Coverity vs GitLab comparison

Read 86 GitLab reviews

19,204 Views
2,881 Comparison Views

97% willing to recommend

Coverity

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 8, 2024

Coverity and GitLab compete in code analysis and development. GitLab has an edge due to robust features and support, though Coverity's specific strengths attract some users.

Features: Coverity offers in-depth static analysis capabilities, accurate bug detection, and integration with development workflows. GitLab provides extensive CI/CD capabilities, version control, and a collaborative development environment that enhances productivity.

Room for Improvement: Coverity might improve its setup process and scanning speeds, while GitLab could enhance performance metrics and reduce resource consumption. Coverity could also work on its user experience, whereas GitLab needs performance optimization.

Ease of Deployment and Customer Service: Coverity's deployment is technically demanding, but the support team receives positive feedback. GitLab, with straightforward deployment and accessible support, eases the installation process and maintains reliable service.

Pricing and ROI: Coverity's higher pricing makes cost justification important, while GitLab's competitive pricing aligns with its feature set, driving positive ROI perceptions.

To learn more, read our detailed Coverity vs. GitLab Report (Updated: September 2025).

Coverity vs. GitLab

Download the complete report

Helped 867,370 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Coverity

Ranking in Static Application Security Testing (SAST)

4th

Average Rating

7.8

Reviews Sentiment

6.5

Number of Reviews

Ranking in other categories

No ranking in other categories

GitLab

Ranking in Static Application Security Testing (SAST)

7th

Average Rating

8.4

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

Application Security Tools (11th), Build Automation (1st), Release Automation (2nd), Rapid Application Development Software (11th), Software Composition Analysis (SCA) (5th), Enterprise Agile Planning Tools (2nd), Fuzz Testing Tools (2nd), DevSecOps (1st)

Mindshare comparison

As of September 2025, in the Static Application Security Testing (SAST) category, the mindshare of Coverity is 6.3%, down from 7.1% compared to the previous year. The mindshare of GitLab is 2.4%, down from 2.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Static Application Security Testing (SAST) Market Share Distribution
Product	Market Share (%)
Coverity	6.3%
GitLab	2.4%
Other	91.3%

Static Application Security Testing (SAST)

Featured Reviews

Jaile Sebes

Senior Software Architect at Siemens Industry

Resolving critical software issues demands faster implementation and better integration

We use Coverity primarily to find issues such as software bugs and memory leaks, especially in C++ and C# projects. It helps us identify deadlocks, synchronization issues, and product crashes Coverity has been instrumental in resolving product crashes by detecting various issues like deadlocks.…

Read full review

Rohit Kesharwani

Manager, Engineering at 7-Eleven

Improved agility and time to market with CI/CD enhancements

The CI/CD pipelines in GitLab are highly valuable. Another important feature is the single source of repository, allowing efficient repository management and source code management. GitLab provides manageability by allowing us to manage source code effectively through separate repositories. Additionally, GitLab enables the creation of individual CI/CD pipelines for each repository, making software more agile. By integrating GitLab as a DevOps platform, we have enhanced agility, improved our time to market, and different teams can work collaboratively on various projects.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most valuable feature is that there were not a whole lot of false positives, at least on the codebases that I looked at."

"Coverity provides excellent compliance and other features, which is a very good part."

"Coverity integrates with issue-tracking systems like Jira and provides email notifications, alerts, and other features."

"The most valuable feature of Coverity is its software security feature called the Checker. If you share some vulnerability or weakness then the software can find any potential security bug or defect. The code integration tool enables some secure coding standards and implements some Checkers for Live Duo. So we can enable secure coding and Azure in this tool. So in our software, we can make sure our software combines some industry supervised data."

"The security analysis features are the most valuable features of this solution."

"The product has been beneficial in logging functionality, allowing me to categorize vulnerabilities based on severity. This aids in providing updated reports on subsequent scans."

"It provides reports about a lot of potential defects."

"It has the lowest false positives."

More Coverity pros

"CI/CD is valuable for me."

"The most valuable functionality of GitLab, for me, is the DevOps. Besides the normal source control based on Git, I find the Auto DevOps features most important in the solution."

"We like that we can have an all-encompassing product and don't have to implement different solutions."

"It is scalable."

"I have had no problem with the stability of the solution."

"They incorporate new features every September, and they have introduced their own code editor and AI features."

"As a developer, this solution is useful as a repository holder because most of the POC projects that we have are on GitLab."

