Coverity vs Klocwork comparison

Cancel
You must select at least 2 products to compare!
Synopsys Logo
21,996 views|15,656 comparisons
Perforce Logo
4,940 views|3,408 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Coverity and Klocwork based on real PeerSpot user reviews.

Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Coverity vs. Klocwork Report (Updated: November 2022).
655,465 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"I encountered a bug with Coverity, and I opened a ticket. Support provided me with a workaround. So it's working at the moment, or at least it seems to be.""The most valuable feature of Coverity is the wrapper. We use the wrapper to build the C++ component, then we use the other code analysis to analyze the code to the build object, and then send back the result to the SonarQube server. Additionally, it is a powerful capabilities solution.""The app analysis is the most valuable feature as I know other solutions don't have that.""We were very comfortable with the initial setup.""The ability to scan code gives us details of existing and potential vulnerabilities. What really matters for us is to ensure that we are able to catch vulnerabilities ahead of time.""One of the most valuable features is Contributing Events. That particular feature helps the developer understand the root cause of a defect. So you can locate the starting point of the defect and figure out exactly how it is being exploited.""Coverity is scalable."

More Coverity Pros →

"On-the-fly analysis and incremental analysis are the best parts of Klocwork. Currently, we are using both of these features very effectively.""The most valuable feature is the Incremental analysis.""Klocwork's most valuable feature is the static code analysis feature. It detects the potential problem earlier to allow the developer to receive feedback quickly and then address it before it becomes a problem.""There's a feature in Klocwork called 'on-the-fly analysis', which helps developers to find and fix the defects at the time of development itself.""Technical support is quite good.""The most valuable feature of Klocwork is finding defects while you're doing the coding. For example, if you have an IDE plug-in of Klocwork on Visual Studio or Eclipse, you can find the faults; similar to using spell check on Word, you can find out defects during the development phase, which means that you don't have to wait till the development is over to find the flaws and address the deficiencies. I also find language support in Klocwork good because it used to support only C, C++, C#, and Java, but now, it also supports Java scripts and Python."

More Klocwork Pros →

Cons
"We'd like it to be faster.""When I put my code into Coverity for scanning, the code information of the product is in the system. The solution could be improved by providing a SBOM, a software bill of material.""Right now, the Coverity executable is around 1.2GB to download. If they can reduce it to approximately 600 or 700MB, that would be great. If they decrease the executable, it will be much easier to work in an environment like Docker.""Coverity is far from perfection, and I'm not 100 percent sure it's helping me find what I need to find in my role. We need exactly what we are looking for, i.e. security errors and vulnerabilities. It doesn't seem to be reporting while we are changing our code.""Coverity is not stable.""The solution could use more rules.""Coverity could improve the ease of use. Sometimes things become difficult and you need to follow the guides from the website but the guides could be better."

More Coverity Cons →

"Every update that we receive requires of us a lengthy and involved process.""What needs improvement in Klocwork, compared to other products in the market, is the dashboard or reporting mechanisms that need to be a bit more flexible. The Klocwork dashboard could be improved. Though it's good, it's not as good as some of the other products in the market, which is a problem. The reporting could be more detailed and easier to sort out because sorting in Klocwork could be a bit more time-consuming, mainly when sorting defects based on filters, compared to how it's done on other tools such as Coverity.""Klocwork has to improve its features to stay ahead of other free solutions.""Modern languages, such as Angular and .NET, should be included as a part of Klocwork. They have recently added Kotlin as a part of their project, but we would like to see more languages in Klocwork. That's the reason we are using Coverity as a backup for some of the other languages.""This solution could be improved if they offered support of more languages including Ada and Golang. They currently only support seven languages.""I believe it should support more languages, such as Python and JavaScript."

More Klocwork Cons →

Pricing and Cost Advice
  • "Coverity is very expensive."
  • "This is a pretty expensive solution. The overall value of the solution could be improved if the price was reduced. Licensing is done on an annual basis."
  • More Coverity Pricing and Cost Advice →

