This article can also be found in the Premium Editorial Download "Information Security magazine: Five crucial virtualization do's and don'ts."
Download it now to read this article plus other related content.
Price: Starts at $25,875 (five user licenses, one build server license)
Klocwork Insight is a source code analysis product that helps automate security vulnerability and quality risk analysis, remediation and measurement. It employs more than 200 different techniques for identifying software flaws for C, C++ and Java.
This kind of tool is increasingly important, as very few people are capable of analyzing and, most importantly, fixing software security flaws.
The installation is difficult for a user of any type, requiring several different modules and server components to be installed or loaded prior to use. Plan to spend time on training. The upside to the initial learning curve is scalability and flexibility for large, hybrid or segregated development environments.
Licensing can be centrally managed across multiple teams and updated in seconds via a quick change of the license file. MySQL is utilized as the backend database and can be configured at will, making it easy to schedule backups, modify the default schema, or integrate Insight into other products such as Microsoft SharePoint or BMC Remedy Service Desk. All aspects of the Web interface and server are configurable, as it runs atop Apache Tomcat.
Klocwork supports most development environments and can be installed on a range of *nix and Windows OSes.
This was first published in June 2008