We performed a comparison between Coverity and Digital.ai Application Security based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Testing (AST)."I like Coverity's capability to scan codes once we push it. We don't need more time to review our colleagues' codes. Its UI is pretty straightforward."
"The app analysis is the most valuable feature as I know other solutions don't have that."
"The most valuable feature of Coverity is its software security feature called the Checker. If you share some vulnerability or weakness then the software can find any potential security bug or defect. The code integration tool enables some secure coding standards and implements some Checkers for Live Duo. So we can enable secure coding and Azure in this tool. So in our software, we can make sure our software combines some industry supervised data."
"It's very stable."
"It has the lowest false positives."
"Coverity is quite stable and we haven’t had any issues or any downtime."
"It is a scalable solution."
"The most valuable feature is that there were not a whole lot of false positives, at least on the codebases that I looked at."
"I used the tool to prepare for the interview as a Business Developer. It helped me improve my understanding on software security."
"I would like to see integration with popular IDEs, such as Eclipse."
"They could improve the usability. For example, how you set things up, even though it's straightforward, it could be still be easier."
"Right now, the Coverity executable is around 1.2GB to download. If they can reduce it to approximately 600 or 700MB, that would be great. If they decrease the executable, it will be much easier to work in an environment like Docker."
"SCM integration is very poor in Coverity."
"We actually specified several checkers, but we found some checkers had a higher false positive rate. I think this is a problem. Because we have to waste some time is really the issue because the issue is not an issue. I mean, the tool pauses or an issue, but the same issue is the filter now.Some check checkers cannot find some issues, but sometimes they find issues that are not relevant, right, that are not really issues. Some customisation mechanism can be added in the next release so that we can define our Checker. The Modelling feature provided by Coverity helps in finding more information for potential issues but it is not mature enough, it should be mature. The fast testing feature for security testing campaign can be added as well. So if you correctly integrate it with the training team, maybe you can help us to find more potential issues."
"The setup takes very long."
"The solution is a bit complex to use in comparison to other products that have many plugins."
"Coverity is far from perfection, and I'm not 100 percent sure it's helping me find what I need to find in my role. We need exactly what we are looking for, i.e. security errors and vulnerabilities. It doesn't seem to be reporting while we are changing our code."
"I would like the tool to integrate AI and automation that is dedicated to detecting software vulnerabilities."
Coverity is ranked 4th in Application Security Testing (AST) with 33 reviews while Digital.ai Application Security is ranked 36th in Application Security Tools with 1 review. Coverity is rated 7.8, while Digital.ai Application Security is rated 6.0. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of Digital.ai Application Security writes "Helps to improve knowledge on software security ". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas Digital.ai Application Security is most compared with SonarQube, PortSwigger Burp Suite Professional and Fortify Application Defender.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.