SlideShare ist ein Scribd-Unternehmen logo

[India Merge World Tour] Coverity

Perforce
Perforce

Presentation from Coverity at the Merge World Tour in India - Coverity P4 Conference

Technologie
1 von 35
Downloaden Sie, um offline zu lesen
Coverity Development Testing Accelerating Risk Mitigation through Continuous Integration and Development Testing Raj Mathur Country Manager Coverity India
“Software is Eating the World” Software - Marc Andreessen Health Financial Communications SCM / Logistics Enterprise Mobile 81% of business leaders believe technology is a fundamental element of their business model Over 60 million tablets and 175 million smart phones will be in the workplace by the end of 2012 By 2016, open source software will be included in mission-critical applications within 99% of Global 2000 enterprises Automotive
Our Value Development Testing is transforming software development by: Reducing operational costs Accelerating development and time to market Protecting brands from catastrophic failure
Why All the Risk? Software Complexity and Speed Have Outpaced Legacy Testing Methods Development Testing Software Complexity Time to Market Testing Methods Security Testing Functional Testing Performance Testing Manual Testing
Fewer defects escape dev Design Development QA + Security Audit Deployment Our Mission and Passion: Moving Quality, Security and Testing to the Left 5x cost 10x cost 30x cost
Transformation Maturity Model 8 Development Testing Adoption Integration into SDLC Level 1 Automatic Defect Detection Detection of critical quality and security defects as part of SW build process. No new defects introduced. Level 2 Identification of Residual Risk Level 3 Developer Workflow Optimization Integration into the existing SDLC using a common workflow for all defects and test effectiveness issues. Level 4 Code Governance Establish and enforce consistent source code quality and security policies. Establish source code acceptance criteria. Level 5 Enterprise Code Assurance All legacy defects eliminated, build fails if new defects are introduced. All critical code and code impacted by change is tested. High High Identification of areas of risk caused by insufficient automated testing. Ensure critical code is prioritized and tested.
How Static Analysis Works 9 Explains the location and root cause of defects Manage and share triage of defects across teams Mimicks the behavior of dozens of compilers Integrates with existing build systems Statically tests all execution paths Finds defects and inconsistent coding patterns Analyze Build Present & Manage
Meaningful, real results Focus on finding real defects, not style violations or superficial issues. Over 12 years of experience analyzing open source and commercial code. Industry-leading low false positive rate False positive rates typically below 15%. False positives waste time, hinder adoption, and reduce trust in the results. Broadest Checker Library + Deepest Algorithms Optimal balance of breadth, depth, and scalability to large code bases. High Quality Results 10 Confidential: For Coverity and Partner use only. Copyright Coverity, Inc., 2011
We Find Critical Defects •  Tomcat Webserver 5.5.17 •  Open source server for web applications •  Among several hundred defects, we found a “reverse lock bug” that can lead to deadlock of the entire server •  Very rare event - Very hard to find with traditional testing
Unit Testing Effectiveness High Risk Code High Risk Code
Risk Mitigation 13 In my critical code, each component whose behavior was modified (directly or indirectly) in the last release must be 100% tested (excluding error-handling) Organization Defines a Test Policy Test Advisor Evaluates Test Policy Developers Get Actionable Work Items Existing Coverity Static Analysis Engine + New Tools that we Built Consistent UI
Risk Mitigation Architecture 14 For Coverity and Partner use only. Copyright Coverity, Inc., 2012 Test Advice Actionable work items to address risk due to inadequate testing Test Policy Evaluation •  Critical code analysis •  Change impact analysis •  Test execution analysis Test Monitoring Code Ownership and Change History Static Code Analysis Customized Test Policy
Automate testing within the inner loop of development 01001011 0101101011001 01101011000011 010100101101 01011001 Writes code 01 Creates unit test Analyzes code Fixes critical issues Interprocedural quality and security defects New tests required because of change impact Source Control Management System Centralized build is generated Assigned back to appropriate developer New issues are found Prioritized defects Prioritized tests
Integration into development workflow IDE | Defect tracking | SCM | Build/CI | ALM Analysis Accuracy Proven false positive rate of less than 10% on codebases over 1M lines of code Remediation Guidance Show path to defect and fix guidance in context of developer’s code patent-pending security remediation engine Performance and Scale Proven scale on codebases up to 100M Analysis runs in minutes to hours vs. days to weeks The industry’s first developer-friendly software testing platform “Coverity enables developers to produce secure code and gives developers a more positive attitude about addressing security, while ultimately leads to fixing defects.” -Gerold Hubner, Chief Product Security Officer at SAP
The Workflow 17 • Security Audits • Product Release Management (For illustration only – other workflow integrations possible) QA Nightly/Continuous Build • Desktop Analysis • Review defects • Prioritize actions • Make fixes •  Track progress Code Check In Static Analysis Results • Functional Testing • Performance Testing • Stress Testing • Integration Testing Development Product Release & Management Static Analysis Results
Issue Responsibility Is Critical 18
Ingredients for Success 19 Code Build Test Nightly Build Continuous Integration High-Fidelity Code Compilation High- Performance Analysis Low False Positive Rate Detecting Critical Defects Easy Defect Navigation and Comprehension Comprehensive Triage and Remediation Management Visibility and Governance Team Collaboration
Ingredients for Success 20 Code Build Test Nightly Build Continuous Integration High-Fidelity Code Compilation High- Performance Analysis Low False Positive Rate Detecting Critical Defects Easy Defect Navigation and Comprehension Comprehensive Triage and Remediation Management Visibility and Governance Team Collaboration Developer Adoption Workflow Integration Management Oversight
Governance with Metrics Automated high-fidelity analysis on daily basis 21 Fast and educated triage of results to categorize and prioritize issues Accurate Data Precise actions based on comprehensive data analysis Trusted Data
Organizational ‘Heat Map’ Confidential: For Coverity and Partner use only. Copyright Coverity, Inc., 2013 22
Gain executive level visibility into risk Across teams, projects and components
Common usage scenarios 24 For Coverity and Partner use only. Copyright Coverity, Inc., 2013 Increase development testing adoption and ROI Metrics to track adoption •  Daily unique users •  Monthly unique users •  Issues introduced •  Issues resolved •  And many others …
Common usage scenarios 25 For Coverity and Partner use only. Copyright Coverity, Inc., 2013 Improve time to market Early visibility into issues •  Outstanding issue count •  Resolved issue count •  Outstanding issue by impact •  Defect density •  And many others …
Common usage scenarios 26 For Coverity and Partner use only. Copyright Coverity, Inc., 2013 Mitigate risk Establish a stage gate with risk metrics •  Defect density •  Outstanding issues by impact •  Test policy violations •  And many others …
Coverity Development Testing Platform Security Advisor Test Advisor Analysis Packs Coverity SAVE™ Static Analysis Verification Engine SDLC Integrations Policy Manager Quality Advisor Architecture Analysis Dynamic Analysis Java FindBugs™ Analysis Analysis Integration Toolkit Coverity Connect Test Execution Third Party Metrics Build/ Continuous Integration HP ALM IDE Code Coverage Defect Tracking SCM Confidential: For Coverity and Partner use only. Copyright 2012 Coverity, Inc.
Analyze Accurately detect issues difficult to find through traditional testing Remediate Quickly and efficiently manage issues to resolution Govern Enforce a consistent standard for quality, security and testing Three Step Process to Development Testing 28 For Coverity and Partner use only. Copyright Coverity, Inc., 2012
Analysis Foundation: Coverity SAVE® Static Analysis Verification Engine Award-winning analysis engine with patented techniques based on a decade of R&D and analysis of over 5 billion lines of proprietary and open source code 29 Interprocedural Data Flow Boolean Satisfiability Global Data Flow Change Impact Analysis Accurate Compilation False Positive Intelligence White Box Fuzzer Enterprise Framework Analyzer Proprietary Code | Open Source Code Statistical Analysis Language Idioms And Design Patterns
Issues Manage defects and untested code violations in a single interface and with a robust repository Developers Workflow Coverity Connect: Collaborative Issue Mgmt. Connecting… Collaborate across distributed teams with and enterprise framework Manage issues within your standard SDLC 30 For Coverity and Partner use only. Copyright Coverity, Inc., 2012
Remediate Critical Quality Defects Leveraging a Robust Issue Management Repository Prioritize and filter based on impact Identify the exact path to the defect Automatically assign defects to owners Automatically identify every occurrence of a defect across branches CWE compatible mapping and knowledge base 31 For Coverity and Partner use only. Copyright Coverity, Inc., 2012
Analyze and Remediate Defects From Within the Eclipse or Visual Studio IDE 32 For Coverity and Partner use only. Copyright Coverity, Inc., 2012
33 Customers •  Over 1,100 customers (5.0B LOC under mgmt) •  18 of top 20 sw/hw firms., •  10 of 10 A&D Firms •  8 of 10 Telecom •  4 of 5 Security Firms •  4 of 5 Exchanges •  ‘Gate’ (mandate) across supply chain for many of the products that you use today! •  300 open source projects Financial •  Fastest growing company in the sector •  Record revenue growth 3+ years in a row •  Almost three times the market share of the nearest vendor - VDC •  Backing from Benchmark Capital and Foundation Capital Company •  Founded in 2003 at Stanford University Research Lab •  DHS Standard - Open Source Scan (14B LOC) •  #1 in software quality analysis - IDC (2012) •  #1 in Development Testing (transformation) – Voke 2012 •  300 employees, 11 offices, 10 countries Coverity: Leader in Development Testing Technical Leadership •  Andy Chou, CTO & Founder •  Dr. Dawson Engler, Prof Stanford University, Grace Murray Hopper Award (2009) •  Dr. Andreas Kuehlmann, Prof Cal, Past President of EDA Council of IEEE •  Over a dozen patents •  CODiE Award finalist 2013 best security solution •  CODiE Award winner 2012 best software development solution
Over 1,100 of the World’s Leading Brands use Coverity 34
Thank You India Office Address : Coverity (India) Pvt Ltd., Level 14, Concorde Towers UB City, #1, Vittal Mallya Road Bangalore – 560 001 Tel: +91 80 6759 0494 Mob: +91 98801 66186 eMail : rmathur@coverity.com

