Try our new research platform with insights from 80,000+ expert users

Coverity Static vs Snyk comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Coverity Static
Ranking in Static Application Security Testing (SAST)
5th
Average Rating
7.8
Reviews Sentiment
6.5
Number of Reviews
43
Ranking in other categories
No ranking in other categories
Snyk
Ranking in Static Application Security Testing (SAST)
8th
Average Rating
8.0
Reviews Sentiment
7.3
Number of Reviews
49
Ranking in other categories
Application Security Tools (8th), Cloud Management (14th), Container Security (6th), Software Composition Analysis (SCA) (1st), Software Development Analytics (2nd), Cloud Security Posture Management (CSPM) (16th), DevSecOps (2nd), Application Security Posture Management (ASPM) (2nd)
 

Mindshare comparison

As of October 2025, in the Static Application Security Testing (SAST) category, the mindshare of Coverity Static is 6.0%, down from 7.3% compared to the previous year. The mindshare of Snyk is 4.6%, down from 4.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Static Application Security Testing (SAST) Market Share Distribution
ProductMarket Share (%)
Coverity Static6.0%
Snyk4.6%
Other89.4%
Static Application Security Testing (SAST)
 

Featured Reviews

Jaile Sebes - PeerSpot reviewer
Resolving critical software issues demands faster implementation and better integration
We use Coverity primarily to find issues such as software bugs and memory leaks, especially in C++ and C# projects. It helps us identify deadlocks, synchronization issues, and product crashes Coverity has been instrumental in resolving product crashes by detecting various issues like deadlocks.…
meetharoon - PeerSpot reviewer
Affordable tool boosts code scanning efficiency but faces integration hurdles
I lead a code security practice for our organization. We integrated Snyk into our GitHub, using CLI to automatically scan codebases and identify issues. We are a large organization with three independent entities, consolidating Snyk across all entities.  We also provide access through numerous…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Provides software security, and helps to find potential security bugs or defects."
"Coverity is easy to set up and has a less lengthy process to find vulnerabilities."
"The solution effectively identifies bugs in code."
"The most valuable feature of Coverity is the wrapper. We use the wrapper to build the C++ component, then we use the other code analysis to analyze the code to the build object, and then send back the result to the SonarQube server. Additionally, it is a powerful capabilities solution."
"Coverity provides excellent compliance and other features, which is a very good part."
"The most valuable feature is the integration with Jenkins."
"Coverity is easy to use and easy to integrate with CI."
"It's pretty stable. I rate the stability of Coverity nine out of ten."
"I think all the standard features are quite useful when it comes to software component scanning, but I also like the new features they're coming out with, such as container scanning, secrets scanning, and static analysis with SAST."
"Snyk categorizes the level of vulnerability into high, medium, and low, which helps organizations prioritize which issues to tackle first."
"It is a stable solution. Stability-wise, I rate the solution a ten out of ten."
"Its reports are nice and provide information about the issue as well as resolution. They also provide a proper fix. If there's an issue, they provide information in detail about how to remediate that issue."
"Snyk has given us really good results because it is fully automated. We don't have to scan projects every time to find vulnerabilities, as it already stores the dependencies that we are using. It monitors 24/7 to find out if there are any issues that have been reported out on the Internet."
"It is easy for developers to use. The documentation is clear as well as the APIs are good and easily readable. It's a good solution overall."
"We're loving some of the Kubernetes integration as well. That's really quite cool. It's still in the early days of our use of it, but it looks really exciting. In the Kubernetes world, it's very good at reporting on the areas around the configuration of your platform, rather than the things that you've pulled in. There's some good advice there that allows you to prioritize whether something is important or just worrying. That's very helpful."
"Snyk allows for scaling across large organizations, accommodating tens of thousands of applications and over 60,000 repositories, making it suitable for wide-scale deployment."
 

