Klocwork Java Static Code Analyzer
September 9, 2020

Klocwork 2020.3 Introduces Greatly Enhanced C# and Java Analysis Engines

Static Analysis
Security & Compliance

By

The latest version of Klocwork features a number of significant improvements that greatly enhance the SAST tool’s performance and functionality — ensuring that your software is secure, reliable, and compliant. Here is an overview of the most impactful enhancements to Klocwork.

Klocwork 2020.3 — Enhanced C# and Java Analysis Engine

Klocwork 2020.3 features an improved C# and Java analysis engine with broader language support, improved accuracy, and new defect detection. The new release also features the following notable improvements:

  • C# analysis engine provides greater accuracy with a 33%* increase to defect detection and provides the ability to write custom syntactic and interprocedural data-flow rules.
  • Java analysis engine provides 130% greater accuracy with a 2.5%* increase to defect detection and broader framework coverage.
  • New and expanded security coding standard coverage and vulnerability checks for CWE, CERT, and PCI DSS.
  • New DevOps Integrations
    • Klocwork Jenkins Plugin — Setup a security testing pipeline easily.
    • Klocwork CLion IDE Plugin — Shift defect detection to your desktop.
  • Introduction of the Klocwork Community — A framework for our users and professional services team to help shape the future of our coding standard coverage.

 (*Based on internally benchmarked OSS projects.)

Klocwork C# Demo
Klocwork Java Demo

Klocwork 2020.3 — Improved DevSecOps Functionality

The new release includes expanded security standard coverage and enhancements that enable users to identify and fix security vulnerabilities earlier in the software development lifecycle.

In addition, Klocwork makes automated security testing easy with integrations for development and DevOps tools — enabling developers to run an analysis anywhere. This includes support for desktop IDEs, CI/CD pipelines, containers, cloud build systems, and machine provisioning.

A defining feature of Klocwork is that it has been designed to integrate seamlessly with CI/CD pipelines to automate Continuous Compliance — safeguarding software from vulnerabilities with each commit. An integral part of this process is Klocwork’s Differential Analysis, which delivers developers fast results by analyzing only the files that changed — providing them with the shortest analysis times.

Why Choose Klocwork

The improvements introduced in Klocwork 2020.3 have helped solidify Klocwork as the most accurate and precise SAST tool for DevSecOps across all embedded software development industries.

To learn more about all the new enhancements to Klocwork, visit What’s New in Klocwork. And, if you want to see the latest version of Klocwork in action, register for a free trial.

➡️ Klocwork free trial

 

Related Resources

Stuart Foster headshot.

Stuart Foster

Klocwork and Helix QAC Product Manager, Perforce

Stuart Foster has over 17 years of experience in mobile and software development. He has managed product development of consumer apps and enterprise software. Currently, he manages Klocwork and Helix QAC, Perforce’s market-leading code quality management solutions. He believes in developing products, features, and functionality that fit customer business needs and helps developers produce secure, reliable, and defect-free code. Stuart holds a bachelor’s degree in information technology, interactive multimedia and design from Carleton University, and an advanced diploma in multimedia design from the Algonquin College of Applied Arts and Technology.