Empfohlen

Static Analysis of Your OSS Project with Coverity
Static Analysis of Your OSS Project with CoverityStatic Analysis of Your OSS Project with Coverity
Static Analysis of Your OSS Project with CoveritySamsung Open Source Group
 
От хаоса к автоматизации тестирования на примере Backend
От хаоса к автоматизации тестирования на примере BackendОт хаоса к автоматизации тестирования на примере Backend
От хаоса к автоматизации тестирования на примере BackendCOMAQA.BY
 
Code Coverage
Code CoverageCode Coverage
Code CoverageErnani Omar Cruz
 
Static Analysis Techniques For Testing Application Security - Houston Tech Fest
Static Analysis Techniques For Testing Application Security - Houston Tech FestStatic Analysis Techniques For Testing Application Security - Houston Tech Fest
Static Analysis Techniques For Testing Application Security - Houston Tech FestDenim Group
 
Generic Test Automation Architecture
Generic Test Automation ArchitectureGeneric Test Automation Architecture
Generic Test Automation ArchitectureTestingCR
 
How to Embed Codeless Test Automation Into DevOps
How to Embed Codeless Test Automation Into DevOpsHow to Embed Codeless Test Automation Into DevOps
How to Embed Codeless Test Automation Into DevOpsPerfecto by Perforce
 
Solving the 3 Biggest Questions in Continuous Testing
Solving the 3 Biggest Questions in Continuous TestingSolving the 3 Biggest Questions in Continuous Testing
Solving the 3 Biggest Questions in Continuous TestingPerfecto by Perforce
 
Agile vs. DevOps for Continuous Testing: How to Optimize Your Pipeline
Agile vs. DevOps for Continuous Testing: How to Optimize Your PipelineAgile vs. DevOps for Continuous Testing: How to Optimize Your Pipeline
Agile vs. DevOps for Continuous Testing: How to Optimize Your PipelinePerfecto by Perforce
 

Empfohlen

Static Analysis of Your OSS Project with Coverity
Static Analysis of Your OSS Project with CoverityStatic Analysis of Your OSS Project with Coverity
Static Analysis of Your OSS Project with CoveritySamsung Open Source Group
 
От хаоса к автоматизации тестирования на примере Backend
От хаоса к автоматизации тестирования на примере BackendОт хаоса к автоматизации тестирования на примере Backend
От хаоса к автоматизации тестирования на примере BackendCOMAQA.BY
 
Code Coverage
Code CoverageCode Coverage
Code CoverageErnani Omar Cruz
 
Static Analysis Techniques For Testing Application Security - Houston Tech Fest
Static Analysis Techniques For Testing Application Security - Houston Tech FestStatic Analysis Techniques For Testing Application Security - Houston Tech Fest
Static Analysis Techniques For Testing Application Security - Houston Tech FestDenim Group
 