"It's a great toolbox where the CI/CD pipeline is the fundamental component, but there are so many other features that you can pull from, which makes it a very powerful tool. My current client is using AWS, and they can, of course, use AWS CodePipeline, but GitLab is much more mature than that, and it also gives you the freedom to decide to go to another platform or have a multi-cloud strategy and things like that. That freedom for me is also very valuable."

More GitLab pros

Cons

"SCM integration is very poor in Coverity."

"There should be additional IDE support."

"The solution is a bit complex to use in comparison to other products that have many plugins."

"Some features are not performing well, like duplicate detection and switch case situations."

"When I put my code into Coverity for scanning, the code information of the product is in the system. The solution could be improved by providing a SBOM, a software bill of material."

"The solution's user interface and quality gate could be improved."

"We actually specified several checkers, but we found some checkers had a higher false positive rate. I think this is a problem. Because we have to waste some time is really the issue because the issue is not an issue. I mean, the tool pauses or an issue, but the same issue is the filter now.Some check checkers cannot find some issues, but sometimes they find issues that are not relevant, right, that are not really issues. Some customisation mechanism can be added in the next release so that we can define our Checker. The Modelling feature provided by Coverity helps in finding more information for potential issues but it is not mature enough, it should be mature. The fast testing feature for security testing campaign can be added as well. So if you correctly integrate it with the training team, maybe you can help us to find more potential issues."

"Its price can be improved. Price is always an issue with Synopsys."

More Coverity cons

"GitLab can improve its user interface to make conflict resolution more user-friendly."

"The licensing model could be improved to be more accommodating in terms of user numbers and costs."

"Reporting could be improved."

"There was a problem with the build environment when we were looking at developing iOS applications. iOS build require Mac machines and there are no Mac machines provided by GitLab in their cloud. So to build for mobile iOS application, we needed to use our own Mac machine within our own infrastructure. If GitLab were to provide a feature such that an iOS application could also be built through GitLab directly, that would be great."

"The integration and storage capabilities could be better."

"GitLab can improve the integration with third-party applications. It could be made easier. Additionally, having API control from my application could be helpful."

"The solution does not have many built-in functions or variables so scripting is required."

"GitLab could improve the patch repository. It does not have support for Conan patch version regions. Additionally, better support for Kubernetes deployment is needed as part of the package."

More GitLab cons

Pricing and Cost Advice

"I would rate the pricing a six out of ten, where one is low, and ten is high price."

"I rate Coverity's price a ten on a scale of one to ten, where one is cheap and ten is expensive."

"The pricing is on the expensive side, and we are paying for a couple of items."

"The solution's pricing is comparable to other products."

"Offers varying prices for different companies"

"I would rate Coverity's pricing as a nine out of ten. It's already very expensive, and it's a problem for us to get more licenses due to the price. The pricing model has some good aspects - for example, a personal license gives access to all languages without code limitations, which is better than some competitors. However, it's still a lot of money for us to spend."

"The price is competitive with other solutions."

"This is a pretty expensive solution. The overall value of the solution could be improved if the price was reduced. Licensing is done on an annual basis."

More Coverity pricing and cost advice

"GitLab is cheap."

"In terms of the pricing for GitLab, on a scale of one to five, with one being expensive and five being cheap, I'm rating pricing for the solution a four. It could still be cheaper because right now, my company has a small team, and sometimes it's difficult to use a paid product for a small team. You'd hope the team will grow and scale, but currently, you're paying a high license fee for a small team. I'm referring to the GitLab license that has premium features and will give you all features. This can be a problem for management to approve the high price of the license for a team this small."

"Its price is fine. It is on the cheaper side and not expensive. You have to pay additionally for GitLab CI/CD minutes. Initially, we used the free version. When we ran out of GitLab minutes, we migrated to the paid version."

"It is very expensive. We can't bear it now, and we have to find another solution. We have a yearly subscription in which we can increase the number of licenses, but we have to pay at the end of the year."

"GitLab is an open-source solution."

"We are using its free version, and we are evaluating its Premium version. Its Ultimate version is very expensive."

"The solution is based on a licensing model that includes technical support and is paid annually."

"GitLab is a free solution to use."

More GitLab pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.

See recommendations

867,370 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Manufacturing Company

32%

Computer Software Company

14%

Financial Services Firm

Government

Financial Services Firm

14%

Computer Software Company

13%

Government

11%

Manufacturing Company

10%

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	8
Midsize Enterprise	6
Large Enterprise	31

By reviewers
Company Size	Count
Small Business	35
Midsize Enterprise	9
Large Enterprise	42

Questions from the Community

How would you decide between Coverity and Sonarqube?

We researched Coverity, but in the end, we chose SonarQube. SonarQube is a tool for reviewing code quality and security. It helps to guide our development teams during code reviews by providing rem...

