We performed a comparison between Coverity and OWASP Zap based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution effectively identifies bugs in code."
"The most valuable feature of Coverity is its software security feature called the Checker. If you share some vulnerability or weakness then the software can find any potential security bug or defect. The code integration tool enables some secure coding standards and implements some Checkers for Live Duo. So we can enable secure coding and Azure in this tool. So in our software, we can make sure our software combines some industry supervised data."
"The product has been beneficial in logging functionality, allowing me to categorize vulnerabilities based on severity. This aids in providing updated reports on subsequent scans."
"The ability to scan code gives us details of existing and potential vulnerabilities. What really matters for us is to ensure that we are able to catch vulnerabilities ahead of time."
"It's pretty stable. I rate the stability of Coverity nine out of ten."
"The features I find most valuable is that our entire company can publish the analysis results into our central space."
"It is a scalable solution."
"Provides software security, and helps to find potential security bugs or defects."
"The interface is easy to use."
"The solution is scalable."
"It can be used effectively for internal auditing."
"The reporting is quite intuitive, which gives you a clear indication of what kind of vulnerability you have that you can drill down on to gather more information."
"This solution has improved my organization because it has made us feel safer doing frequent deployments for web applications. If we have something really big, we might get some professional company in to help us but if we're releasing small products, we will check it ourselves with Zap. It makes it easier and safer."
"The product discovers more vulnerabilities compared to other tools."
"Automatic scanning is a valuable feature and very easy to use."
"It has evolved over the years and recently in the last year they have added, HUD (Heads Up Display)."
"Sometimes, vulnerabilities remain unidentified even after setting up the rules."
"Reporting engine needs to be more robust."
"It would be great if we could customize the rules to focus on critical issues."
"When I put my code into Coverity for scanning, the code information of the product is in the system. The solution could be improved by providing a SBOM, a software bill of material."
"Some features are not performing well, like duplicate detection and switch case situations."
"The solution is a bit complex to use in comparison to other products that have many plugins."
"Ideally, it would have a user-based license that does not have a restriction in the number of lines of code."
"SCM integration is very poor in Coverity."
"It would be ideal if I could try some pre-built deployment scenarios so that I don't have to worry about whether the configuration sector team is doing it right or wrong. That would be very helpful."
"If there was an easier to understand exactly what has been checked and what has not been checked, it would make this solution better. We have to trust that it has checked all known vulnerabilities but it's a bit hard to see after the scanning."
"OWASP Zap needs to extend to mobile application testing."
"They stopped their support for a short period. They've recently started to come back again. In the early days, support was much better."
"Reporting format has no output, is cluttered and very long."
"Zap could improve by providing better reports for security and recommendations for the vulnerabilities."
"The technical support team must be proactive."
"Lacks resources where users can internally access a learning module from the tool."
Coverity is ranked 4th in Application Security Testing (AST) with 33 reviews while OWASP Zap is ranked 8th in Application Security Testing (AST) with 37 reviews. Coverity is rated 7.8, while OWASP Zap is rated 7.6. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of OWASP Zap writes "Great for automating and testing and has tightened our security ". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas OWASP Zap is most compared with SonarQube, Acunetix, PortSwigger Burp Suite Professional, Qualys Web Application Scanning and Veracode. See our Coverity vs. OWASP Zap report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.