We performed a comparison between Checkmarx One and Coverity based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's not an obstacle for developers. They can easily write their code and make it more secure with Checkmarx."
"It is a stable product."
"We use the solution for dynamic application testing."
"The value you can get out of the speedy production may be worth the price tag."
"It has all the features we need."
"The UI is very intuitive and simple to use."
"The user interface is excellent. It's very user friendly."
"The report function is the solution's greatest asset."
"It's pretty stable. I rate the stability of Coverity nine out of ten."
"The most valuable feature of Coverity is its software security feature called the Checker. If you share some vulnerability or weakness then the software can find any potential security bug or defect. The code integration tool enables some secure coding standards and implements some Checkers for Live Duo. So we can enable secure coding and Azure in this tool. So in our software, we can make sure our software combines some industry supervised data."
"It's very stable."
"The features I find most valuable is that our entire company can publish the analysis results into our central space."
"We were very comfortable with the initial setup."
"The product has been beneficial in logging functionality, allowing me to categorize vulnerabilities based on severity. This aids in providing updated reports on subsequent scans."
"It is a scalable solution."
"It has the lowest false positives."
"Micro-services need to be included in the next release."
"The interactive application security testing, or IAST, the interactive part where you're looking at an application that lives in a runtime environment on a server or virtual machine, needs improvement."
"One area for improvement in Checkmarx is pricing, as it's more expensive than other products."
"Checkmarx could be improved with more integration with third-party software."
"The resolutions should also be provided. For example, if the user faces any problem regarding an installation due to the internal security policies of their company, there should be a resolution offered."
"I really would like to integrate it as a service along with the SAP HANA Cloud Platform. It will then be easy to use it directly as a service."
"We have received some feedback from our customers who are receiving a large number of false positives."
"As the solution becomes more complex and feature rich, it takes more time to debug and resolve problems. Feature-wise, we have no complaints, but Checkmarx becomes harder to maintain as the product becomes more complex. When I talk to support, it takes them longer to fix the problem than it used to."
"It should be easier to specify your own validation routines and sanitation routines."
"We'd like it to be faster."
"Sometimes it's a bit hard to figure out how to use the product’s UI."
"The quality of the code needs improvement."
"Its price can be improved. Price is always an issue with Synopsys."
"The level of vulnerability that this solution covers could be improved compared to other open source tools."
"Reporting engine needs to be more robust."
"It would be great if we could customize the rules to focus on critical issues."
Checkmarx One is ranked 3rd in Application Security Testing (AST) with 67 reviews while Coverity is ranked 4th in Application Security Testing (AST) with 33 reviews. Checkmarx One is rated 7.6, while Coverity is rated 7.8. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Coverity writes "Best SAST tool to check software quality issues". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Mend.io, whereas Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Veracode and Polyspace Code Prover. See our Checkmarx One vs. Coverity report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.