Coverity vs Fortify Software Security Center comparison

Black Duck and OpenText are both solutions in the Static Application Security Testing (SAST) category. Black Duck is ranked #4 with an average rating of 8.0, while OpenText is ranked #26 with an average rating of 8.3. Black Duck holds a 7.5% mindshare in SAST, compared to OpenText’s 0.4% mindshare. Additionally, 88% of Black Duck users are willing to recommend the solution, compared to 100% of OpenText users who would recommend it.

Coverity

Read 42 Coverity reviews

11,969 Views
8,281 Comparison Views

88% willing to recommend

Fortify Software Security C...

Read 6 Fortify Software Security Center reviews

437 Views
319 Comparison Views

100% willing to recommend

Coverity

Fortify Software Security C...

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 8, 2024

Fortify Software Security Center and Coverity are leading competitors in the software security solutions category. Fortify appears to have an edge in data comparisons, primarily due to pricing and support, while Coverity stands out with comprehensive features, offering significant value despite its higher cost.

Features: Fortify Software Security Center is noted for its comprehensive integration with development tools, strong vulnerability detection capabilities, and broad tool integration. Coverity is valued for its precise static analysis, ease of integration in multiple environments, and superior static analysis precision.

Room for Improvement: Fortify Software Security Center users pinpoint excessive false positives as a critical improvement area, along with a need for better detection accuracy and updates. Users of Coverity seek enhanced scalability, faster analysis times, and improved process efficiency.

Ease of Deployment and Customer Service: Fortify Software Security Center is easy to deploy, with supportive customer service guiding users through processes. Coverity has streamlined deployment and responsive service, though complex configurations can be challenging for some users.

Pricing and ROI: Fortify Software Security Center is perceived as cost-effective, offering a solid ROI, appealing to budget-conscious buyers. Coverity, although more expensive, is justified by high ROI, driven by its advanced and reliable features.

To learn more, read our detailed Coverity vs. Fortify Software Security Center Report (Updated: April 2025).

Buyer's Guide

Coverity vs. Fortify Software Security Center

April 2025

Download the complete report

Helped 850,028 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Coverity

Ranking in Static Application Security Testing (SAST)

4th

Average Rating

7.8

Reviews Sentiment

6.5

Number of Reviews

Ranking in other categories

No ranking in other categories

Fortify Software Security C...

Ranking in Static Application Security Testing (SAST)

26th

Average Rating

7.8

Reviews Sentiment

8.3

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of May 2025, in the Static Application Security Testing (SAST) category, the mindshare of Coverity is 7.5%, up from 6.6% compared to the previous year. The mindshare of Fortify Software Security Center is 0.4%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Static Application Security Testing (SAST)

Featured Reviews

Md. Shahriar Hussain

Information Security Analyst at Banglalink

Offers impressive reporting features with user-friendliness and high scalability

The solution can be easily setup but requires heavy integration due to the multiple types of port and programming languages involved. Comparing the resource requirements of the solution I would say it can be installed effortlessly. I would rate the initial setup an eight out of ten. A professional needs some pre-acquired knowledge to manage Coverity's deployment process, but the local solution partners provide support well enough for trouble-free deployment. The overall deployment process of Coverity took around two and a half hours in our organization. The deployment duration depends upon the operating system and resources including high-end RAM and CPU processors.

Read full review

Jonathan Steyn

Principal Technical Consultant at EOH

Comprehensive vulnerability analysis and customization features with decent pricing

Software Security Center is highly customizable and helps me test all vulnerability data against the latest conventions like OWASP Top Ten, CVE Top twenty-five, and several other legal compliances. WebInspect supports a number of APIs and web endpoints. I find its feature of macro recording allows for testing vulnerabilities during multi-factor authentication sessions very valuable. I appreciate the ability to further analyze data with tools like Audit Workbench.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Provides software security, and helps to find potential security bugs or defects."

"It's pretty stable. I rate the stability of Coverity nine out of ten."

"In my opinion, the most effective Coverity feature for identifying critical vulnerabilities is the extra checks, which offers deep analysis."

"The security analysis features are the most valuable features of this solution."

"It's very stable."

"The most valuable feature is the integration with Jenkins."

"Coverity is easy to set up and has a less lengthy process to find vulnerabilities."

"Coverity is easy to use and easy to integrate with CI."

More Coverity pros

"Fortify Analytics' AI function helps scan and provides more detailed explanations and recommendations about vulnerabilities."

"The overall rating for this tool is ten out of ten."

"The reporting is very useful because you can always view an entire list of the issues that you have."

"You can easily download the tool's rule packs and update them."

"This is a stable solution at the end of the day."

"I like the explanation of issues provided by Fortify Software Security Center."

"Software Security Center is highly customizable and helps me test all vulnerability data against the latest conventions like OWASP Top Ten, CVE Top twenty-five, and several other legal compliances."

Cons

"Some features are not performing well, like duplicate detection and switch case situations."

"They could improve the usability. For example, how you set things up, even though it's straightforward, it could be still be easier."

"When I put my code into Coverity for scanning, the code information of the product is in the system. The solution could be improved by providing a SBOM, a software bill of material."

"The product could be enhanced by providing video troubleshooting guides, making issue resolution more accessible. Troubleshooting without visual guides can be time-consuming."

