CodeSonar

CodeSonar

CodeSecure
Splint

Splint

University of Virginia
+
+

Related Products

  • Aikido Security
    232 Ratings
    Visit Website
  • EZO AssetSonar
    113 Ratings
    Visit Website
  • Parasoft
    148 Ratings
    Visit Website
  • TrustInSoft Analyzer
    6 Ratings
    Visit Website
  • Feroot
    31 Ratings
    Visit Website
  • Gearset
    305 Ratings
    Visit Website
  • JetBrains Junie
    12 Ratings
    Visit Website
  • Google Cloud Run
    347 Ratings
    Visit Website
  • DbVisualizer
    580 Ratings
    Visit Website
  • EasySend
    28 Ratings
    Visit Website

About

CodeSonar employs a unified dataflow and symbolic execution analysis that examines the computation of the complete application. By not relying on pattern matching or similar approximations, CodeSonar's static analysis engine is extraordinarily deep, finding 3-5 times more defects on average than other static analysis tools. Unlike many software development tools, such as testing tools, compilers, configuration management, etc., SAST tools can be integrated into a team's development process at any time with ease. SAST technologies like CodeSonar simply attach to your existing build environments to add analysis information to your verification process. Like a compiler, CodeSonar does a build of your code using your existing build environment, but instead of creating object code, CodeSonar creates an abstract model of your entire program. From the derived model, CodeSonar’s symbolic execution engine explores program paths, reasoning about program variables and how they relate.

About

Splint is developed and maintained by the Secure Programming Group at the University of Virginia Department of Computer Science. David Evans is the project leader and the primary developer of Splint. David Larochelle developed the memory bounds checking. University of Virginia students Chris Barker, David Friedman, Mike Lanouette and Hien Phan all contributed significantly to the development of Splint. Splint is the successor to LCLint, a tool originally developed as a joint research project between the Massachusetts Institute of Technology and Digital Equipment Corporation's System Research Center. David Evans was the primary designed and developer of LCLint. John Guttag and Jim Horning had the original idea for a static checking tool for detecting inconsistencies between LCL specifications and their C implementations. They provided valuable advice on its functionality and design and were instrumental in its development.

Platforms Supported

Windows
Mac
Linux
Cloud
On-Premises
iPhone
iPad
Android
Chromebook

Platforms Supported

Windows
Mac
Linux
Cloud
On-Premises
iPhone
iPad
Android
Chromebook

Audience

Development teams interested in a Static Application Security Testing (SAST) solution

Audience

Development teams interested in a Static Application Security Testing (SAST)

Support

Phone Support
24/7 Live Support
Online

Support

Phone Support
24/7 Live Support
Online

API

Offers API

API

Offers API

Screenshots and Videos

Screenshots and Videos

No images available

Pricing

No information available.
Free Version
Free Trial

Pricing

No information available.
Free Version
Free Trial

Reviews/Ratings

Overall 0.0 / 5
ease 0.0 / 5
features 0.0 / 5
design 0.0 / 5
support 0.0 / 5

This software hasn't been reviewed yet. Be the first to provide a review:

Review this Software

Reviews/Ratings

Overall 0.0 / 5
ease 0.0 / 5
features 0.0 / 5
design 0.0 / 5
support 0.0 / 5

This software hasn't been reviewed yet. Be the first to provide a review:

Review this Software

Training

Documentation
Webinars
Live Online
In Person

Training

Documentation
Webinars
Live Online
In Person

Company Information

CodeSecure
United States
www.grammatech.com/products/source-code-analysis

Company Information

University of Virginia
Founded: 2007
United States
splint.org

Alternatives

Alternatives

david3

david3

Tobit Software
Flawnter

Flawnter

CyberTest
MB&G MobileMap

MB&G MobileMap

Mason Bruce & Girard
SonarQube Server

SonarQube Server

SonarSource
Oscar

Oscar

Oscar McMaster
SonarQube Cloud

SonarQube Cloud

SonarSource
david.net

david.net

2R Software GmbH

Categories

Categories

Integrations

C
C++
AWS GovCloud
Amazon Web Services (AWS)
Android
C#
CodeSentry
Docker
GitHub
GitLab
Go
JavaScript
Jenkins
Jira
Python
Qlik Sense
Rust
Seeker
Visual Studio
Visual Studio Code

Integrations

C
C++
AWS GovCloud
Amazon Web Services (AWS)
Android
C#
CodeSentry
Docker
GitHub
GitLab
Go
JavaScript
Jenkins
Jira
Python
Qlik Sense
Rust
Seeker
Visual Studio
Visual Studio Code
Claim CodeSonar and update features and information
Claim CodeSonar and update features and information
Claim Splint and update features and information
Claim Splint and update features and information