Parasoft dotTEST

Parasoft® dotTEST™ is an integrated Development Testing solution for automating a broad range of testing best practices proven to improve development team productivity and software quality. dotTEST also seamlessly integrates with Parasoft SOAtest, which enables end-to-end functional and load testing for complex distributed applications and transactions.


Static Analysis

  • Broad support for languages and standards: Security | C/C++ | Java | .NET | FDA | Safety-critical
  • Static analysis tool industry leader since 1994
  • Simple out-of-the-box integration into your SDLC
  • Prevent and expose defects via multiple analysis techniques
  • Find and fix issues rapidly, with minimal disruption
  • Integrated with Parasoft's suite of development testing capabilities, including unit testing, code coverage analysis, and code review

Code Coverage Analysis

  • Track coverage during unit test execution and the data merge with coverage captured during functional and manual testing in Parasoft Development Testing Platform to measure true test coverage.
  • Integrate with coverage data with static analysis violations, unit testing results, and other testing practices in Parasoft Development Testing Platform for a complete view of the risk associated with your application
  • Achieve test traceability to understand the impact of change, focus testing activities based on risk, and meet compliance objectives.
Parasoft Unit Testing Results Dashboard

Unit Testing

  • Unit testing industry leader since 1997
  • Rapidly build a high-coverage test suite
  • Easily extend and customize generated tests
  • Expose functional problems and crash-causing defects
  • Remove barriers to creating/maintaining robust test suites
  • Integrated with static analysis, code review — more
Traceability for standards compliance


Bidirectional requirements traceability with Parasoft

  • Take control of requirements definition, management and testing
  • Link requirements with code, code changes, code analysis, manual and automated tests
  • Prevent unexpected changes and regression
  • Satisfy industry standard requirements, such as FDA, DO-178C and ISO 26262.

Supported environments

Coding Standards

MS Secure Coding Standards

Automate the application of Microsoft's Secure Coding Guidelines, which compliment the software security constructs that are a part of the .NET Framework.

PCI DSS Compliance

Parasoft's unique automated infrastructure unobtrusively drives the development process to help you achieve Payment Card Industry Data Security Standards (PCI DSS) compliance.

DISA STIG Compliance

Ensure that your development processes and resulting code meet the Defense Information System Agency's (DISA) Security Technical Information Guides (STIG), which defines how applications should be developed to meet the U.S. governments cybersecurity standards.

CWE Compliance

Parasoft supports the Common Weakness Enumeration (CWE) guidelines with dedicated code analysis configurations that map to best practices outlined in the standard.

OWASP Compliance

Automate the implementation and monitoring of coding best practices outlined in the Open Web Application Security Project (OWASP) guidelines.

Coding Standards Compliance with Parasoft

Parasoft’s code analysis monitors whether code meets uniform expectations around security, reliability, performance, and maintainability. We provide a foundation for producing solid code by exposing structural errors and preventing entire classes of errors. An automated framework is provided to ensure consistency across development languages, development teams, and third-party partners. Parasoft uses a blended approach to implementing coding standards that includes:
  • prevention patterns
  • bug detection patterns
  • code metrics patterns
  • runtime error detection

Reduce Noise with Process Intelligence

Parasoft merges analysis results with data generated throughout the development lifecycle to deliver meaningful, actionable information. This enables you to eliminate false positives, pinpoint business risk in the code, and incrementally improve processes that result in more faster delivery without affecting quality.

Types of Defects Detected

  • API usage errors
  • Best practice coding errors
  • Build system issues
  • Buffer overflows
  • Class hierarchy inconsistencies
  • Code maintainability issues
  • Concurrent data access violations
  • Control flow issues
  • Cross-site scripting (XSS)
  • Cross-site request forgery (CSRF)
  • Deadlocks
  • Error handling issues
  • Hard-coded credentials
  • Incorrect expression
  • Insecure data handling
  • Integer handling issues
  • Integer overflows
  • Memory – corruptions
  • Memory – illegal accesses
  • Null pointer dereferences
  • Path manipulation
  • Performance inefficiencies
  • Program hangs
  • Race conditions
  • Resource leaks
  • Rule violations
  • Security best practices violations
  • Security misconfigurations
  • SQL Injection
  • Uninitialized members

Custom Messages

Increase Productivity and Software Quality

Prevent, expose, and correct errors to ensure that .NET code (including C#, VB.NET, ASP.NET and Managed C++ ) works as expected. To promote rapid remediation, detected errors are prioritized based on your policy, automatically assigned to the developer who wrote the related code, and distributed to his or her IDE with direct links to the code and a description of how to fix it. Deep seamless integrates with open source platforms, bug tracking systems, requirements management systems, custom iterations and other infrastructure components.
Increase Productivity and Software Quality

Automate Code Analysis for Compliance

Define rule sets using your own custom rules, as well 400+ built-in rules that cover Microsoft’s .NET Framework Design Guidelines, CLS Compliance, Object Oriented Metrics, Security, and more. dotTEST also checks for many code issues that cannot be identified by IL-level analysis (e.g., formatting issues, empty blocks, misuse of operators, etc.). Custom IL-level and C# rules can also enforce specific project, compliance, and organizational requirements and prevent the recurrence of application-specific defects after a single instance has been found.
Automate Code Analysis for Compliance

Identify Runtime Bugs without Executing Software

Parasoft’s data flow analysis detects runtime errors without requiring the software to actually be executed. This enables early and effortless detection of critical runtime errors that might otherwise take weeks to find. Defects detected include NullReferenceExceptions, ArgumentNullExceptions, resource leaks, division by zero, dereferencing before checking for null, SQL injections, XSS, and other security vulnerabilities.

Unit, Integration, and Regression Testing

Automatically execute tests and validate the functional behavior of the code. Test cases can check function responses to unexpected inputs, exposing potential reliability problems. A multi-metric coverage analyzer helps users gauge the efficacy and completeness of tests, as well as demonstrate compliance with test and validation requirements. Parasoft also facilitates the development of a robust regression test suite that detects if incremental code changes break existing functionality.


Trane Static Analysis & Unit Testing Case Study

Trane decided to migrate their legacy systems to C++ and .NET to enable more rapid and agile responses to business demands. Discover how Parasoft reduced the learning curve, helped them ensure code met uniform expectations around reliability, performance, and maintainability, and helped them achieve nearly 100% coverage on unit tests.
Download »

Wipro Development Testing Case Study

To remain competitive, Wipro needed a more efficient and cost-effective way to maintain the exceptional quality standards that they pride themselves on. Find out how an automated testing infrastructure helped them achieve their quality objectives while reducing testing time and effort by 25%.
Download »

Static Analysis Maturity Model

Discover how to set realistic expectations for adopting Static Analysis. This maturity model details the five levels of adoption to help make informed decisions about the right static analysis strategy for your organization.
Download »

Unit Testing Best Practices

Explains how unit testing can help your team rapidly modify code with confidence—and how to get started as painlessly as possible.
Download »

BUSTED! How to Find Security Bugs Fast!

In this on-demand webinar, we’ll discuss how busting software bugs does more than ensure the reliability and performance of your software—it helps ensure application security.
Watch »

How to Avoid Security Vulnerabilities with Static Analysis

This Power Hour Webinar explores how to implement static analysis as a mechanism for preventing defects. You’ll learn how to leverage security standards (OWASP, PCI DSS, & CWE) and evolve development policies from static analysis findings.
Watch »