CERT C:2016
Full support of CERT C:2016, a secure coding standard developed by the SEI to eliminate vulnerabilities and undefined behaviors in C code.
Individual |
Project |
Enterprise |
|
|---|---|---|---|
|
Deployment Restrictions
|
|||
| Works in virtualized environments (such as VMS, Docker) and is not locked to a specific machine. | - |
.png?width=23&height=23&name=Untitled%20design%20(5).png){kind=small}
|
|
| Can be integrated into CI/CD environments. | - |
|
|
| Compatible with development environments that are disconnected from the internet (i.e Air-gapped) | - | - |
|
|
Tool Capabilities
|
|||
| Advanced Code Analysis – Can analyze C/C++ code even with non-standard syntax, commonly found in embedded projects. |
|
|
|
| Cross-Platform Compatibility – Available for Windows, Linux, Mac, BSD, and various other OS environments. |
|
|
|
| IDE Integration – Supports Visual Studio, VScode, Eclipse, CLion, Qt Creator, C++ Builder, and many other C/C++ IDEs. |
|
|
|
| C++ Standards Support – Fully supports C++11, C++14, C++17, and partially supports C++20. |
|
|
|
| Comprehensive Code Checkers – Includes an expanding set of checkers for undefined behavior and other hazardous coding patterns. |
|
|
|
| Bug-Hunting Mode – "Soundy" analysis mode helps identify hard-to-find bugs discovered during testing. |
|
|
|
|
Support & Documentation
|
|||
| Access to support |
Standard
|
Prioritized
|
Prioritized
|
| Access to our enterprise support portal | - | - |
|
| Online onboarding | None | Onboarding Only | Onboarding + Configuration Support |
|
Standards & Compliance
|
|||
| Support for safety standards such as MISRA C 2023, MISRA C++ 2008, MISRA C++ 2023, AUTOSAR C++ 2014 | - |
|
|
| Support of security standards such as CWE Top 25, CERT C 2016 and CERT C++ 2016 | - |
|
|
| Compliance Reports – Available for all supported safety and security standards. | - |
|
|
| TÜV SÜD Certification – Independently certified for safety and security. Covers IEC 61508, ISO 26262, and EN 50128, making it applicable to other standards like IEC 62304 (contact us for details). | - | *available on request at additional cost | *available on request at additional cost |
Individual |
Project |
Enterprise |
|
|---|---|---|---|
|
Deployment Restrictions
|
|||
| Works in virtualized environments (such as VMS, Docker) and is not locked to a specific machine. | - |
|
|
| Can be integrated into CI/CD environments. | - |
|
|
| Compatible with development environments that are disconnected from the internet (i.e Air-gapped) | - | - |
|
|
Tool Capabilities
|
|||
| Advanced Code Analysis – Can analyze C/C++ code even with non-standard syntax, commonly found in embedded projects. |
|
|
|
| Cross-Platform Compatibility – Available for Windows, Linux, Mac, BSD, and various other OS environments. |
|
|
|
| IDE Integration – Supports Visual Studio, VScode, Eclipse, CLion, Qt Creator, C++ Builder, and many other C/C++ IDEs. |
|
|
|
| C++ Standards Support – Fully supports C++11, C++14, C++17, and partially supports C++20. |
|
|
|
| Comprehensive Code Checkers – Includes an expanding set of checkers for undefined behavior and other hazardous coding patterns. |
|
|
|
| Bug-Hunting Mode – "Soundy" analysis mode helps identify hard-to-find bugs discovered during testing. |
|
|
|
|
Support & Documentation
|
|||
| Access to support |
Standard
|
Prioritized
|
Prioritized
|
| Access to our enterprise support portal | - | - |
|
| Online onboarding | None | Onboarding Only | Onboarding + Configuration Support |
|
Standards & Compliance
|
|||
| Support for safety standards such as MISRA C 2023, MISRA C++ 2008, MISRA C++ 2023, AUTOSAR C++ 2014 | - |
|
|
| Support of security standards such as CWE Top 25, CERT C 2016 and CERT C++ 2016 | - |
|
|
| Compliance Reports – Available for all supported safety and security standards. | - |
|
|
| TÜV SÜD Certification – Independently certified for safety and security. Covers IEC 61508, ISO 26262, and EN 50128, making it applicable to other standards like IEC 62304 (contact us for details). | - | *available on request at additional cost | *available on request at additional cost |
CERT C++:2016
Full support of CERT C++:2016, a set of secure coding standards developed by the SEI to eliminate undefined behaviors and common vulnerabilities in C++ code.
CWE Top 25
The CWE Top 25 is a list of the most dangerous and widespread software weaknesses, maintained by MITRE and widely used as a benchmark for software security. Cppcheck maps its findings to CWE identifiers, helping our customers understand and prioritize the vulnerabilities in their code against this industry-recognized standard
ISO/IEC TS 17961
ISO/IEC TS 17961 is an international standard defining rules for secure coding in C, aimed at eliminating dangerous constructs that lead to vulnerabilities and undefined behavior. Cppcheck's support for this standard gives our customers a internationally recognized framework for writing safer C code.
ISO 27001:2022 compliance
ISO/IEC 27001 is the internationally recognized standard for information security management, and Cppcheck's compliance demonstrates our commitment to protecting customer data and maintaining rigorous security practices throughout our operations.