Generic Test Automation Architecture
Generic Test Automation ArchitectureGeneric Test Automation Architecture
Generic Test Automation ArchitectureTestingCR
 
How to Embed Codeless Test Automation Into DevOps
How to Embed Codeless Test Automation Into DevOpsHow to Embed Codeless Test Automation Into DevOps
How to Embed Codeless Test Automation Into DevOpsPerfecto by Perforce
 
Solving the 3 Biggest Questions in Continuous Testing
Solving the 3 Biggest Questions in Continuous TestingSolving the 3 Biggest Questions in Continuous Testing
Solving the 3 Biggest Questions in Continuous TestingPerfecto by Perforce
 
Agile vs. DevOps for Continuous Testing: How to Optimize Your Pipeline
Agile vs. DevOps for Continuous Testing: How to Optimize Your PipelineAgile vs. DevOps for Continuous Testing: How to Optimize Your Pipeline
Agile vs. DevOps for Continuous Testing: How to Optimize Your PipelinePerfecto by Perforce
 
Static code analysis
Static code analysisStatic code analysis
Static code analysisRushana Bandara
 
SonarQube: Continuous Code Inspection
SonarQube: Continuous Code InspectionSonarQube: Continuous Code Inspection
SonarQube: Continuous Code InspectionMichael Jesse
 
Mobile Apps development best practices. TDD, CI, CD
Mobile Apps development best practices. TDD, CI, CDMobile Apps development best practices. TDD, CI, CD
Mobile Apps development best practices. TDD, CI, CDGlobalLogic Ukraine
 
Top 5 Code Coverage Tools in DevOps
Top 5 Code Coverage Tools in DevOpsTop 5 Code Coverage Tools in DevOps
Top 5 Code Coverage Tools in DevOpsscmGalaxy Inc
 
Quality Loopback
Quality LoopbackQuality Loopback
Quality LoopbackOmar Bashir
 
Continuous Integration - Oracle Database Objects
Continuous Integration - Oracle Database ObjectsContinuous Integration - Oracle Database Objects
Continuous Integration - Oracle Database ObjectsPrabhu Ramasamy
 
Testing AS A Container - Irfan Ahmad
Testing AS A Container - Irfan AhmadTesting AS A Container - Irfan Ahmad
Testing AS A Container - Irfan AhmadAgile Testing Alliance
 
The Key to DevOps? Testing Early in the Pipeline
The Key to DevOps? Testing Early in the PipelineThe Key to DevOps? Testing Early in the Pipeline
The Key to DevOps? Testing Early in the PipelineDevOps.com
 
Why source control your Oracle Database?
Why source control your Oracle Database?Why source control your Oracle Database?
Why source control your Oracle Database?Red Gate Software
 
ATAGTR2017 Expanding test horizons with Robot Framework
ATAGTR2017 Expanding test horizons with Robot FrameworkATAGTR2017 Expanding test horizons with Robot Framework
ATAGTR2017 Expanding test horizons with Robot FrameworkAgile Testing Alliance
 
Static code analysis
Static code analysisStatic code analysis
Static code analysisPrancer Io
 
A year of SonarQube and TFS/VSTS
A year of SonarQube and TFS/VSTSA year of SonarQube and TFS/VSTS
A year of SonarQube and TFS/VSTSMatteo Emili
 
Personalized Defect Prediction
Personalized Defect PredictionPersonalized Defect Prediction
Personalized Defect PredictionSung Kim
 
Presentation slides: "How to get 100% code coverage"
Presentation slides: "How to get 100% code coverage" Presentation slides: "How to get 100% code coverage"
Presentation slides: "How to get 100% code coverage" Rapita Systems Ltd
 
Track code quality with SonarQube - short version
Track code quality with SonarQube - short versionTrack code quality with SonarQube - short version
Track code quality with SonarQube - short versionDmytro Patserkovskyi
 
How To Improve Quality With Static Code Analysis
How To Improve Quality With Static Code Analysis How To Improve Quality With Static Code Analysis
How To Improve Quality With Static Code Analysis Perforce
 
Agile Engineering Sparker GLASScon 2015
Agile Engineering Sparker GLASScon 2015Agile Engineering Sparker GLASScon 2015
Agile Engineering Sparker GLASScon 2015Stephen Ritchie
 
Elements of a Test Framework
Elements of a Test FrameworkElements of a Test Framework
Elements of a Test FrameworkSmartBear
 
How to Introduce Continuous Delivery
How to Introduce Continuous DeliveryHow to Introduce Continuous Delivery
How to Introduce Continuous DeliveryDr. Alexander Schwartz
 
Parasoft .TEST, Write better C# Code Using Data Flow Analysis
Parasoft .TEST, Write better C# Code Using Data Flow Analysis Parasoft .TEST, Write better C# Code Using Data Flow Analysis
Parasoft .TEST, Write better C# Code Using Data Flow Analysis Engineering Software Lab
 
[Europe merge world tour] Coverity Development Testing
[Europe merge world tour] Coverity Development Testing[Europe merge world tour] Coverity Development Testing
[Europe merge world tour] Coverity Development TestingPerforce
 
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...Webcast Presentation: Accelerate Continuous Delivery with Development Testing...
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...GRUC
 

Weitere ähnliche Inhalte

Was ist angesagt?

SonarQube: Continuous Code Inspection
SonarQube: Continuous Code InspectionSonarQube: Continuous Code Inspection
SonarQube: Continuous Code InspectionMichael Jesse
 
Mobile Apps development best practices. TDD, CI, CD
Mobile Apps development best practices. TDD, CI, CDMobile Apps development best practices. TDD, CI, CD
Mobile Apps development best practices. TDD, CI, CDGlobalLogic Ukraine
 
Top 5 Code Coverage Tools in DevOps
Top 5 Code Coverage Tools in DevOpsTop 5 Code Coverage Tools in DevOps
Top 5 Code Coverage Tools in DevOpsscmGalaxy Inc
 
Quality Loopback
Quality LoopbackQuality Loopback
Quality LoopbackOmar Bashir
 
Continuous Integration - Oracle Database Objects
Continuous Integration - Oracle Database ObjectsContinuous Integration - Oracle Database Objects
Continuous Integration - Oracle Database ObjectsPrabhu Ramasamy
 