"There is an extra step in my organization that involves uploading to servers, which adds overhead."

"The solution is a bit complex to use in comparison to other products that have many plugins."

"The product should include more customization options. The analytics is not as deep as compared to SonarQube."

"Sometimes, vulnerabilities remain unidentified even after setting up the rules."

More Coverity cons

"Fortify Software Security Center's setup is really painful."

"Improvements needed for Software Security Center include better aggregation views of datasets."

"This solution is difficult to implement, and it should be made more comfortable for the end-users."

"Improvements needed for Software Security Center include better aggregation views of datasets."

"I am not satisfied with the percentage of false positives, which is around eighteen percent."

"We are having issues with false positives that need to be resolved."

"The product's overlap feature is restrictive and requires more customization efforts, which can be expensive."

Pricing and Cost Advice

"The solution's pricing is comparable to other products."

"This is a pretty expensive solution. The overall value of the solution could be improved if the price was reduced. Licensing is done on an annual basis."

"Offers varying prices for different companies"

"The licensing fees are based on the number of lines of code."

"Coverity is very expensive."

"It is expensive."

"Depending on the usage types, one has to opt for different types of licenses from Coverity, especially to be able to use areas like report viewing or report generation."

"I would rate Coverity's pricing as a nine out of ten. It's already very expensive, and it's a problem for us to get more licenses due to the price. The pricing model has some good aspects - for example, a personal license gives access to all languages without code limitations, which is better than some competitors. However, it's still a lot of money for us to spend."

More Coverity pricing and cost advice

"The solution is priced fair."

"As a Fortify partner company providing technical support, I find the product expensive in our country, where local, inexpensive products are available."

"This is a costly solution that could be cheaper."

See which vendors are best for you

Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.

See recommendations

850,028 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Manufacturing Company

33%

Computer Software Company

14%

Financial Services Firm

Government

Manufacturing Company

20%

Financial Services Firm

16%

Computer Software Company

12%

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

How would you decide between Coverity and Sonarqube?

We researched Coverity, but in the end, we chose SonarQube. SonarQube is a tool for reviewing code quality and security. It helps to guide our development teams during code reviews by providing rem...

See all answers

What do you like most about Coverity?

The solution has improved our code quality and security very well.

See all answers

What is your experience regarding pricing and costs for Coverity?

I do not know about the pricing.

See all answers

What do you like most about Micro Focus Software Security Center?

You can easily download the tool's rule packs and update them.

See all answers

What is your experience regarding pricing and costs for Micro Focus Software Security Center?

In the beginning, it was difficult for me to verify that our usage of Fortify Software Security Center corresponded to the license and criteria. Now, we have negotiated a number of details to respe...

See all answers

What needs improvement with Micro Focus Software Security Center?

I would like the false positive issue to diminish. I have experienced a lot of false positives, but I think this is due to using an older version. I hope the new version will resolve my problem.

See all answers

Comparisons

SonarQube Server (formerly SonarQube) vs Coverity

Compared 50% of the time

Klocwork vs Coverity

Compared 7% of the time

Fortify on Demand vs Coverity

Compared 6% of the time

Veracode vs Coverity

Compared 5% of the time

Polyspace Code Prover vs Coverity

Compared 5% of the time

More Coverity Competitors

Fortify on Demand vs Fortify Software Security Center

Compared 57% of the time

Acunetix vs Fortify Software Security Center

Compared 43% of the time

More Fortify Software Security Center Competitors

Product Reports

Buyer's Guide

Coverity

April 2025

Download Coverity product report

Buyer's Guide

Static Application Security Testing (SAST)

April 2025

Download Fortify Software Security Center product report

Also Known As

Synopsys Static Analysis

Micro Focus Software Security Center, Application Security Center, HPE Application Security Center, WebInspect

Overview

Coverity gives you the speed, ease of use, accuracy, industry standards compliance, and scalability that you need to develop high-quality, secure applications. Coverity identifies critical software quality defects and security vulnerabilities in code as it’s written, early in the development process, when it’s least costly and easiest to fix. With the Code Sight integrated development environment (IDE) plugin, developers get accurate analysis in seconds in their IDE as they code. Precise actionable remediation advice and context-specific eLearning help your developers understand how to fix their prioritized issues quickly, without having to become security experts.

Coverity seamlessly integrates automated security testing into your CI/CD pipelines and supports your existing development tools and workflows. Choose where and how to do your development: on-premises or in the cloud with the Polaris Software Integrity Platform (SaaS), a highly scalable, cloud-based application security platform. Coverity supports more than 20 languages and 200 frameworks and templates.

Black Duck

Software Security Center enables management, development, and security teams to work together to triage, track, validate, automate, and manage software security activities.

OpenText

Sample Customers

SAP, Mega International, Thales Alenia Space

Neosecure, Acxiom, Skandinavisk Data Center A/S, Parkeon

Buyer's Guide

Coverity vs. Fortify Software Security Center

April 2025

Free Report: Coverity vs. Fortify Software Security Center

Find out what your peers are saying about Coverity vs. Fortify Software Security Center and other solutions. Updated: April 2025.

DOWNLOAD NOW

850,028 professionals have used our research since 2012.

See our Coverity vs. Fortify Software Security Center report.

See our list of best Static Application Security Testing (SAST) vendors.

We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.