We performed a comparison between Coverity and Mend.io based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product is easy to use."
"The most valuable feature of Coverity is the wrapper. We use the wrapper to build the C++ component, then we use the other code analysis to analyze the code to the build object, and then send back the result to the SonarQube server. Additionally, it is a powerful capabilities solution."
"The interface of Coverity is quite good, and it is also easy to use."
"The product has been beneficial in logging functionality, allowing me to categorize vulnerabilities based on severity. This aids in providing updated reports on subsequent scans."
"We were very comfortable with the initial setup."
"It is a scalable solution."
"I like Coverity's capability to scan codes once we push it. We don't need more time to review our colleagues' codes. Its UI is pretty straightforward."
"The security analysis features are the most valuable features of this solution."
"The solution boasts a broad range of features and covers much of what an ideal SCA tool should."
"I am the organizational deployment administrator for this tool, and I, along with other users in our company, especially the security team, appreciate the solution for several reasons. The UI is excellent, and scanning for security threats fits well into our workflow."
"Mend has reduced our open-source software vulnerabilities and helped us remediate issues quickly. My company's policy is to ensure that vulnerabilities are fixed before it gets to production."
"The vulnerability analysis is the best aspect of the solution."
"The most valuable feature is the inventory, where it compiles a list of all of the third-party libraries that we have on our estate."
"Our dev team uses the fix suggestions feature to quickly find the best path for remediation."
"The dashboard view and the management view are most valuable."
"We set the solution up and enabled it and we had everything running pretty quickly."
"The quality of the code needs improvement."
"The solution's user interface and quality gate could be improved."
"The tool needs to improve its reporting."
"I would like to see integration with popular IDEs, such as Eclipse."
"The product lacks sufficient customization options."
"The setup takes very long."
"Coverity could improve the ease of use. Sometimes things become difficult and you need to follow the guides from the website but the guides could be better."
"The solution is a bit complex to use in comparison to other products that have many plugins."
"WhiteSource needs improvement in the scanning of the containers and images with distinguishing the layers."
"WhiteSource Prioritize should be expanded to cover more than Java and JavaScript."
"The turnaround time for upgrading databases for this tool as well as the accuracy could be improved."
"We have been looking at how we could improve the automation to human involvement ratio from 60:40 to 70:30, or even potentially 80:20, as there is room for improvement here. We are discussing this internally and with Mend; they are very accommodating to us. We think they openly receive our feedback and do their best to implement our thoughts into the roadmap."
"I rated the solution an eight out of ten because WhiteSource hasn't built in a couple of features that we would have loved to use and they say they're on their roadmap. I'm hoping that they'll be able to build and deliver in 2022."
"If anything, I would spend more time making this more user-friendly, better documenting the CLI, and adding more examples to help expand the current documentation."
"It should support multiple SBOM formats to be able to integrate with old industry standards."
"Make the product available in a very stable way for other web browsers."
Coverity is ranked 4th in Application Security Testing (AST) with 33 reviews while Mend.io is ranked 4th in Software Composition Analysis (SCA) with 29 reviews. Coverity is rated 7.8, while Mend.io is rated 8.4. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of Mend.io writes "Easy to use, great for finding vulnerabilities, and simple to set up". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand and Checkmarx One, whereas Mend.io is most compared with SonarQube, Black Duck, Snyk, Checkmarx One and GitLab. See our Coverity vs. Mend.io report.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.