and highly accurate identification” of security vulnerabilities and critical defects.