Klocwork Unveils Static Analysis Debug Tool

Klocwork last week announced the debut of a new static analysis tool that aims to ensure quality and security in the code development process, both at the level of the desktop and organization wide.

The new Klocwork Insight product is a "second generation" static analysis tool, according to Gwyn Fisher, Klocwork's CTO. It goes beyond just the mechanics of tracking missing semicolons and brackets.

As second-generation technology, Insight represents a step forward in terms of the kinds of bugs that can be found, Fisher explained.

"Instead of worrying about code structure and coding practice, now it's worrying about where we are leaking memory, where are we going to be vulnerable, where are going to use memory that's already been freed," he said.

Those kinds of problems typically are found during the traditional compiler-link build phase, Fisher said, although static analysis happens without actually compiling code.

"It's very analogous to compiling," he said. "We call it compiling, as do many of our competitors."

Another feature of Insight is that it is designed to meet the needs of a software development lifecycle.

"The real key invention here--and this is patent pending for the Insight release--is the ability to take the analysis that is performed centrally (i.e., modeling the entire software project, the entire system) and projecting down to each individual developer sufficient knowledge from that central model," Fisher said.

As a consequence, developers responsible for a small component of the project can still understand what is going on as they "step up outside of that small component by a function call or dereferencing a function point or whatever they happen to be doing," Fisher explained.

Development managers can use Insight to understand how individual developers, groups of developers and organizations of developers are doing. Insight has a reporting, trending, and metrics management environment exposed through an AJAX-enabled Web portal, which gives managers a graphical view of the project's code-based health, Fisher said.

The product also enables collaboration on bugs, providing a "continuous feedback loop for educational purposes," he added, and facilitating role-based security and policy-based control.

Insight also lets developers build their own checkers using a declarative language that's heavily influenced by XPath. "You can state what kinds of behavior you are looking for in a very simple query-oriented manner," Fisher said.

Klocwork Insight is priced by developer, starting at $25,000, which includes one server and five developer seats; additional developer seats beyond that cost $2,750, according to Brendan Harrison, Klocwork's director of marketing. The product is currently available in two versions, one for C/C++ and one for Java.

Harrison said that Klocwork was founded in 2001 and currently has more than 250 professional developer customers, spanning various industries, including telecom, aerospace, finance and insurance, among others.

"That number grew by 100 over the last 12 months, so we're definitely on a good trajectory in terms of growth rate," Harrison added.

Further information on Klocwork Insight is available here.

About the Author

Kurt Mackie is online news editor, Enterprise Group, at 1105 Media Inc.

Featured

  • three main icons—a cloud, a user profile, and a padlock—connected by circuit lines on a blue abstract background

    Report: Identity Has Become a Critical Security Perimeter for Cloud Services

    A new threat landscape report points to new cloud vulnerabilities. According to the 2025 Global Threat Landscape Report from Fortinet, while misconfigured cloud storage buckets were once a prime vector for cybersecurity exploits, other cloud missteps are gaining focus.

  • two large brackets facing each other with various arrows, circles, and rectangles flowing between them

    1EdTech Partners with DXtera to Support Ed Tech Interoperability

    1EdTech Consortium and DXtera Institute have announced a partnership aimed at improving access to learning data in postsecondary and higher education.

  • The AI Show

    Register for Free to Attend the World's Greatest Show for All Things AI in EDU

    The AI Show @ ASU+GSV, held April 5–7, 2025, at the San Diego Convention Center, is a free event designed to help educators, students, and parents navigate AI's role in education. Featuring hands-on workshops, AI-powered networking, live demos from 125+ EdTech exhibitors, and keynote speakers like Colin Kaepernick and Stevie Van Zandt, the event offers practical insights into AI-driven teaching, learning, and career opportunities. Attendees will gain actionable strategies to integrate AI into classrooms while exploring innovations that promote equity, accessibility, and student success.

  • illustration of a football stadium with helmet on the left and laptop with ed tech icons on the right

    The 2025 NFL Draft and Ed Tech Selection: A Strategic Parallel

    In the fast-evolving landscape of collegiate football, the NFL, and higher education, one might not immediately draw connections between the 2025 NFL Draft and the selection of proper educational technology for a college campus. However, upon closer examination, both processes share striking similarities: a rigorous assessment of needs, long-term strategic impact, talent or tool evaluation, financial considerations, and adaptability to a dynamic future.