Try our new research platform with insights from 80,000+ expert users
Coverity Logo

Coverity pros and cons

Vendor: Black Duck
3.9 out of 5
350 followers
Post review

Pros & Cons summary

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Coverity effectively identifies and improves code quality by identifying real issues with a low rate of false positives.
It includes security features like interprocedural analysis and software security checkers that enhance code safety.
Integration with Jenkins and an ability to work with issue-tracking systems like Jira enhances its utility in varied development environments.
It is noted for its stability and scalability, ensuring reliable performance and adaptability to different company sizes and projects.
Coverity aids in improved staff productivity by approximately 20 percent, demonstrating substantial efficiency gains.

CONS

Coverity's reporting engine needs to be more robust, and it could improve its usability.
The setup takes a long time, and its integration with IDEs like Eclipse is desired.
The price of Coverity is an issue and could be improved, as it is considered high.
It faces challenges in automating tasks, such as looking behind submodules in code bases.
Coverity has a higher false-positive rate with some checkers, leading to wasted time on non-issues.
 

Coverity Pros review quotes

VV
Apr 26, 2024
Coverity integrates with issue-tracking systems like Jira and provides email notifications, alerts, and other features.
reviewer1428837 - PeerSpot reviewer
Sep 30, 2020
The most valuable feature is that there were not a whole lot of false positives, at least on the codebases that I looked at.
VV
Oct 12, 2021
One of the most valuable features is Contributing Events. That particular feature helps the developer understand the root cause of a defect. So you can locate the starting point of the defect and figure out exactly how it is being exploited.
Learn what your peers think about Coverity. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
817,234 professionals have used our research since 2012.
BL
Apr 3, 2024
In my opinion, the most effective Coverity feature for identifying critical vulnerabilities is the extra checks, which offers deep analysis.
Md. Shahriar Hussain - PeerSpot reviewer
May 3, 2024
The reporting feature is up to the mark.
AP
Nov 9, 2023
The interface of Coverity is quite good, and it is also easy to use.
NS
Apr 2, 2020
Coverity is quite stable and we haven’t had any issues or any downtime.
Yantao Zhao - PeerSpot reviewer
Sep 4, 2019
The features I find most valuable is that our entire company can publish the analysis results into our central space.
reviewer2218830 - PeerSpot reviewer
Jun 23, 2023
Coverity gives advisory and deviation features, which are some of the parts I liked.
Arun Dahiphale - PeerSpot reviewer
Feb 20, 2024
The solution has improved our code quality and security very well.
 

Coverity Cons review quotes

VV
Apr 26, 2024
Coverity concerns its dashboards and reporting.
reviewer1428837 - PeerSpot reviewer
Sep 30, 2020
It should be easier to specify your own validation routines and sanitation routines.
VV
Oct 12, 2021
Right now, the Coverity executable is around 1.2GB to download. If they can reduce it to approximately 600 or 700MB, that would be great. If they decrease the executable, it will be much easier to work in an environment like Docker.
Learn what your peers think about Coverity. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
817,234 professionals have used our research since 2012.
BL
Apr 3, 2024
We're currently facing a primary challenge with automation using Coverity. Each developer has a license and can perform manual checks, and we also have a nightly build that analyzes the entire software. The main issue is that the tool can't look behind submodules in our code base, so it doesn't see changes stored there.
Md. Shahriar Hussain - PeerSpot reviewer
May 3, 2024
The reporting tool integration process is sometimes slow.
AP
Nov 9, 2023
Coverity takes a lot of time to dereference null pointers.
NS
Apr 2, 2020
I would like to see integration with popular IDEs, such as Eclipse.
Yantao Zhao - PeerSpot reviewer
Sep 4, 2019
The setup takes very long.
reviewer2218830 - PeerSpot reviewer
Jun 23, 2023
SCM integration is very poor in Coverity.
Arun Dahiphale - PeerSpot reviewer
Feb 20, 2024
It would be great if we could customize the rules to focus on critical issues.