What do you like most about Coverity?

The solution has improved our code quality and security very well.

What is your experience regarding pricing and costs for Coverity?

I do not know about the pricing.

What do you like most about GitLab?

I find the features and version control history to be most valuable for our development workflow. These aspects provide us with a clear view of changes and help us manage requests efficiently.

What is your experience regarding pricing and costs for GitLab?

The pricing and cost are on par with other tools and are neither too expensive nor cheap.

What needs improvement with GitLab?

Regarding improvements, making task management is something that GitLab can potentially make easier, similar to what DevOps or Jira does.

SonarQube Server (formerly SonarQube) vs Coverity

Comparisons

Compared 41% of the time

Klocwork vs Coverity

Compared 8% of the time

Polyspace Code Prover vs Coverity

Compared 6% of the time

OpenText Core Application Security vs Coverity

Compared 6% of the time

Parasoft SOAtest vs Coverity

Compared 1% of the time

More Coverity Competitors

Microsoft Azure DevOps vs GitLab

Compared 34% of the time

GitHub CoPilot vs GitLab

Compared 14% of the time

TeamCity vs GitLab

Compared 5% of the time

Tekton vs GitLab

Compared 5% of the time

SonarQube Server (formerly SonarQube) vs GitLab

Compared 4% of the time

More GitLab Competitors

Product Reports

Coverity

Download Coverity product report

Download GitLab product report

Also Known As

Synopsys Static Analysis

Fuzzit

Overview

Coverity gives you the speed, ease of use, accuracy, industry standards compliance, and scalability that you need to develop high-quality, secure applications. Coverity identifies critical software quality defects and security vulnerabilities in code as it’s written, early in the development process, when it’s least costly and easiest to fix. With the Code Sight integrated development environment (IDE) plugin, developers get accurate analysis in seconds in their IDE as they code. Precise actionable remediation advice and context-specific eLearning help your developers understand how to fix their prioritized issues quickly, without having to become security experts.

Coverity seamlessly integrates automated security testing into your CI/CD pipelines and supports your existing development tools and workflows. Choose where and how to do your development: on-premises or in the cloud with the Polaris Software Integrity Platform (SaaS), a highly scalable, cloud-based application security platform. Coverity supports more than 20 languages and 200 frameworks and templates.

Black Duck

GitLab offers a secure and user-friendly platform for CI/CD pipeline management, code repository control, and collaboration, enhancing development speed and efficiency. It facilitates automation with extensive customization and tool integration, ideal for DevOps processes.

GitLab supports source code management, version control, and collaborative development. It's frequently used in CI/CD processes to automate builds and deployments while integrating DevOps practices. GitLab allows companies to manage repositories, automate pipelines, conduct code reviews, and maintain development lifecycles. The platform supports infrastructure and configuration management, enabling efficient code collaboration, deployment automation, and comprehensive repository handling. Many organizations commit and deploy developed code using GitLab's capabilities.

What are GitLab's most valuable features?

CI/CD Pipeline Management: Streamlines development through automated testing and deployment.
User-Friendly Interface: Ensures ease of collaboration and task automation.
Code Merging and Branching: Facilitates smooth code integration and version control.
Security Platform: Provides strong security features for safe development.
Tool Integration: Enhances functionality with diverse tool integration.

What benefits should users evaluate?

Development Speed: Accelerates processes through automation.
Collaboration Ease: Simplifies team interactions and workflow.
Customization Options: Offers extensive personalization for specific needs.
Comprehensive Documentation: Provides detailed guidance for users.
Secure Platform: Maintains integrity with robust security features.

In specific industries, GitLab serves as a backbone for source code management and CI/CD implementation. Companies leverage its capabilities for infrastructure management and deployment automation, thus streamlining project delivery timelines. Its ability to handle configuration management and code repositories effectively aids in maintaining development lifecycles, making it a preferred choice for organizations committed to enhancing their DevOps practices.

Sample Customers

SAP, Mega International, Thales Alenia Space

1. NASA 2. IBM 3. Sony 4. Alibaba 5. CERN 6. Siemens 7. Volkswagen 8. ING 9. Ticketmaster 10. SpaceX 11. Adobe 12. Intuit 13. Autodesk 14. Rakuten 15. Unity Technologies 16. Pandora 17. Electronic Arts 18. Nordstrom 19. Verizon 20. Comcast 21. Philips 22. Deutsche Telekom 23. Orange 24. Fujitsu 25. Ericsson 26. Nokia 27. General Electric 28. Cisco 29. Accenture 30. Deloitte 31. PwC 32. KPMG

Coverity vs. GitLab