Get the MOST EXTENSIVE coverage for MISRA C compliance! Learn More >>

Support
.NET Static Analysis

.NET Static Code Analysis

Powered by Parasoft dotTEST, the static analysis testing tool for .NET and C#

Request a Demo
Contact Us
Parasoft > Products > Parasoft dotTEST > .NET Static Analysis

C# and .NET Static Analysis With Parasoft dotTEST

Parasoft dotTEST verifies C# and VB.NET code quality and checks compliance with industry and security standards (such as OWASP, CWE, UL 2900 or PCI) by applying the most complete set of static analysis techniques to validate code and ensure defects are prevented at the earliest stage of the software development process.

How Does It Work?

Parasoft dotTEST provides the industry’s most comprehensive set of C# and .NET static analysis checkers that can be used to verify compliance with security standards, identify runtime problems early (i.e. null pointers, memory leaks, etc.), find code duplicates, and understand code complexity/structure to ensure your code is both reliable and maintainable.

Parasoft dotTEST uses multiple code parsing engines to analyze and gain deep understanding of the C# or .NET code in development, and applies over 900 different rules to quickly find critical violations in the code. The rules are prioritized and grouped into predefined configurations, allowing users to quickly understand and prioritize the analysis.

Static code analysis can be performed either in the IDE (Visual Studio) or using the command-line interface for automation and continuous integration scenarios. The results of the analysis can be accessed immediately within the IDE and from generated reports (HTML, PDF, XML) as well as being aggregated for further post-processing, reporting, and analytics from Parasoft’s award-winning Process Intelligence Engine.

As you scale across your team, dotTEST provides advanced capabilities for making C# and .NET static analysis a maintainable element of the development process by suppressing unwanted findings, prioritizing findings, assigning findings to developers, and more.

Request a Demo

Features

Detection of Runtime Problems Without Executing Code

Parasoft dotTEST identifies complex runtime problems early in the development stage, without the need to execute costly runtime tests. By analyzing execution paths through the code, dotTEST finds possible issues such as null pointer derefencing, division by zero, memory leaks, and more.

Parasoft dotTEST provides set of built-in rules for verifying compliance with standards. Such analysis is recommended/required for regulated industries (automotive, medical, financial etc.).

Parasoft dotTEST’s highly customizable code analysis enables organizations and teams to create and implement customized test configurations to only include rules that are relevant to the organization’s specific guidelines and coding standards. Test configurations and static analysis rules can be customized on the developer’s desktop, directly in the IDE, or on a centralized reporting server to help teams enforce the same development strategies across the organization.

Parasoft users can review static analysis results conveniently and effectively, in the IDE and on a centralized reporting server that connects to other testing activities and enables post-processing, dynamic reporting dashboards, and historical data and trends.

Parasoft dotTEST’s set of built-in rules can be further augmented by enabling NetAnalyzers rules in test configurations (more than 250 additional rules). Violations from NetAnalyzers can be reported in the same way as any other built-in rule violation – viewed in the UI and processed in the centralized reporting server.

Benefit From the Parasoft Approach

The Most Complete Security and Compliance Analysis for .NET

Security is the number one concern for today’s .NET applications. Whether the application is powering a medical device or driving an enterprise’s critical business workflows, it is necessary to ensure the code is secure and compliant with industry standards (such as OWASP and CWE). dotTEST provides the most complete security solution for .NET development teams, with both breadth of analysis and the reporting required to demonstrate compliance during audits.

Creating Efficient Team Workflows

Parasoft dotTEST seamlessly plugs into your team’s workflow, with an IDE integration that enables the developer to validate code before committing into source control, as well as command line automation, for validation and confirming compliance as part of the CI process. By centrally coordinating the configuration and communication of analysis in both IDE and CI, dotTEST is able to ensure that your team is on the same page, working as efficiently as possible.

A Complete View of Quality With Aggregation of Quality Practices

Parasoft dotTEST’s static analysis results are aggregated into Parasoft’s centralized reporting and analytics dashboard, with data from across your quality practices, from code analysis, through unit testing and automated functional testing of APIs and web applications, to complete coverage analysis. This not only provides a complete view of quality but enables the advanced analytics of Parasoft’s Process Intelligence Engine (PIE) that helps organizations accelerate with confidence.

Parasoft dotTEST Resources

Webinar Watch Time: 48 minutes
It’s 10 PM. Do You Know if Your Application Is Secure?
Blog Reading Time: 6 minutes
How to Build the Right Culture Within Your SQA Team
Webinar Watch Time: 40 minutes
Why Developer Advocacy Is the Key to Transforming Your DevOps Environment
Blog Reading Time: 7 minutes
Security Risks & Data Exposure: The OWASP Top 10 for 2021
Webinar Watch Time: 49 minutes
Why Static Analysis Isn’t Dead: It’s Our 1st Line of Defense
Blog Reading Time: 5 minutes
All About CWE: Common Weakness Enumeration
View All Resources

Take the Next Step

Learn how Parasoft dotTEST can improve your code quality and compliance.
Let's have a conversation.

Contact Us Today