(btw the dip above is caused by a publish to coveralls that I did by mistake (only a subset of the tests where running at the time))
I really think that a high level of CC (Code Coverage) is fundamental piece of the puzzle when developing secure applications.
And although a high level of code coverage DOES NOT mean that an app is secure, I'm more and more convinced that low coverage means that the app is highly insecure (i.e. with high code coverage there is at least the possibility that the app is secure (and it can be properly tested for security issues))
Here is some thoughts about this I have been posting on Twitter over the past month: