CodeSonar vs Polyspace Code Prover comparison

Cancel
You must select at least 2 products to compare!
Veracode Logo
45,825 views|26,935 comparisons
GrammaTech Logo
2,746 views|1,927 comparisons
MathWorks Logo
2,053 views|1,489 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between CodeSonar and Polyspace Code Prover based on real PeerSpot user reviews.

Find out what your peers are saying about Sonar, Veracode, Mend and others in Application Security Tools.
To learn more, read our detailed Application Security Tools Report (Updated: November 2022).
653,757 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pricing and Cost Advice
  • "Veracode is expensive. Some of its products are expensive. I don't think it's way more expensive than its competitors. The dynamic is definitely worth it, as I think it's cheaper than the competitors. The static scan is a little bit more expensive, around 20 percent more expensive. The manual pen test is more expensive, but it is an expensive service because it's a manual pen test and we also do retests. I don't think it is way more expensive than the competitors, but it's about 15 to 20 percent more expensive."
  • "We use this product per project rather than per developer... Your development model will really determine what the best fit is for you in terms of licensing, because of the project-based licensing. If you do a few projects, that's more attractive. If you have a large number of developers, that would also make the product a little more attractive."
  • "The pricing is really fair compared to a lot of other tools on the market."
  • "It is very reasonably priced compared to what we were paying our previous vendor. For the same price, we are getting much more value and reducing our AppSec costs from 40 to 50 percent."
  • "Veracode is one of the more expensive solutions in the market, but it is worth the expense because of the eLearning and the security consultations; everything is included in the license."
  • "Licensing cost is on a yearly basis and there are no additional costs, the pricing is straightforward."
  • "From a cost perspective, it seems okay, although we will probably evaluate alternatives next time it's up for renewal because for us, it's a relatively high cost, and we want to make sure that we are using our resources most appropriately."
  • "The pricing is a little on the high side but since we combine our product into one suite, it is easy to do and works well for us."
  • More Veracode Pricing and Cost Advice →

  • "The solution's price depends on the number of licenses needed and the source code for the project."
  • More CodeSonar Pricing and Cost Advice →

    Information Not Available
    report
    Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
    653,757 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis… more »
    Top Answer:The findings of their security analysis are wonderful. You can easily go through all the analyses done by Veracode. You… more »
    Top Answer:The UI could be better. Also, there are some scenarios where there is no security flaw, but the report indicates that… more »
    Top Answer:What I like best about CodeSonar is that it has fantastic speed, analysis and configuration times. Its detection of all… more »
    Top Answer:I don't have knowledge on the licensing costs for CodeSonar because that part is handled by the sales team. I'm in the… more »
    Top Answer:In terms of areas for improvement, the use case for CodeSonar was good, but compared to other tools, it seems CodeSonar… more »
    Ask a question

    Earn 20 points

    Comparisons
    Learn More
    MathWorks
    Video Not Available
    Overview

    Veracode covers all your Application Security needs in one solution through a combination of five analysis types; static analysis, dynamic analysis, software composition analysis, interactive application security testing, and penetration testing. Unlike on-premise solutions that are hard to scale and focused on finding rather than fixing, Veracode comprises a unique combination of SaaS technology and on-demand expertise that enables DevSecOps through integration with your pipeline, and empowers developers to find and fix security defects.

    GrammaTech enables organizations to develop software applications more efficiently, on-budget, and on-schedule by helping to eliminate harmful defects that can cause system failures, enable data breaches, and ultimately increase corporate liabilities in today’s connected world. GrammaTech is the developer of CodeSonar, the most powerful source and binary code analysis solution available today. Extraordinarily precise, CodeSonar finds, on average, 2 times more serious defects in software than other static analysis solutions. Designed for organizations with zero tolerance for defects and vulnerabilities in their applications, CodeSonar provides static analysis for applications where reliability and security are paramount - widely used by software developers in avionics, medical, automotive, industrial control, and other mission-critical applications. Some of GrammaTech's customers include Toyota, GE, Hyundai, Kawasaki, LG, Lockheed Martin, NASA, Northrop Grumman, Panasonic, and Samsung.

    Polyspace Code Prover is a sound static analysis tool that proves the absence of overflow, divide-by-zero, out-of-bounds array access, and certain other run-time errors in C and C++ source code. It produces results without requiring program execution, code instrumentation, or test cases. Polyspace Code Prover uses semantic analysis and abstract interpretation based on formal methods to verify software interprocedural, control, and data flow behavior. You can use it on handwritten code, generated code, or a combination of the two. Each operation is color-coded to indicate whether it is free of run-time errors, proven to fail, unreachable, or unproven.

    Offer
    Keep your software secure

    Application security starts with secure code. Find out more about the benefits of using Veracode to keep your software secure throughout the development lifecycle.

    Learn more about CodeSonar
    Learn more about Polyspace Code Prover
    Sample Customers
    State of Missouri, Rekner
    Viveris, Micrel Medical Devices, Olympus, SOFTEQ, SONY
    Alenia Aermacchi, CSEE Transport, Delphi Diesel Systems, EADS, Institute for Radiological Protection and Nuclear Safety, Korean Air, KOSTAL, Miracor, NASA Ames Research Center
    Top Industries
    REVIEWERS
    Financial Services Firm31%
    Insurance Company11%
    Computer Software Company11%
    Healthcare Company7%
    VISITORS READING REVIEWS
    Computer Software Company21%
    Financial Services Firm15%
    Comms Service Provider10%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Manufacturing Company15%
    Government11%
    Comms Service Provider11%
    VISITORS READING REVIEWS
    Manufacturing Company20%
    Computer Software Company20%
    Transportation Company8%
    Comms Service Provider8%
    Company Size
    REVIEWERS
    Small Business24%
    Midsize Enterprise27%
    Large Enterprise49%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise13%
    Large Enterprise71%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise13%
    Large Enterprise67%
    VISITORS READING REVIEWS
    Small Business15%
    Midsize Enterprise10%
    Large Enterprise75%
    Buyer's Guide
    Application Security Tools
    November 2022
    Find out what your peers are saying about Sonar, Veracode, Mend and others in Application Security Tools. Updated: November 2022.
    653,757 professionals have used our research since 2012.

    CodeSonar is ranked 13th in Application Security Tools with 4 reviews while Polyspace Code Prover is ranked 25th in Application Security Tools. CodeSonar is rated 8.6, while Polyspace Code Prover is rated 0.0. The top reviewer of CodeSonar writes "Nice interface, quick to deploy, and easy to expand". On the other hand, CodeSonar is most compared with SonarQube, Coverity, Fortify Static Code Analyzer, Klocwork and Qualys Web Application Scanning, whereas Polyspace Code Prover is most compared with SonarQube, Coverity, Klocwork, Checkmarx and Mend.

    See our list of best Application Security Tools vendors.

    We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.