We performed a comparison between CAST Highlight and Coverity based on real PeerSpot user reviews.
Find out in this report how the two Software Composition Analysis (SCA) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable features of CAST Highlight are automation and speed."
"The most valuable features of the CAST Highlight are the interface and there are three notations that are very simple to understand and communicate with."
"CAST Highlight is easy to use and has a good dashboard."
"It offers good performance."
"The way it tells you which codebase is more ready for the cloud and which codebase is less ready is very valuable. It works seamlessly with most languages."
"It has the lowest false positives."
"The ability to scan code gives us details of existing and potential vulnerabilities. What really matters for us is to ensure that we are able to catch vulnerabilities ahead of time."
"Provides software security, and helps to find potential security bugs or defects."
"The most valuable feature of Coverity is its software security feature called the Checker. If you share some vulnerability or weakness then the software can find any potential security bug or defect. The code integration tool enables some secure coding standards and implements some Checkers for Live Duo. So we can enable secure coding and Azure in this tool. So in our software, we can make sure our software combines some industry supervised data."
"The solution has helped to increase staff productivity and improved our work significantly by approximately 20 percent."
"Coverity is scalable."
"The product has been beneficial in logging functionality, allowing me to categorize vulnerabilities based on severity. This aids in providing updated reports on subsequent scans."
"I encountered a bug with Coverity, and I opened a ticket. Support provided me with a workaround. So it's working at the moment, or at least it seems to be."
"There's a bit of a learning curve at the outset."
"The ease of configuration and customization could be improved in CAST Highlight."
"The reports that describe the issues of concern are rather abstract and the issues should be more clearly described to the user."
"Its price should be better. It is a pretty costly tool. They have two products: CAST Highlight and CAST AIP. I would expect CAST Highlight to have the Help dashboard and the Engineering dashboard. These dashboards are currently a part of CAST AIP, and if these are made available in CAST Highlight, customers won't have to use two different products all the time."
"CAST Highlight could improve to allow us to comment and do a deep analysis by ourselves."
"The quality of the code needs improvement."
"SCM integration is very poor in Coverity."
"We use GitHub and Gitflow, and Coverity does not fit with Gitflow. I have to create a screen for our branches, and it's a pain for developers. It has been difficult to integrate Coverity with our system."
"Coverity takes a lot of time to dereference null pointers."
"The solution's user interface and quality gate could be improved."
"Its price can be improved. Price is always an issue with Synopsys."
"They could improve the usability. For example, how you set things up, even though it's straightforward, it could be still be easier."
"We actually specified several checkers, but we found some checkers had a higher false positive rate. I think this is a problem. Because we have to waste some time is really the issue because the issue is not an issue. I mean, the tool pauses or an issue, but the same issue is the filter now.Some check checkers cannot find some issues, but sometimes they find issues that are not relevant, right, that are not really issues. Some customisation mechanism can be added in the next release so that we can define our Checker. The Modelling feature provided by Coverity helps in finding more information for potential issues but it is not mature enough, it should be mature. The fast testing feature for security testing campaign can be added as well. So if you correctly integrate it with the training team, maybe you can help us to find more potential issues."
CAST Highlight is ranked 10th in Software Composition Analysis (SCA) with 5 reviews while Coverity is ranked 4th in Application Security Testing (AST) with 33 reviews. CAST Highlight is rated 7.8, while Coverity is rated 7.8. The top reviewer of CAST Highlight writes "Easy to set up with optimized and automated insights". On the other hand, the top reviewer of Coverity writes "Best SAST tool to check software quality issues". CAST Highlight is most compared with SonarQube, Checkmarx One, Snyk, Veracode and Tenable.io Web Application Scanning, whereas Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode. See our CAST Highlight vs. Coverity report.
We monitor all Software Composition Analysis (SCA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