Cons

"We actually specified several checkers, but we found some checkers had a higher false positive rate. I think this is a problem. Because we have to waste some time is really the issue because the issue is not an issue. I mean, the tool pauses or an issue, but the same issue is the filter now.Some check checkers cannot find some issues, but sometimes they find issues that are not relevant, right, that are not really issues. Some customisation mechanism can be added in the next release so that we can define our Checker. The Modelling feature provided by Coverity helps in finding more information for potential issues but it is not mature enough, it should be mature. The fast testing feature for security testing campaign can be added as well. So if you correctly integrate it with the training team, maybe you can help us to find more potential issues."
"Coverity concerns its dashboards and reporting."
"Ideally, it would have a user-based license that does not have a restriction in the number of lines of code."
"Its price can be improved. Price is always an issue with Synopsys."
"The product lacks sufficient customization options."
"Sometimes, vulnerabilities remain unidentified even after setting up the rules."
"The product could be enhanced by providing video troubleshooting guides, making issue resolution more accessible. Troubleshooting without visual guides can be time-consuming."
"The level of vulnerability that this solution covers could be improved compared to other open source tools."
"Compatibility with other products would be great."
"DAST has shortcomings, and Snyk needs to improve and overcome such shortcomings."
"The way Snyk notifies if we have an issue, there are a few options: High vulnerability or medium vulnerability. The problem with that is high vulnerabilities are too broad, because there are too many. If you enable notifications, you get a lot of notifications, When you get many notifications, they become irrelevant because they're not specific. I would prefer to have control over the notifications and somehow decide if I want to get only exploitable vulnerabilities or get a specific score for a vulnerability. Right now, we receive too many high vulnerabilities. If we enable notifications, then we just get a lot of spam message. Therefore, we would like some type of filtering system to be built-in for the system to be more precise."
"It would be helpful if we get a recommendation while doing the scan about the necessary things we need to implement after identifying the vulnerabilities."
"They need to improve the Snyk plugins and make it easier to make your optimizations based on your own needs or features."
"The tool needs improvement in license compliance. I would like to see the integration of better policy management in the product's future release. When it comes to the organization that I work for, there are a lot of business units since we are a group of companies. Each of these companies has its specific requirements and its own appetite for risk. This should be able to reflect in flexible policies. We need to be able to configure policies that can be adjusted later or overridden by the business unit that is using the product."
"Snyk's API and UI features could work better in terms of speed."
"It would be ideal if there was customization with a focus on specific cybersecurity areas or capabilities."
 

Pricing and Cost Advice

"I would rate Coverity's pricing as a nine out of ten. It's already very expensive, and it's a problem for us to get more licenses due to the price. The pricing model has some good aspects - for example, a personal license gives access to all languages without code limitations, which is better than some competitors. However, it's still a lot of money for us to spend."
"Offers varying prices for different companies"
"I rate Coverity's price a ten on a scale of one to ten, where one is cheap and ten is expensive."
"I would rate the pricing a six out of ten, where one is low, and ten is high price."
"The price is competitive with other solutions."
"Coverity is quite expensive."
"The licensing fees are based on the number of lines of code."
"Depending on the usage types, one has to opt for different types of licenses from Coverity, especially to be able to use areas like report viewing or report generation."
"For what Snyk offers, it has the best cost-benefit I have ever seen because you're buying the license per user."
"You can get a good deal with Snyk for pricing. It's a little expensive, but it is worth it."
"Pricing-wise, it is not expensive as compared to other tools. If you have a couple of licenses, you can scan a certain number of projects. It just needs to be attached to them."
"I would rate the pricing of Snyk at two. I'm currently using the free version, which the company offers before buying the full version. So, the price is affordable, especially for an enterprise."
"Cost-wise, it's similar to Veracode, but I don't know the exact cost."
"The pricing is reasonable."
"Presently, my company uses an open-source version of the solution. The solution's pricing can be considered quite reasonable owing to the features they offer."
"The license model is based on the number of contributing developers. Snyk is expensive, for a startup company will most likely use the community edition, while larger companies will buy the licensed version. The price of Snyk is more than other SLA tools."
report
Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
869,513 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
32%
Computer Software Company
13%
Financial Services Firm
6%
Healthcare Company
4%
Financial Services Firm
15%
Computer Software Company
12%
Manufacturing Company
9%
Insurance Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise6
Large Enterprise31
By reviewers
Company SizeCount
Small Business20
Midsize Enterprise9
Large Enterprise21
 

Questions from the Community

How would you decide between Coverity and Sonarqube?
We researched Coverity, but in the end, we chose SonarQube. SonarQube is a tool for reviewing code quality and security. It helps to guide our development teams during code reviews by providing rem...
What do you like most about Coverity?
The solution has improved our code quality and security very well.
How does Snyk compare with SonarQube?
Snyk does a great job identifying and reducing vulnerabilities. This solution is fully automated and monitors 24/7 to find any issues reported on the internet. It will store dependencies that you a...
What do you like most about Snyk?
The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities.
What needs improvement with Snyk?
There are a lot of false positives that need to be identified and separated. The inclusion of AI to remove false positives would be beneficial. So far, I've not seen any AI features to enhance vuln...
 

Also Known As

Synopsys Static Analysis
Fugue, Snyk AppRisk
 

Overview

 

Sample Customers

SAP, Mega International, Thales Alenia Space
StartApp, Segment, Skyscanner, DigitalOcean, Comic Relief
Find out what your peers are saying about Coverity Static vs. Snyk and other solutions. Updated: September 2025.
869,513 professionals have used our research since 2012.