The Key to DevOps? Testing Early in the Pipeline
The Key to DevOps? Testing Early in the PipelineThe Key to DevOps? Testing Early in the Pipeline
The Key to DevOps? Testing Early in the PipelineDevOps.com
 
Why source control your Oracle Database?
Why source control your Oracle Database?Why source control your Oracle Database?
Why source control your Oracle Database?Red Gate Software
 
ATAGTR2017 Expanding test horizons with Robot Framework
ATAGTR2017 Expanding test horizons with Robot FrameworkATAGTR2017 Expanding test horizons with Robot Framework
ATAGTR2017 Expanding test horizons with Robot FrameworkAgile Testing Alliance
 
Static code analysis
Static code analysisStatic code analysis
Static code analysisPrancer Io
 
A year of SonarQube and TFS/VSTS
A year of SonarQube and TFS/VSTSA year of SonarQube and TFS/VSTS
A year of SonarQube and TFS/VSTSMatteo Emili
 
Personalized Defect Prediction
Personalized Defect PredictionPersonalized Defect Prediction
Personalized Defect PredictionSung Kim
 
Presentation slides: "How to get 100% code coverage"
Presentation slides: "How to get 100% code coverage" Presentation slides: "How to get 100% code coverage"
Presentation slides: "How to get 100% code coverage" Rapita Systems Ltd
 
Track code quality with SonarQube - short version
Track code quality with SonarQube - short versionTrack code quality with SonarQube - short version
Track code quality with SonarQube - short versionDmytro Patserkovskyi
 
How To Improve Quality With Static Code Analysis
How To Improve Quality With Static Code Analysis How To Improve Quality With Static Code Analysis
How To Improve Quality With Static Code Analysis Perforce
 
Agile Engineering Sparker GLASScon 2015
Agile Engineering Sparker GLASScon 2015Agile Engineering Sparker GLASScon 2015
Agile Engineering Sparker GLASScon 2015Stephen Ritchie
 
Elements of a Test Framework
Elements of a Test FrameworkElements of a Test Framework
Elements of a Test FrameworkSmartBear
 
Parasoft .TEST, Write better C# Code Using Data Flow Analysis
Parasoft .TEST, Write better C# Code Using Data Flow Analysis Parasoft .TEST, Write better C# Code Using Data Flow Analysis
Parasoft .TEST, Write better C# Code Using Data Flow Analysis Engineering Software Lab
 

Was ist angesagt? (20)

Static code analysis
Static code analysisStatic code analysis
Static code analysis
 
SonarQube: Continuous Code Inspection
SonarQube: Continuous Code InspectionSonarQube: Continuous Code Inspection
SonarQube: Continuous Code Inspection
 
Mobile Apps development best practices. TDD, CI, CD
Mobile Apps development best practices. TDD, CI, CDMobile Apps development best practices. TDD, CI, CD
Mobile Apps development best practices. TDD, CI, CD
 
Top 5 Code Coverage Tools in DevOps
Top 5 Code Coverage Tools in DevOpsTop 5 Code Coverage Tools in DevOps
Top 5 Code Coverage Tools in DevOps
 
Quality Loopback
Quality LoopbackQuality Loopback
Quality Loopback
 
Continuous Integration - Oracle Database Objects
Continuous Integration - Oracle Database ObjectsContinuous Integration - Oracle Database Objects
Continuous Integration - Oracle Database Objects
 
Testing AS A Container - Irfan Ahmad
Testing AS A Container - Irfan AhmadTesting AS A Container - Irfan Ahmad
Testing AS A Container - Irfan Ahmad
 
The Key to DevOps? Testing Early in the Pipeline
The Key to DevOps? Testing Early in the PipelineThe Key to DevOps? Testing Early in the Pipeline
The Key to DevOps? Testing Early in the Pipeline
 
Why source control your Oracle Database?
Why source control your Oracle Database?Why source control your Oracle Database?
Why source control your Oracle Database?
 
ATAGTR2017 Expanding test horizons with Robot Framework
ATAGTR2017 Expanding test horizons with Robot FrameworkATAGTR2017 Expanding test horizons with Robot Framework
ATAGTR2017 Expanding test horizons with Robot Framework
 
Static code analysis
Static code analysisStatic code analysis
Static code analysis
 
A year of SonarQube and TFS/VSTS
A year of SonarQube and TFS/VSTSA year of SonarQube and TFS/VSTS
A year of SonarQube and TFS/VSTS
 
Personalized Defect Prediction
Personalized Defect PredictionPersonalized Defect Prediction
Personalized Defect Prediction
 
Presentation slides: "How to get 100% code coverage"
Presentation slides: "How to get 100% code coverage" Presentation slides: "How to get 100% code coverage"
Presentation slides: "How to get 100% code coverage"
 
Track code quality with SonarQube - short version
Track code quality with SonarQube - short versionTrack code quality with SonarQube - short version
Track code quality with SonarQube - short version
 
How To Improve Quality With Static Code Analysis
How To Improve Quality With Static Code Analysis How To Improve Quality With Static Code Analysis
How To Improve Quality With Static Code Analysis
 
Agile Engineering Sparker GLASScon 2015
Agile Engineering Sparker GLASScon 2015Agile Engineering Sparker GLASScon 2015
Agile Engineering Sparker GLASScon 2015
 
Elements of a Test Framework
Elements of a Test FrameworkElements of a Test Framework
Elements of a Test Framework
 
How to Introduce Continuous Delivery
How to Introduce Continuous DeliveryHow to Introduce Continuous Delivery
How to Introduce Continuous Delivery
 
Parasoft .TEST, Write better C# Code Using Data Flow Analysis
Parasoft .TEST, Write better C# Code Using Data Flow Analysis Parasoft .TEST, Write better C# Code Using Data Flow Analysis
Parasoft .TEST, Write better C# Code Using Data Flow Analysis
 

Ähnlich wie [India Merge World Tour] Coverity

[Europe merge world tour] Coverity Development Testing
[Europe merge world tour] Coverity Development Testing[Europe merge world tour] Coverity Development Testing
[Europe merge world tour] Coverity Development TestingPerforce
 
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...Webcast Presentation: Accelerate Continuous Delivery with Development Testing...
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...GRUC
 
4.4.2013 Software Quality - Regression Testing Automated and Manual - RFT/RQM
4.4.2013 Software Quality - Regression Testing Automated and Manual - RFT/RQM4.4.2013 Software Quality - Regression Testing Automated and Manual - RFT/RQM
4.4.2013 Software Quality - Regression Testing Automated and Manual - RFT/RQMIBM Rational
 
