Advances software assurance for enterprise development teams with Fortune 500-grade Java capabilities, and C/C++ concurrency analysis
BURLINGTON, Mass. — Oct 31, 2006 — Klocwork Inc., the proven leader of automated software for improving software security and quality, today announced the release of Klocwork K7.5. The release of Klocwork K7.5 furthers the company’s leadership position as the only enterprise-grade static analysis product suite to support both Java and C/C++ based software development environments. K7.5 expands Java source code analysis capabilities with the addition of a total of 66 new Java Checkers (17 security and 49 quality defect checkers). In addition, K7.5 includes JSP conversion capability which detects errors in the Java Server Pages used by many organizations. Other notable capabilities of Klocwork K7.5 include:
- New detection of critical Java errors: K7.5 has added the ability to detect critical run-time impacting and security errors.
- Expanded IDE support: K7.5 enables developers to better identify and manage potential defects in their preferred IDEs with plug-ins for Eclipse 3.1 and 3.2, Wind River Workbench 2.4 and 2.5, QNX Momentics 6.3 as well as IBM’s Rational Application Developer 6.0. Klocwork has also expanded its support for Microsoft Visual Studio 2005 with automated solution and project file parsing. Klocwork also is committed to support IntelliJ and NetBeans as an upcoming point release.
- Integration with Ant for Java builds: Organizations with large Ant build environments can automatically integrate Klocwork static analysis into their builds, greatly reducing integration time and ensuring complete analysis.
- Holistic reporting capabilities: Klocwork remains the only static analysis solution provider to offer comprehensive analysis capabilities that provide quality and security metrics and trending reports as well as architectural modeling tools.
- Customizable extensibility API: K7.5 allows users to create and deploy custom rules to monitor quality and security in Web applications, security applications, telecom/network modules, and mobile code.
- New C/C++ checkers: To assist developers writing software to support dual or multi-core systems, Klocwork has added several concurrency checkers to address some of the challenges and take advantage of the benefits unique to this environment.
“Our expanded support for Java and extending the individual developer’s ability to integrate us into their personal development environment reflects a tremendous surge in the importance of enterprise-grade Java development, and how static analysis is central to improving product quality and security across all development projects,” said Ian Gordon, vice president of product management at Klocwork. “We are fortunate to have some of the largest companies in the world using our Java and C/C++ product and by working closely with them we are raising the bar for enterprise-grade static analysis solutions for their Java and C/C++ development projects. Klocwork K7.5 incorporates their feedback on relevant new capabilities to complement our industry-leading defect and vulnerability identification, architectural analysis, and comprehensive software metrics and reporting tools. The extended capabilities of K7.5 will significantly increase the categories of potential problems that organizations can find early in the development lifecycle, while saving valuable time and money as part of the process.”
Customer support for the Klocwork enterprise suite has been positive:
“Klocwork’s code analysis suite gives us broad visibility into the critical metrics of our software products — from architecture and design visibility to sophisticated error detection to code maintainability. Essentially, everything we need to manage the risks and maintain high quality within our entire software stack is in the Klocwork product suite.” – Director Software Quality Assurance, Thomson, Inc.
“As a leading provider of host-based intrusion defense systems, Third Brigade is firmly committed to using the best possible tools and techniques in developing our software. Klocwork’s C++ and Java static analysis is integrated into our development process and provides an excellent tool to analyze our software to help further minimize security vulnerabilities and software defects.” – CTO, Third Brigade
As part of Klocwork’s ongoing analysis of open source software, the company also announced the results of its analysis of the following open source Java projects using K7.5: JBoss Application Server, Limewire, and HSQLDB, demonstrating significant numbers of important defects and maintainability problems found. For more details, please visit www.g2zero.com.
Klocwork recently announced strong business momentum by increasing its customer base to 125 and successfully doubling its client roster for two consecutive years. Klocwork clients include: Avaya, Barclays Bank, Bose, Cisco Systems, Iskratel, Motorola, Qualcomm, Texas Instruments, and the United States Army. In addition, Klocwork is a primary contributor to G2Zero, an online community launched in July 2006 that is dedicated to furthering the discussion on how organizations can improve software quality. With its name derived from the holy grail of software development — “getting to zero” defects and security vulnerabilities — G2Zero offers original commentary and analysis as well as links to relevant news, discussions, and other software-quality-related content on the Web.
Klocwork helps developers create more secure and reliable software. Our tools analyze source code on-the-fly, simplify peer code reviews, and extend the life of complex software. Over 1000 customers, including the biggest brands in the mobile device, consumer electronics, medical technologies, telecom, military and aerospace sectors, have made Klocwork part of their software development process. Thousands of software developers, architects, and development managers rely on our tools everyday to improve their productivity while creating better software.