  • "When it comes to licensing, the solution has two packages, one for a fixed and the other for a floating server, with the former being more cost effective than the latter."
  • "Licensing fees are paid annually, but they also have a perpetual license."
  • "There are other solutions on the market such as Microsoft Visual Studio. They have been adding more static code analysis features that come for free. It is getting better all the time. That is one of the possibilities is that we've been considering that we may stop using the Klocwork because it doesn't give us any added value."
  • "This solution offers competitive pricing."
  • "The pricing for Klocwork is very competitive if you compare it from apple to apple. It has competitive pricing regarding the licensing model and the per-license cost. Klocwork isn't a high-end investment for anyone deploying it; even SMBs can afford it. The Klocwork cost per user would depend on the license type, so I'm unable to mention a ballpark figure because it would depend on the type of installation and how the deployment will be, and the nodes to give an accurate calculation or figure. The total price depends on the package, so my company could never publish pricing for Klocwork on the website. My team first collects information from potential clients on the deployment scenario, project environment, etc., before suggesting a package for Klocwork. My rating for Klocwork in terms of pricing is a five because of its flexible license models. There's a license model for every type of organization, whether small, midsize, or enterprise, so it's a five out of five for me."
  • More Klocwork Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Application Security Testing (AST) solutions are best for your needs.
    655,465 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:We researched Coverity, but in the end, we chose SonarQube. SonarQube is a tool for reviewing code quality and security. It helps to guide our development teams during code reviews by providing… more »
    Top Answer:We were very comfortable with the initial setup.
    Top Answer:It is an expensive solution. Their sales team is very arrogant. I don't like their licensing mechanism. Everything is on very unfriendly terms. There are other tools you can use that are free and… more »
    Top Answer:There's a feature in Klocwork called 'on-the-fly analysis', which helps developers to find and fix the defects at the time of development itself.
    Top Answer:This solution could be improved if they offered support of more languages including Ada and Golang. They currently only support seven languages. In a future release, we would like to have architecture… more »
    Ranking
    Views
    21,996
    Comparisons
    15,656
    Reviews
    7
    Average Words per Review
    525
    Rating
    7.9
    Views
    4,940
    Comparisons
    3,408
    Reviews
    5
    Average Words per Review
    576
    Rating
    8.2
    Comparisons
    Also Known As
    Synopsys Static Analysis
    Learn More
    Overview

    Coverity gives you the speed, ease of use, accuracy, industry standards compliance, and scalability that you need to develop high-quality, secure applications. Coverity identifies critical software quality defects and security vulnerabilities in code as it’s written, early in the development process, when it’s least costly and easiest to fix. With the Code Sight integrated development environment (IDE) plugin, developers get accurate analysis in seconds in their IDE as they code. Precise actionable remediation advice and context-specific eLearning help your developers understand how to fix their prioritized issues quickly, without having to become security experts. 

    Coverity seamlessly integrates automated security testing into your CI/CD pipelines and supports your existing development tools and workflows. Choose where and how to do your development: on-premises or in the cloud with the Polaris Software Integrity Platform (SaaS), a highly scalable, cloud-based application security platform. Coverity supports 22 languages and over 70 frameworks and templates.

    Klocwork detects security, safety, and reliability issues in real-time by using this static code analysis toolkit that works alongside developers, finding issues as early as possible, and integrates with teams, supporting continuous integration and actionable reporting.

    Offer
    Learn more about Coverity
    Learn more about Klocwork
    Sample Customers
    MStar Semiconductor, Alcatel-Lucent
    ACCESS Co Ltd, Risk-AI, Winbond Electronics, Bristol-Myers Squibb Pharmaceutical Research Institute, University of Southern California, Alebra Technologies, SIMULIA, Risk Management Solutions, Brigham Young University, SRD, HRL
    Top Industries
    REVIEWERS
    Manufacturing Company22%
    Computer Software Company22%
    Media Company11%
    Government11%
    VISITORS READING REVIEWS
    Computer Software Company21%
    Manufacturing Company21%
    Comms Service Provider9%
    Financial Services Firm5%
    REVIEWERS
    Manufacturing Company29%
    Engineering Company14%
    Non Tech Company14%
    Transportation Company14%
    VISITORS READING REVIEWS
    Manufacturing Company21%
    Computer Software Company21%
    Comms Service Provider8%
    Government6%
    Company Size
    REVIEWERS
    Small Business17%
    Midsize Enterprise17%
    Large Enterprise67%
    VISITORS READING REVIEWS
    Small Business14%
    Midsize Enterprise11%
    Large Enterprise75%
    REVIEWERS
    Small Business59%
    Midsize Enterprise6%
    Large Enterprise35%
    VISITORS READING REVIEWS
    Small Business15%
    Midsize Enterprise12%
    Large Enterprise73%
    Buyer's Guide
    Coverity vs. Klocwork
    November 2022
    Find out what your peers are saying about Coverity vs. Klocwork and other solutions. Updated: November 2022.
    655,465 professionals have used our research since 2012.

    Coverity is ranked 9th in Application Security Testing (AST) with 7 reviews while Klocwork is ranked 10th in Application Security Testing (AST) with 6 reviews. Coverity is rated 7.8, while Klocwork is rated 8.2. The top reviewer of Coverity writes "Broad integration capacity and works with more languages than some competitors". On the other hand, the top reviewer of Klocwork writes "Lets you find defects during the development phase, so you don't have to wait till the development is over to find and address flaws". Coverity is most compared with SonarQube, Veracode, Checkmarx, Micro Focus Fortify on Demand and Fortify Application Defender, whereas Klocwork is most compared with SonarQube, Veracode, Polyspace Code Prover, Checkmarx and Parasoft SOAtest. See our Coverity vs. Klocwork report.

    See our list of best Application Security Testing (AST) vendors.

    We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.