Try our new research platform with insights from 80,000+ expert users

Coverity vs Snyk comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 4, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Coverity
Ranking in Static Application Security Testing (SAST)
4th
Average Rating
7.8
Reviews Sentiment
6.5
Number of Reviews
43
Ranking in other categories
No ranking in other categories
Snyk
Ranking in Static Application Security Testing (SAST)
8th
Average Rating
8.0
Reviews Sentiment
7.4
Number of Reviews
48
Ranking in other categories
Application Security Tools (8th), Cloud Management (15th), Container Security (6th), Software Composition Analysis (SCA) (2nd), Software Development Analytics (2nd), Cloud Security Posture Management (CSPM) (17th), DevSecOps (2nd), Application Security Posture Management (ASPM) (1st)
 

Mindshare comparison

As of September 2025, in the Static Application Security Testing (SAST) category, the mindshare of Coverity is 6.3%, down from 7.1% compared to the previous year. The mindshare of Snyk is 4.4%, down from 5.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Static Application Security Testing (SAST) Market Share Distribution
ProductMarket Share (%)
Coverity6.3%
Snyk4.4%
Other89.3%
Static Application Security Testing (SAST)
 

Featured Reviews

Jaile Sebes - PeerSpot reviewer
Resolving critical software issues demands faster implementation and better integration
We use Coverity primarily to find issues such as software bugs and memory leaks, especially in C++ and C# projects. It helps us identify deadlocks, synchronization issues, and product crashes Coverity has been instrumental in resolving product crashes by detecting various issues like deadlocks.…
meetharoon - PeerSpot reviewer
Affordable tool boosts code scanning efficiency but faces integration hurdles
The most important feature of Snyk is its cost-effectiveness compared to other solutions such as Check Point. It is easy to consolidate Snyk across multiple entities within a large organization. Additionally, our integration of Snyk into GitHub allows us to automatically scan codebases and identify issues, which has improved efficiency.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The reporting feature is up to the mark."
"The solution has helped to increase staff productivity and improved our work significantly by approximately 20 percent."
"Coverity gives advisory and deviation features, which are some of the parts I liked."
"Considering the analysis part and the benchmarking process involving the product that my company carried out, the solution is good for finding bugs and violations"
"What I find most effective about Coverity is its low rate of false positives. I've seen other platforms with many false positives, but with Coverity, most vulnerabilities it identifies are genuine. This allows me to focus on real issues."
"It provides reports about a lot of potential defects."
"The most valuable feature is that there were not a whole lot of false positives, at least on the codebases that I looked at."
"Coverity is quite stable and we haven’t had any issues or any downtime."
"The most valuable feature of Snyk is the SBOM."
"The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities."
"It is easy for developers to use. The documentation is clear as well as the APIs are good and easily readable. It's a good solution overall."
"Snyk categorizes the level of vulnerability into high, medium, and low, which helps organizations prioritize which issues to tackle first."
"Our overall security has improved. We are running fewer severities and vulnerabilities in our packages. We fixed a lot of the vulnerabilities that we didn't know were there."
"I am impressed with the product's security vulnerability detection. My peers in security are praising the tool for its accuracy to detect security vulnerabilities. The product is very easy to onboard. It doesn't require a lot of preparation or prerequisites. It's a bit of a plug-and-play as long as you're using a package manager or for example, you are using a GitHub repository. And that is an advantage for this tool because developers don't want to add more tools to what they're currently using."
"A main feature of Snyk is that when you go with SCA, you do get properly done security composition, also from the licensing and open-source parameters perspective. A lot of companies often use open-source libraries or frameworks in their code, which is a big security concern. Snyk deals with all the things and provides you with a proper report about whether any open-source code or framework that you are using is vulnerable. In that way, Snyk is very good as compared to other tools."
"The valuable aspect is its security capabilities."
 