PTAQ L - Adam Makarowicz - The quality, or there and back again
PTAQ L - Adam Makarowicz - The quality, or there and back againPTAQ L - Adam Makarowicz - The quality, or there and back again
PTAQ L - Adam Makarowicz - The quality, or there and back againAdam Makarowicz
 
DevOps 2017 Conf: evolving from automated to continuous
DevOps 2017 Conf: evolving from automated to continuousDevOps 2017 Conf: evolving from automated to continuous
DevOps 2017 Conf: evolving from automated to continuousArthur Hicken
 
Behavior Driven Development—A Guide to Agile Practices by Josh Eastman
Behavior Driven Development—A Guide to Agile Practices by Josh EastmanBehavior Driven Development—A Guide to Agile Practices by Josh Eastman
Behavior Driven Development—A Guide to Agile Practices by Josh EastmanQA or the Highway
 
(Technologies) AI, Machine Learning, Predictive Analytics, IIOT, Cloud,Web-fr...
(Technologies) AI, Machine Learning, Predictive Analytics, IIOT, Cloud,Web-fr...(Technologies) AI, Machine Learning, Predictive Analytics, IIOT, Cloud,Web-fr...
(Technologies) AI, Machine Learning, Predictive Analytics, IIOT, Cloud,Web-fr...Farhan Tariq
 
Defect free development - QS Tag2019
Defect free development - QS Tag2019Defect free development - QS Tag2019
Defect free development - QS Tag2019Arnon Axelrod
 
Better Software East 2016: Evolving Automated to Continuous
Better Software East 2016: Evolving Automated to ContinuousBetter Software East 2016: Evolving Automated to Continuous
Better Software East 2016: Evolving Automated to ContinuousParasoft
 
What is Rational CLM?
What is Rational CLM?What is Rational CLM?
What is Rational CLM?IBM Danmark
 
Rhonda Software Quality Assurance Services
Rhonda Software Quality Assurance ServicesRhonda Software Quality Assurance Services
Rhonda Software Quality Assurance ServicesRhonda Software
 
Agile Development in Aerospace and Defense
Agile Development in Aerospace and DefenseAgile Development in Aerospace and Defense
Agile Development in Aerospace and DefenseJim Nickel
 
IBM i Application Lifecycle Management with Remain Software
IBM i Application Lifecycle Management with Remain SoftwareIBM i Application Lifecycle Management with Remain Software
IBM i Application Lifecycle Management with Remain SoftwareRemain Software
 
Driving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive SoftwareDriving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive SoftwareParasoft
 
implementing_ai_for_improved_performance_testing_the_key_to_success.pdf
implementing_ai_for_improved_performance_testing_the_key_to_success.pdfimplementing_ai_for_improved_performance_testing_the_key_to_success.pdf
implementing_ai_for_improved_performance_testing_the_key_to_success.pdfsarah david
 
Take your code and quality to the next level by Serena Software
Take your code and quality to the next level by Serena SoftwareTake your code and quality to the next level by Serena Software
Take your code and quality to the next level by Serena SoftwareSerena Software
 
Agile-plus-DevOps Testing for Packaged Applications
Agile-plus-DevOps Testing for Packaged ApplicationsAgile-plus-DevOps Testing for Packaged Applications
Agile-plus-DevOps Testing for Packaged ApplicationsWorksoft
 
The Significance of Regression Testing in Software Development.pdf
The Significance of Regression Testing in Software Development.pdfThe Significance of Regression Testing in Software Development.pdf
The Significance of Regression Testing in Software Development.pdfRohitBhandari66
 

Ähnlich wie [India Merge World Tour] Coverity (20)

[Europe merge world tour] Coverity Development Testing
[Europe merge world tour] Coverity Development Testing[Europe merge world tour] Coverity Development Testing
[Europe merge world tour] Coverity Development Testing
 
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...Webcast Presentation: Accelerate Continuous Delivery with Development Testing...
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...
 
Future of QA
Future of QAFuture of QA
Future of QA
 
Futureofqa
FutureofqaFutureofqa
Futureofqa
 
4.4.2013 Software Quality - Regression Testing Automated and Manual - RFT/RQM
4.4.2013 Software Quality - Regression Testing Automated and Manual - RFT/RQM4.4.2013 Software Quality - Regression Testing Automated and Manual - RFT/RQM
4.4.2013 Software Quality - Regression Testing Automated and Manual - RFT/RQM
 
PTAQ L - Adam Makarowicz - The quality, or there and back again
PTAQ L - Adam Makarowicz - The quality, or there and back againPTAQ L - Adam Makarowicz - The quality, or there and back again
PTAQ L - Adam Makarowicz - The quality, or there and back again
 
DevOps 2017 Conf: evolving from automated to continuous
DevOps 2017 Conf: evolving from automated to continuousDevOps 2017 Conf: evolving from automated to continuous
DevOps 2017 Conf: evolving from automated to continuous
 
Behavior Driven Development—A Guide to Agile Practices by Josh Eastman
Behavior Driven Development—A Guide to Agile Practices by Josh EastmanBehavior Driven Development—A Guide to Agile Practices by Josh Eastman
Behavior Driven Development—A Guide to Agile Practices by Josh Eastman
 
(Technologies) AI, Machine Learning, Predictive Analytics, IIOT, Cloud,Web-fr...
(Technologies) AI, Machine Learning, Predictive Analytics, IIOT, Cloud,Web-fr...(Technologies) AI, Machine Learning, Predictive Analytics, IIOT, Cloud,Web-fr...
(Technologies) AI, Machine Learning, Predictive Analytics, IIOT, Cloud,Web-fr...
 
Defect free development - QS Tag2019
Defect free development - QS Tag2019Defect free development - QS Tag2019
Defect free development - QS Tag2019
 
Better Software East 2016: Evolving Automated to Continuous
Better Software East 2016: Evolving Automated to ContinuousBetter Software East 2016: Evolving Automated to Continuous
Better Software East 2016: Evolving Automated to Continuous
 
What is Rational CLM?
What is Rational CLM?What is Rational CLM?
What is Rational CLM?
 
