Try our new research platform with insights from 80,000+ expert users

Coverity Static vs Snyk comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 15, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Coverity Static
Ranking in Static Application Security Testing (SAST)
4th
Average Rating
7.8
Reviews Sentiment
6.5
Number of Reviews
43
Ranking in other categories
No ranking in other categories
Snyk
Ranking in Static Application Security Testing (SAST)
8th
Average Rating
8.0
Reviews Sentiment
7.4
Number of Reviews
48
Ranking in other categories
Application Security Tools (8th), Cloud Management (15th), Container Security (6th), Software Composition Analysis (SCA) (2nd), Software Development Analytics (2nd), Cloud Security Posture Management (CSPM) (17th), DevSecOps (2nd), Application Security Posture Management (ASPM) (1st)
 

Mindshare comparison

As of September 2025, in the Static Application Security Testing (SAST) category, the mindshare of Coverity Static is 6.3%, down from 7.1% compared to the previous year. The mindshare of Snyk is 4.4%, down from 5.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Static Application Security Testing (SAST) Market Share Distribution
ProductMarket Share (%)
Coverity6.3%
Snyk4.4%
Other89.3%
Static Application Security Testing (SAST)
 

Featured Reviews

Jaile Sebes - PeerSpot reviewer
Resolving critical software issues demands faster implementation and better integration
We use Coverity primarily to find issues such as software bugs and memory leaks, especially in C++ and C# projects. It helps us identify deadlocks, synchronization issues, and product crashes Coverity has been instrumental in resolving product crashes by detecting various issues like deadlocks.…
meetharoon - PeerSpot reviewer
Affordable tool boosts code scanning efficiency but faces integration hurdles
The most important feature of Snyk is its cost-effectiveness compared to other solutions such as Check Point. It is easy to consolidate Snyk across multiple entities within a large organization. Additionally, our integration of Snyk into GitHub allows us to automatically scan codebases and identify issues, which has improved efficiency.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The tool as it is can be used for code quality improvement."
"Coverity is easy to set up and has a less lengthy process to find vulnerabilities."
"It help us identify the latest security vulnerabilities."
"Provides software security, and helps to find potential security bugs or defects."
"This solution is easy to use."
"The most valuable feature of Coverity is the wrapper. We use the wrapper to build the C++ component, then we use the other code analysis to analyze the code to the build object, and then send back the result to the SonarQube server. Additionally, it is a powerful capabilities solution."
"The solution has helped to increase staff productivity and improved our work significantly by approximately 20 percent."
"The most valuable feature of Coverity is its interprocedural analysis, which is advantageous because it compares favorably with other tools in terms of security and code analysis."
"The solution's Open Source feature gives us notifications and suggestions regarding how to address vulnerabilities."
"I find SCA to be valuable. It can read your libraries, your license and bring the best way to resolve your problem in the best scenario."
"It has improved our vulnerability rating and reduced our vulnerabilities through the tool during the time that we've had it. It's definitely made us more aware, as we have removed scoping for existing vulnerabilities and platforms since we rolled it out up until now."
"The CLI feature is quite useful because it gives us a lot of flexibility in what we want to do. If you use the UI, all the information is there and you can see what Snyk is showing you, but there is nothing else that you can change. However, when you use the CLI, then you can use commands and can get the output or response back from Snyk. You can also take advantage of that output in a different way. For the same reason, we have been using the CLI for the hard gate in the pipeline: Obtain a particular CDSS score for vulnerability. Based on that information, we can then decide if we want to block or allow the build. We have more flexibility if we use the CLI."
"It is a stable solution. Stability-wise, I rate the solution a ten out of ten."
"It's very easy for developers to use. Onboarding was an easy process for all of the developers within the company. After a quick, half-an-hour to an hour session, they were fully using it on their own. It's very straightforward. Usability is definitely a 10 out of 10."
"Provides clear information and is easy to follow with good feedback regarding code practices."
"Snyk allows for scaling across large organizations, accommodating tens of thousands of applications and over 60,000 repositories, making it suitable for wide-scale deployment."
 

