Risk
5/15/2013
05:54 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Coverity Reports More Than 30 Percent Year-Over-Year Growth For H1 2013

Announced its financial results for the first half of fiscal year 2013

SAN FRANCISCO, May 15, 2013 /PRNewswire/ -- Coverity, Inc., the leader in development testing, today announced its financial results for the first half of fiscal year 2013. The company experienced more than a 30% increase in revenue compared to the first half of fiscal year 2012, and added more than 80 new customer accounts in the first half of fiscal year 2013, as a result of rapid industry adoption of development testing.

"Our growth over the past two quarters is indicative of the fact that every company - be it a new startup or a 100 year-old Fortune 500 company - is becoming a software company to some degree," said Anthony Bettencourt, chairman and chief executive officer for Coverity. "Development testing is no longer a 'nice to have' for these companies, but an accepted organizational best practice to ensure reliable, high-quality, secure software code. Companies that don't adopt development testing will face a competitive disadvantage as they race to launch and support their software-enabled innovations."

Key growth drivers for Coverity include:

-- Rapid Adoption within Java Development Teams: As the need for

high-quality, secure Java applications continues to grow, organizations

from all industries - from financial services and e-commerce to mobile

and networking - are requiring enterprise-class development testing

solutions to manage both software quality and security. The company also

expanded its free Coverity Scan(TM) service to support the growing

number of open source Java projects and has begun working with Hudson

Server, Eclipse Code Recommender and Apache Cassandra, among others.

-- Growing Importance of Addressing Security in Development: The company's

Security Research Laboratory published the first release of its software

development research, Fixing XSS: A Practical Guide for Developers, and

launched the Coverity Security Library, an open source project available

through GitHub, which enables developers to quickly remediate cross-site

scripting defects in Java web applications. Coverity also joined the

Financial Services Information Sharing and Analysis Center (FS-ISAC) to

further promote development testing practices among the nation's leading

banking, finance and security firms, and to help protect the U.S.

financial services sector critical infrastructure from security threats.

-- Proliferation of Open Source: The company released its fifth annual

Coverity Scan Open Source Report, which has become a widely accepted

standard for measuring the state of open source software quality. Today,

the Coverity Scan service supports more than 250 active projects, with

more than 600 active developers. Coverity also joined the Eclipse

Foundation and now offers a Hudson plugin that integrates with projects

hosted by the Eclipse Foundation, enabling them to access the Scan

service in their development workflow.

-- Product Innovation: The company released version 6.5 of the Coverity®

Development Testing Platform, including Coverity Security Advisor and

Coverity Test Advisor. These innovations empower developers to address

security issues while code is being written and understand the impact of

code changes, enabling them to focus unit testing time and resources on

the most critical parts of the code. Coverity Security Advisor was a

finalist for the SIIA Software CODiE award for best security solution

and for the SC Awards Europe for security innovation. Coverity was also

named a Deloitte "Technology Fast 500" company.

About Coverity

Coverity, Inc., (www.coverity.com), the leader in development testing, is the trusted standard for companies that need to protect their brands and bottom lines from software failures. More than 1,100 Coverity customers use Coverity's development testing platform to automatically test source code for software defects that could lead to product crashes, unexpected behavior, security breaches or catastrophic failure. Coverity is a privately held company headquartered in San Francisco. Coverity is funded by Foundation Capital and Benchmark Capital. Follow us on Twitter or check out our blog.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8142
Published: 2014-12-20
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys w...

CVE-2013-4440
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

CVE-2013-4442
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

CVE-2013-7401
Published: 2014-12-19
The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.

CVE-2014-2026
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.