We performed a comparison between Coverity and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution has helped to increase staff productivity and improved our work significantly by approximately 20 percent."
"I like Coverity's capability to scan codes once we push it. We don't need more time to review our colleagues' codes. Its UI is pretty straightforward."
"It is a scalable solution."
"Coverity is easy to set up and has a less lengthy process to find vulnerabilities."
"Coverity is scalable."
"The solution has improved our code quality and security very well."
"The product is easy to use."
"The most valuable feature of Coverity is its software security feature called the Checker. If you share some vulnerability or weakness then the software can find any potential security bug or defect. The code integration tool enables some secure coding standards and implements some Checkers for Live Duo. So we can enable secure coding and Azure in this tool. So in our software, we can make sure our software combines some industry supervised data."
"You can integrate your Burp Suite results and create an integrated report. Also, the way it shows the results - threats and exploit details - makes remediation very easy."
"This product is designed for easy scalability and can easily scale up without major challenges."
"It works with many different products."
"The simplicity of exporting reports and the simplicity and clarity of the reports included with the product are good."
"It combines both web application vulnerability management and internal vulnerability management on one platform and dashboard. Usually, you have to purchase separate tools."
"Key features include: Cloud-based, so the installation is not so tedious. Easily deployed. Highly scalable. Comprehensive reporting."
"The interface is user-friendly and easy to understand."
"With our vulnerabilities under control, it's putting our services in compliance and minimizing our risk for exposure."
"When I put my code into Coverity for scanning, the code information of the product is in the system. The solution could be improved by providing a SBOM, a software bill of material."
"The solution could use more rules."
"We'd like it to be faster."
"Coverity could improve the ease of use. Sometimes things become difficult and you need to follow the guides from the website but the guides could be better."
"Ideally, it would have a user-based license that does not have a restriction in the number of lines of code."
"We actually specified several checkers, but we found some checkers had a higher false positive rate. I think this is a problem. Because we have to waste some time is really the issue because the issue is not an issue. I mean, the tool pauses or an issue, but the same issue is the filter now.Some check checkers cannot find some issues, but sometimes they find issues that are not relevant, right, that are not really issues. Some customisation mechanism can be added in the next release so that we can define our Checker. The Modelling feature provided by Coverity helps in finding more information for potential issues but it is not mature enough, it should be mature. The fast testing feature for security testing campaign can be added as well. So if you correctly integrate it with the training team, maybe you can help us to find more potential issues."
"Coverity takes a lot of time to dereference null pointers."
"There should be additional IDE support."
"The reporting contains too many false positives."
"The pricing does not seem to be competitive."
"In certain cases, this product does have false positives, which the company should work on."
"The virus code updates are not frequent enough."
"The software’s pricing could be improved."
"There could be better management and faster scanning."
"There should be better visibility into the application."
"The UI is not user-friendly and you don't have a yearly reporting facility where you can slice and dice in different jobs."
More Qualys Web Application Scanning Pricing and Cost Advice →
Coverity is ranked 4th in Application Security Testing (AST) with 33 reviews while Qualys Web Application Scanning is ranked 14th in Application Security Testing (AST) with 31 reviews. Coverity is rated 7.8, while Qualys Web Application Scanning is rated 7.8. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx and Veracode, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, Fortify WebInspect and PortSwigger Burp Suite Professional. See our Coverity vs. Qualys Web Application Scanning report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.