Cons

"Its price can be improved. Price is always an issue with Synopsys."
"The price is a concern, and there are a lot of false positives coming through."
"Coverity's implementation cycle is very slow when integrating changes, especially for problems related to event handling and memory leaks."
"Coverity takes a lot of time to dereference null pointers."
"Coverity is far from perfection, and I'm not 100 percent sure it's helping me find what I need to find in my role. We need exactly what we are looking for, i.e. security errors and vulnerabilities. It doesn't seem to be reporting while we are changing our code."
"We use GitHub and Gitflow, and Coverity does not fit with Gitflow. I have to create a screen for our branches, and it's a pain for developers. It has been difficult to integrate Coverity with our system."
"We actually specified several checkers, but we found some checkers had a higher false positive rate. I think this is a problem. Because we have to waste some time is really the issue because the issue is not an issue. I mean, the tool pauses or an issue, but the same issue is the filter now.Some check checkers cannot find some issues, but sometimes they find issues that are not relevant, right, that are not really issues. Some customisation mechanism can be added in the next release so that we can define our Checker. The Modelling feature provided by Coverity helps in finding more information for potential issues but it is not mature enough, it should be mature. The fast testing feature for security testing campaign can be added as well. So if you correctly integrate it with the training team, maybe you can help us to find more potential issues."
"I would like to see integration with popular IDEs, such as Eclipse."
"It lists projects. So, if you have a number of microservices in an enterprise, then you could have pages of findings. Developers will then spend zero time going through the pages of reports to figure out, "Is there something I need to fix?" While it may make sense to list all the projects and issues in these very long lists for completeness, Snyk could do a better job of bubbling up and grouping items, e.g., a higher level dashboard that draws attention to things that are new, the highest priority things, or things trending in the wrong direction. That would make it a lot easier. They don't quite have that yet in container security."
"The solution's reporting and storage could be improved."
"The product is very expensive."
"Snyk's API and UI features could work better in terms of speed."
"Generating reports and visibility through reports are definitely things they can do better."
"It would be helpful if we get a recommendation while doing the scan about the necessary things we need to implement after identifying the vulnerabilities."
"Scalability has some issues because we have a lot of code and its use is mandatory. Therefore, it can be slow at times, especially because there are a lot of projects and reporting. Some UI improvements could help with this."
"It can be improved from the reporting perspective and scanning perspective. They can also improve it on the UI front."
 

Pricing and Cost Advice

"The price is competitive with other solutions."
"The solution is affordable."
"Coverity’s price is on the higher side. It should be lower."
"I would rate the tool's pricing a one out of ten."
"Coverity is quite expensive."
"The pricing is on the expensive side, and we are paying for a couple of items."
"The tool was fairly priced."
"Depending on the usage types, one has to opt for different types of licenses from Coverity, especially to be able to use areas like report viewing or report generation."
"The price is good. Snyk had a good price compared to the competition, who had higher pricing than them. Also, their licensing and billing are clear."
"The product's price is okay."
"The pricing is reasonable."
"It's inexpensive and easy to license. It comes in standard package sizing, which is straightforward. This information is publicly found on their website."
"You can get a good deal with Snyk for pricing. It's a little expensive, but it is worth it."
"We are using the open-source version for the scans."
"Despite Snyk's coverage, scalability, reliability, and stability, it is available at a very competitive price."
"The product has good pricing."
report
Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
867,497 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
32%
Computer Software Company
14%
Financial Services Firm
6%
Government
4%
Financial Services Firm
15%
Computer Software Company
13%
Manufacturing Company
9%
Insurance Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise6
Large Enterprise31
By reviewers
Company SizeCount
Small Business20
Midsize Enterprise8
Large Enterprise21
 

Questions from the Community

How would you decide between Coverity and Sonarqube?
We researched Coverity, but in the end, we chose SonarQube. SonarQube is a tool for reviewing code quality and security. It helps to guide our development teams during code reviews by providing rem...
What do you like most about Coverity?
The solution has improved our code quality and security very well.
How does Snyk compare with SonarQube?
Snyk does a great job identifying and reducing vulnerabilities. This solution is fully automated and monitors 24/7 to find any issues reported on the internet. It will store dependencies that you a...
What do you like most about Snyk?
The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities.
What needs improvement with Snyk?
There are a lot of false positives that need to be identified and separated. The inclusion of AI to remove false positives would be beneficial. So far, I've not seen any AI features to enhance vuln...
 

Also Known As

Synopsys Static Analysis
Fugue
 

Overview

 

Sample Customers

SAP, Mega International, Thales Alenia Space
StartApp, Segment, Skyscanner, DigitalOcean, Comic Relief
Find out what your peers are saying about Coverity Static vs. Snyk and other solutions. Updated: September 2025.
867,497 professionals have used our research since 2012.