We performed a comparison between Coverity and GitHub Code Scanning based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Testing (AST)."It provides reports about a lot of potential defects."
"The product has been beneficial in logging functionality, allowing me to categorize vulnerabilities based on severity. This aids in providing updated reports on subsequent scans."
"The solution effectively identifies bugs in code."
"The features I find most valuable is that our entire company can publish the analysis results into our central space."
"The solution has improved our code quality and security very well."
"The product has deeper scanning capabilities."
"The interface of Coverity is quite good, and it is also easy to use."
"The most valuable feature of Coverity is its software security feature called the Checker. If you share some vulnerability or weakness then the software can find any potential security bug or defect. The code integration tool enables some secure coding standards and implements some Checkers for Live Duo. So we can enable secure coding and Azure in this tool. So in our software, we can make sure our software combines some industry supervised data."
"We use GitHub Code Scanning mostly for source code management."
"Some features are not performing well, like duplicate detection and switch case situations."
"The setup takes very long."
"Coverity is not stable."
"The quality of the code needs improvement."
"The product should include more customization options. The analytics is not as deep as compared to SonarQube."
"The product could be enhanced by providing video troubleshooting guides, making issue resolution more accessible. Troubleshooting without visual guides can be time-consuming."
"SCM integration is very poor in Coverity."
"The level of vulnerability that this solution covers could be improved compared to other open source tools."
"GitHub Code Scanning should add more templates."
Coverity is ranked 4th in Application Security Testing (AST) with 33 reviews while GitHub Code Scanning is ranked 20th in Application Security Testing (AST) with 1 review. Coverity is rated 7.8, while GitHub Code Scanning is rated 10.0. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of GitHub Code Scanning writes "A highly stable solution that can be used for source code management". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas GitHub Code Scanning is most compared with SonarCloud, SonarQube and Polaris Software Integrity Platform.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.