Rhonda Software Quality Assurance Services
Rhonda Software Quality Assurance ServicesRhonda Software Quality Assurance Services
Rhonda Software Quality Assurance Services
 
Agile Development in Aerospace and Defense
Agile Development in Aerospace and DefenseAgile Development in Aerospace and Defense
Agile Development in Aerospace and Defense
 
IBM i Application Lifecycle Management with Remain Software
IBM i Application Lifecycle Management with Remain SoftwareIBM i Application Lifecycle Management with Remain Software
IBM i Application Lifecycle Management with Remain Software
 
Driving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive SoftwareDriving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive Software
 
implementing_ai_for_improved_performance_testing_the_key_to_success.pdf
implementing_ai_for_improved_performance_testing_the_key_to_success.pdfimplementing_ai_for_improved_performance_testing_the_key_to_success.pdf
implementing_ai_for_improved_performance_testing_the_key_to_success.pdf
 
Take your code and quality to the next level by Serena Software
Take your code and quality to the next level by Serena SoftwareTake your code and quality to the next level by Serena Software
Take your code and quality to the next level by Serena Software
 
Agile-plus-DevOps Testing for Packaged Applications
Agile-plus-DevOps Testing for Packaged ApplicationsAgile-plus-DevOps Testing for Packaged Applications
Agile-plus-DevOps Testing for Packaged Applications
 
The Significance of Regression Testing in Software Development.pdf
The Significance of Regression Testing in Software Development.pdfThe Significance of Regression Testing in Software Development.pdf
The Significance of Regression Testing in Software Development.pdf
 

Mehr von Perforce

How to Organize Game Developers With Different Planning Needs
How to Organize Game Developers With Different Planning NeedsHow to Organize Game Developers With Different Planning Needs
How to Organize Game Developers With Different Planning NeedsPerforce
 
Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...
Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...
Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...Perforce
 
Efficient Security Development and Testing Using Dynamic and Static Code Anal...
Efficient Security Development and Testing Using Dynamic and Static Code Anal...Efficient Security Development and Testing Using Dynamic and Static Code Anal...
Efficient Security Development and Testing Using Dynamic and Static Code Anal...Perforce
 
Understanding Compliant Workflow Enforcement SOPs
Understanding Compliant Workflow Enforcement SOPsUnderstanding Compliant Workflow Enforcement SOPs
Understanding Compliant Workflow Enforcement SOPsPerforce
 
Branching Out: How To Automate Your Development Process
Branching Out: How To Automate Your Development ProcessBranching Out: How To Automate Your Development Process
Branching Out: How To Automate Your Development ProcessPerforce
 
How to Do Code Reviews at Massive Scale For DevOps
How to Do Code Reviews at Massive Scale For DevOpsHow to Do Code Reviews at Massive Scale For DevOps
How to Do Code Reviews at Massive Scale For DevOpsPerforce
 
How to Spark Joy In Your Product Backlog
How to Spark Joy In Your Product Backlog How to Spark Joy In Your Product Backlog
How to Spark Joy In Your Product Backlog Perforce
 
Going Remote: Build Up Your Game Dev Team
Going Remote: Build Up Your Game Dev Team Going Remote: Build Up Your Game Dev Team
Going Remote: Build Up Your Game Dev Team Perforce
 
Shift to Remote: How to Manage Your New Workflow
Shift to Remote: How to Manage Your New WorkflowShift to Remote: How to Manage Your New Workflow
Shift to Remote: How to Manage Your New WorkflowPerforce
 
Hybrid Development Methodology in a Regulated World
Hybrid Development Methodology in a Regulated WorldHybrid Development Methodology in a Regulated World
Hybrid Development Methodology in a Regulated WorldPerforce
 
Better, Faster, Easier: How to Make Git Really Work in the Enterprise
Better, Faster, Easier: How to Make Git Really Work in the EnterpriseBetter, Faster, Easier: How to Make Git Really Work in the Enterprise
Better, Faster, Easier: How to Make Git Really Work in the EnterprisePerforce
 
Easier Requirements Management Using Diagrams In Helix ALM
Easier Requirements Management Using Diagrams In Helix ALMEasier Requirements Management Using Diagrams In Helix ALM
Easier Requirements Management Using Diagrams In Helix ALMPerforce
 
How To Master Your Mega Backlog
How To Master Your Mega Backlog How To Master Your Mega Backlog
How To Master Your Mega Backlog Perforce
 
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...Perforce
 
How to Scale With Helix Core and Microsoft Azure
How to Scale With Helix Core and Microsoft Azure How to Scale With Helix Core and Microsoft Azure
How to Scale With Helix Core and Microsoft Azure Perforce
 
Achieving Software Safety, Security, and Reliability Part 2
Achieving Software Safety, Security, and Reliability Part 2Achieving Software Safety, Security, and Reliability Part 2
Achieving Software Safety, Security, and Reliability Part 2Perforce
 
Should You Break Up With Your Monolith?
Should You Break Up With Your Monolith?Should You Break Up With Your Monolith?
Should You Break Up With Your Monolith?Perforce
 
Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...
Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...
Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...Perforce
 
What's New in Helix ALM 2019.4
What's New in Helix ALM 2019.4What's New in Helix ALM 2019.4
What's New in Helix ALM 2019.4Perforce
 
Free Yourself From the MS Office Prison
Free Yourself From the MS Office Prison Free Yourself From the MS Office Prison
Free Yourself From the MS Office Prison Perforce
 

Mehr von Perforce (20)

How to Organize Game Developers With Different Planning Needs
How to Organize Game Developers With Different Planning NeedsHow to Organize Game Developers With Different Planning Needs
How to Organize Game Developers With Different Planning Needs
 
Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...
Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...
Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...
 
Efficient Security Development and Testing Using Dynamic and Static Code Anal...
Efficient Security Development and Testing Using Dynamic and Static Code Anal...Efficient Security Development and Testing Using Dynamic and Static Code Anal...
Efficient Security Development and Testing Using Dynamic and Static Code Anal...
 
