News

Compuware launches two new software quality products

• By Linda L. Briggs
• January 26, 2005

Compuware Corp. has launched two new products as part of its DevPartner product line--Fault Simulator and SecurityChecker.

DevPartner Fault Simulator is a development and quality assurance tool that can test and debug error-handling code in both native and .NET managed code. According to the company, the software safely injects simulated faults into the application code without disrupting the operation or debugging environment. The simulator "tricks" the target application into believing a fault is present so that the reaction can be monitored.

DevPartner SecurityChecker 1.0 is a security analysis tool for finding and fixing security vulnerabilities in ASP.NET applications. The product offers three modes of analysis, including compile-time, run-time, and integrity analysis.

SecurityChecker automatically locates security vulnerabilities, then categorizes them by severity. The product provides a description, contextual information and a suggested repair for each vulnerability. Developers can drill down on each problem description, which is hyperlinked to the actual method or line of source code, and make the repair.

According to Tom Zwonarz, a technical architect with security consultancy Telindus Group NV in Belgium, the product is “very easy to use, with a user interface that integrates nicely within Microsoft Visual Studio .NET.”

Zwonarz, who was a beta-tester and plans to install the released product in a production environment, installed the software on top of Microsoft Visual Studio.NET 2003 (VS.NET 2005 is not yet supported). Although he’s familiar with safe coding practices, Zwonarz said, "the tool comes up with a lot of warnings that I wasn't even aware of... When I [ran it] on a new empty .NET project, I was amazed to see a long list of things that are by default opened by Microsoft."

"In my opinion," Zwonarz said, "this tool can replace sending a development team to a five-day training course about code access security."

Fault Simulator costs $6,000 per concurrent user; SecurityChecker costs $12,000 per concurrent user. Volume discounts are available for both products.

A 14-day evaluation copy of SecurityChecker is available by visiting Compuware’s Web site. (Mike Gunderloy recently reviewed SecurityChecker in ADTmag.com’s Developer Central blog: http://www.adtmag.com/blogs/devcentral/blog.asp?id=10450<>)