PVS-Studio

What is PVS-Studio?

PVS-Studio is a SAST solution that helps enhance code quality, security, and safety. The analyzer detects bugs and potential vulnerabilities in C, C++, C#, and Java code on Windows, Linux, and macOS.

Features

• Supports various analysis types (intermodular, incremental, data flow analysis, taint analysis);

• Can be used offline;
• Provides cross-platform integration;
  
• Offers ways to handle false positives;
  
• Helps small and large teams maintain code quality.

Pros

• Quick and high-quality support from the analyzer developers;
• 900+ diagnostic rules with detailed descriptions and examples;
  
• Compliance with safety and security standards: OWASP TOP 10, MISRA C, C++, AUTOSAR, CWE;
• Detailed reports and reminders for developers and managers (Blame Notifier);
• User-friendly ways to handle legacy code, including mass suppression of analyzer’s warnings;
• Support of the Open Source Community, analysis of open-source projects;
  
• Integration with SonarQube.
  

Pricing

• In the commercial version, prices are set on request and can be changed depending on the required set of features;
• Free trial is available;
• PVS-Studio may offer a free licensing option to students, MVPs, public experts in security, and contributors to open-source projects.