Cons

"Coverity takes a lot of time to dereference null pointers."
"We actually specified several checkers, but we found some checkers had a higher false positive rate. I think this is a problem. Because we have to waste some time is really the issue because the issue is not an issue. I mean, the tool pauses or an issue, but the same issue is the filter now.Some check checkers cannot find some issues, but sometimes they find issues that are not relevant, right, that are not really issues. Some customisation mechanism can be added in the next release so that we can define our Checker. The Modelling feature provided by Coverity helps in finding more information for potential issues but it is not mature enough, it should be mature. The fast testing feature for security testing campaign can be added as well. So if you correctly integrate it with the training team, maybe you can help us to find more potential issues."
"When I put my code into Coverity for scanning, the code information of the product is in the system. The solution could be improved by providing a SBOM, a software bill of material."
"I would like to see integration with popular IDEs, such as Eclipse."
"Coverity is not a user-friendly product."
"There should be additional IDE support."
"The quality of the code needs improvement."
"The solution's user interface and quality gate could be improved."
"It lists projects. So, if you have a number of microservices in an enterprise, then you could have pages of findings. Developers will then spend zero time going through the pages of reports to figure out, "Is there something I need to fix?" While it may make sense to list all the projects and issues in these very long lists for completeness, Snyk could do a better job of bubbling up and grouping items, e.g., a higher level dashboard that draws attention to things that are new, the highest priority things, or things trending in the wrong direction. That would make it a lot easier. They don't quite have that yet in container security."
"Compatibility with other products would be great."
"We have seen cases where tools didn't find or recognize certain dependencies. These are known issues, to some extent, due to the complexity in the language or stack that you using. There are some certain circumstances where the tool isn't actually finding what it's supposed to be finding, then it could be misleading."
"Offering API access in the lower or free open-source tiers would be better. That would help our customers. If you don't have an enterprise plan, it becomes challenging to integrate with the rest of the systems. Our customers would like to have some open-source integrations in the next release."
"I use Snyk alongside Sonar, and Snyk tends to generate a lot of false positives. Improving the overall report quality and reducing false positives would be beneficial. I don't need additional features; just improving the existing ones would be enough."
"Scalability has some issues because we have a lot of code and its use is mandatory. Therefore, it can be slow at times, especially because there are a lot of projects and reporting. Some UI improvements could help with this."
"We had some issues integrating into our pipeline, however, they were resolved."
"The way Snyk notifies if we have an issue, there are a few options: High vulnerability or medium vulnerability. The problem with that is high vulnerabilities are too broad, because there are too many. If you enable notifications, you get a lot of notifications, When you get many notifications, they become irrelevant because they're not specific. I would prefer to have control over the notifications and somehow decide if I want to get only exploitable vulnerabilities or get a specific score for a vulnerability. Right now, we receive too many high vulnerabilities. If we enable notifications, then we just get a lot of spam message. Therefore, we would like some type of filtering system to be built-in for the system to be more precise."
 

Pricing and Cost Advice

"I would rate the pricing a six out of ten, where one is low, and ten is high price."
"Coverity’s price is on the higher side. It should be lower."
"The pricing is on the expensive side, and we are paying for a couple of items."
"The pricing is very reasonable compared to other platforms. It is based on a three year license."
"I would rate the tool's pricing a one out of ten."
"It is expensive."
"The price is competitive with other solutions."
"The solution's pricing is comparable to other products."
"I didn't think the price was that great, but it wasn't that bad, either. I'd rate their pricing as average in the market."
"The license model is based on the number of contributing developers. Snyk is expensive, for a startup company will most likely use the community edition, while larger companies will buy the licensed version. The price of Snyk is more than other SLA tools."
"Compared to Veracode, Snyk is definitely a cheaper tool."
"Despite Snyk's coverage, scalability, reliability, and stability, it is available at a very competitive price."
"We do have some missing licenses issues, especially with non-SPDX compliant one, but we expect this to be fixed soon"
"The price of the solution is expensive compared to other solutions."
"It's good value. That's the primary thing. It's not cheap-cheap, but it's good value."
"The product's price is okay."
report
Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
866,561 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
32%
Computer Software Company
14%
Financial Services Firm
6%
Government
4%
Financial Services Firm
15%
Computer Software Company
13%
Manufacturing Company
9%
Insurance Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise6
Large Enterprise31
By reviewers
Company SizeCount
Small Business20
Midsize Enterprise8
Large Enterprise21
 

Questions from the Community

How would you decide between Coverity and Sonarqube?
We researched Coverity, but in the end, we chose SonarQube. SonarQube is a tool for reviewing code quality and security. It helps to guide our development teams during code reviews by providing rem...
What do you like most about Coverity?
The solution has improved our code quality and security very well.
How does Snyk compare with SonarQube?
Snyk does a great job identifying and reducing vulnerabilities. This solution is fully automated and monitors 24/7 to find any issues reported on the internet. It will store dependencies that you a...
What do you like most about Snyk?
The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities.
What needs improvement with Snyk?
There are a lot of false positives that need to be identified and separated. The inclusion of AI to remove false positives would be beneficial. So far, I've not seen any AI features to enhance vuln...
 

Comparisons

 

Also Known As

Synopsys Static Analysis
Fugue
 

Overview

 

Sample Customers

SAP, Mega International, Thales Alenia Space
StartApp, Segment, Skyscanner, DigitalOcean, Comic Relief
Find out what your peers are saying about Coverity vs. Snyk and other solutions. Updated: July 2025.
866,561 professionals have used our research since 2012.