Understanding Compliant Workflow Enforcement SOPs
Understanding Compliant Workflow Enforcement SOPsUnderstanding Compliant Workflow Enforcement SOPs
Understanding Compliant Workflow Enforcement SOPs
 
Branching Out: How To Automate Your Development Process
Branching Out: How To Automate Your Development ProcessBranching Out: How To Automate Your Development Process
Branching Out: How To Automate Your Development Process
 
How to Do Code Reviews at Massive Scale For DevOps
How to Do Code Reviews at Massive Scale For DevOpsHow to Do Code Reviews at Massive Scale For DevOps
How to Do Code Reviews at Massive Scale For DevOps
 
How to Spark Joy In Your Product Backlog
How to Spark Joy In Your Product Backlog How to Spark Joy In Your Product Backlog
How to Spark Joy In Your Product Backlog
 
Going Remote: Build Up Your Game Dev Team
Going Remote: Build Up Your Game Dev Team Going Remote: Build Up Your Game Dev Team
Going Remote: Build Up Your Game Dev Team
 
Shift to Remote: How to Manage Your New Workflow
Shift to Remote: How to Manage Your New WorkflowShift to Remote: How to Manage Your New Workflow
Shift to Remote: How to Manage Your New Workflow
 
Hybrid Development Methodology in a Regulated World
Hybrid Development Methodology in a Regulated WorldHybrid Development Methodology in a Regulated World
Hybrid Development Methodology in a Regulated World
 
Better, Faster, Easier: How to Make Git Really Work in the Enterprise
Better, Faster, Easier: How to Make Git Really Work in the EnterpriseBetter, Faster, Easier: How to Make Git Really Work in the Enterprise
Better, Faster, Easier: How to Make Git Really Work in the Enterprise
 
Easier Requirements Management Using Diagrams In Helix ALM
Easier Requirements Management Using Diagrams In Helix ALMEasier Requirements Management Using Diagrams In Helix ALM
Easier Requirements Management Using Diagrams In Helix ALM
 
How To Master Your Mega Backlog
How To Master Your Mega Backlog How To Master Your Mega Backlog
How To Master Your Mega Backlog
 
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
 
How to Scale With Helix Core and Microsoft Azure
How to Scale With Helix Core and Microsoft Azure How to Scale With Helix Core and Microsoft Azure
How to Scale With Helix Core and Microsoft Azure
 
Achieving Software Safety, Security, and Reliability Part 2
Achieving Software Safety, Security, and Reliability Part 2Achieving Software Safety, Security, and Reliability Part 2
Achieving Software Safety, Security, and Reliability Part 2
 
Should You Break Up With Your Monolith?
Should You Break Up With Your Monolith?Should You Break Up With Your Monolith?
Should You Break Up With Your Monolith?
 
Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...
Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...
Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...
 
What's New in Helix ALM 2019.4
What's New in Helix ALM 2019.4What's New in Helix ALM 2019.4
What's New in Helix ALM 2019.4
 
Free Yourself From the MS Office Prison
Free Yourself From the MS Office Prison Free Yourself From the MS Office Prison
Free Yourself From the MS Office Prison
 

Kürzlich hochgeladen

Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 

Kürzlich hochgeladen (20)

Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 

[India Merge World Tour] Coverity

  • 1.
  • 2. Coverity Development Testing Accelerating Risk Mitigation through Continuous Integration and Development Testing Raj Mathur Country Manager Coverity India
  • 3. “Software is Eating the World” Software - Marc Andreessen Health Financial Communications SCM / Logistics Enterprise Mobile 81% of business leaders believe technology is a fundamental element of their business model Over 60 million tablets and 175 million smart phones will be in the workplace by the end of 2012 By 2016, open source software will be included in mission-critical applications within 99% of Global 2000 enterprises Automotive
  • 4.
  • 5. Our Value Development Testing is transforming software development by: Reducing operational costs Accelerating development and time to market Protecting brands from catastrophic failure
  • 6. Why All the Risk? Software Complexity and Speed Have Outpaced Legacy Testing Methods Development Testing Software Complexity Time to Market Testing Methods Security Testing Functional Testing Performance Testing Manual Testing
  • 7. Fewer defects escape dev Design Development QA + Security Audit Deployment Our Mission and Passion: Moving Quality, Security and Testing to the Left 5x cost 10x cost 30x cost
  • 8. Transformation Maturity Model 8 Development Testing Adoption Integration into SDLC Level 1 Automatic Defect Detection Detection of critical quality and security defects as part of SW build process. No new defects introduced. Level 2 Identification of Residual Risk Level 3 Developer Workflow Optimization Integration into the existing SDLC using a common workflow for all defects and test effectiveness issues. Level 4 Code Governance Establish and enforce consistent source code quality and security policies. Establish source code acceptance criteria. Level 5 Enterprise Code Assurance All legacy defects eliminated, build fails if new defects are introduced. All critical code and code impacted by change is tested. High High Identification of areas of risk caused by insufficient automated testing. Ensure critical code is prioritized and tested.
  • 9. How Static Analysis Works 9 Explains the location and root cause of defects Manage and share triage of defects across teams Mimicks the behavior of dozens of compilers Integrates with existing build systems Statically tests all execution paths Finds defects and inconsistent coding patterns Analyze Build Present & Manage
  • 10. Meaningful, real results Focus on finding real defects, not style violations or superficial issues. Over 12 years of experience analyzing open source and commercial code. Industry-leading low false positive rate False positive rates typically below 15%. False positives waste time, hinder adoption, and reduce trust in the results. Broadest Checker Library + Deepest Algorithms Optimal balance of breadth, depth, and scalability to large code bases. High Quality Results 10 Confidential: For Coverity and Partner use only. Copyright Coverity, Inc., 2011
  • 11. We Find Critical Defects •  Tomcat Webserver 5.5.17 •  Open source server for web applications •  Among several hundred defects, we found a “reverse lock bug” that can lead to deadlock of the entire server •  Very rare event - Very hard to find with traditional testing
  • 13. Risk Mitigation 13 In my critical code, each component whose behavior was modified (directly or indirectly) in the last release must be 100% tested (excluding error-handling) Organization Defines a Test Policy Test Advisor Evaluates Test Policy Developers Get Actionable Work Items Existing Coverity Static Analysis Engine + New Tools that we Built Consistent UI
  • 14. Risk Mitigation Architecture 14 For Coverity and Partner use only. Copyright Coverity, Inc., 2012 Test Advice Actionable work items to address risk due to inadequate testing Test Policy Evaluation •  Critical code analysis •  Change impact analysis •  Test execution analysis Test Monitoring Code Ownership and Change History Static Code Analysis Customized Test Policy
  • 15. Automate testing within the inner loop of development 01001011 0101101011001 01101011000011 010100101101 01011001 Writes code 01 Creates unit test Analyzes code Fixes critical issues Interprocedural quality and security defects New tests required because of change impact Source Control Management System Centralized build is generated Assigned back to appropriate developer New issues are found Prioritized defects Prioritized tests
  • 16. Integration into development workflow IDE | Defect tracking | SCM | Build/CI | ALM Analysis Accuracy Proven false positive rate of less than 10% on codebases over 1M lines of code Remediation Guidance Show path to defect and fix guidance in context of developer’s code patent-pending security remediation engine Performance and Scale Proven scale on codebases up to 100M Analysis runs in minutes to hours vs. days to weeks The industry’s first developer-friendly software testing platform “Coverity enables developers to produce secure code and gives developers a more positive attitude about addressing security, while ultimately leads to fixing defects.” -Gerold Hubner, Chief Product Security Officer at SAP
  • 17. The Workflow 17 • Security Audits • Product Release Management (For illustration only – other workflow integrations possible) QA Nightly/Continuous Build • Desktop Analysis • Review defects • Prioritize actions • Make fixes •  Track progress Code Check In Static Analysis Results • Functional Testing • Performance Testing • Stress Testing • Integration Testing Development Product Release & Management Static Analysis Results
  • 18. Issue Responsibility Is Critical 18
  • 19. Ingredients for Success 19 Code Build Test Nightly Build Continuous Integration High-Fidelity Code Compilation High- Performance Analysis Low False Positive Rate Detecting Critical Defects Easy Defect Navigation and Comprehension Comprehensive Triage and Remediation Management Visibility and Governance Team Collaboration
  • 20. Ingredients for Success 20 Code Build Test Nightly Build Continuous Integration High-Fidelity Code Compilation High- Performance Analysis Low False Positive Rate Detecting Critical Defects Easy Defect Navigation and Comprehension Comprehensive Triage and Remediation Management Visibility and Governance Team Collaboration Developer Adoption Workflow Integration Management Oversight
  • 21. Governance with Metrics Automated high-fidelity analysis on daily basis 21 Fast and educated triage of results to categorize and prioritize issues Accurate Data Precise actions based on comprehensive data analysis Trusted Data
  • 22. Organizational ‘Heat Map’ Confidential: For Coverity and Partner use only. Copyright Coverity, Inc., 2013 22
  • 23. Gain executive level visibility into risk Across teams, projects and components
  • 24. Common usage scenarios 24 For Coverity and Partner use only. Copyright Coverity, Inc., 2013 Increase development testing adoption and ROI Metrics to track adoption •  Daily unique users •  Monthly unique users •  Issues introduced •  Issues resolved •  And many others …
  • 25. Common usage scenarios 25 For Coverity and Partner use only. Copyright Coverity, Inc., 2013 Improve time to market Early visibility into issues •  Outstanding issue count •  Resolved issue count •  Outstanding issue by impact •  Defect density •  And many others …
  • 26. Common usage scenarios 26 For Coverity and Partner use only. Copyright Coverity, Inc., 2013 Mitigate risk Establish a stage gate with risk metrics •  Defect density •  Outstanding issues by impact •  Test policy violations •  And many others …
  • 27. Coverity Development Testing Platform Security Advisor Test Advisor Analysis Packs Coverity SAVE™ Static Analysis Verification Engine SDLC Integrations Policy Manager Quality Advisor Architecture Analysis Dynamic Analysis Java FindBugs™ Analysis Analysis Integration Toolkit Coverity Connect Test Execution Third Party Metrics Build/ Continuous Integration HP ALM IDE Code Coverage Defect Tracking SCM Confidential: For Coverity and Partner use only. Copyright 2012 Coverity, Inc.
  • 28. Analyze Accurately detect issues difficult to find through traditional testing Remediate Quickly and efficiently manage issues to resolution Govern Enforce a consistent standard for quality, security and testing Three Step Process to Development Testing 28 For Coverity and Partner use only. Copyright Coverity, Inc., 2012
  • 29. Analysis Foundation: Coverity SAVE® Static Analysis Verification Engine Award-winning analysis engine with patented techniques based on a decade of R&D and analysis of over 5 billion lines of proprietary and open source code 29 Interprocedural Data Flow Boolean Satisfiability Global Data Flow Change Impact Analysis Accurate Compilation False Positive Intelligence White Box Fuzzer Enterprise Framework Analyzer Proprietary Code | Open Source Code Statistical Analysis Language Idioms And Design Patterns
  • 30. Issues Manage defects and untested code violations in a single interface and with a robust repository Developers Workflow Coverity Connect: Collaborative Issue Mgmt. Connecting… Collaborate across distributed teams with and enterprise framework Manage issues within your standard SDLC 30 For Coverity and Partner use only. Copyright Coverity, Inc., 2012
  • 31. Remediate Critical Quality Defects Leveraging a Robust Issue Management Repository Prioritize and filter based on impact Identify the exact path to the defect Automatically assign defects to owners Automatically identify every occurrence of a defect across branches CWE compatible mapping and knowledge base 31 For Coverity and Partner use only. Copyright Coverity, Inc., 2012
  • 32. Analyze and Remediate Defects From Within the Eclipse or Visual Studio IDE 32 For Coverity and Partner use only. Copyright Coverity, Inc., 2012
  • 33. 33 Customers •  Over 1,100 customers (5.0B LOC under mgmt) •  18 of top 20 sw/hw firms., •  10 of 10 A&D Firms •  8 of 10 Telecom •  4 of 5 Security Firms •  4 of 5 Exchanges •  ‘Gate’ (mandate) across supply chain for many of the products that you use today! •  300 open source projects Financial •  Fastest growing company in the sector •  Record revenue growth 3+ years in a row •  Almost three times the market share of the nearest vendor - VDC •  Backing from Benchmark Capital and Foundation Capital Company •  Founded in 2003 at Stanford University Research Lab •  DHS Standard - Open Source Scan (14B LOC) •  #1 in software quality analysis - IDC (2012) •  #1 in Development Testing (transformation) – Voke 2012 •  300 employees, 11 offices, 10 countries Coverity: Leader in Development Testing Technical Leadership •  Andy Chou, CTO & Founder •  Dr. Dawson Engler, Prof Stanford University, Grace Murray Hopper Award (2009) •  Dr. Andreas Kuehlmann, Prof Cal, Past President of EDA Council of IEEE •  Over a dozen patents •  CODiE Award finalist 2013 best security solution •  CODiE Award winner 2012 best software development solution
  • 34. Over 1,100 of the World’s Leading Brands use Coverity 34
  • 35. Thank You India Office Address : Coverity (India) Pvt Ltd., Level 14, Concorde Towers UB City, #1, Vittal Mallya Road Bangalore – 560 001 Tel: +91 80 6759 0494 Mob: +91 98801 66186 eMail : rmathur@coverity.com