Coverity Reviews

Name: Coverity
Brand: Synopsys
Rating: 4 (36 reviews)

3.9 out of 5

36 reviews
87% willing to recommend

338 followers

What is Coverity?

Coverity gives you the speed, ease of use, accuracy, industry standards compliance, and scalability that you need to develop high-quality, secure applications. Coverity identifies critical software quality defects and security vulnerabilities in code as it’s written, early in the development process, when it’s least costly and easiest to fix. With the Code Sight integrated development environment (IDE) plugin, developers get accurate analysis in seconds in their IDE as they code. Precise actionable remediation advice and context-specific eLearning help your developers understand how to fix their prioritized issues quickly, without having to become security experts.

Get the Coverity Buyer's Guide and find out what your peers are saying about Coverity, SonarQube, Veracode and more!

Coverity is the #4 ranked solution in AST tools. PeerSpot users give Coverity an average rating of 7.8 out of 10. Coverity is most commonly compared to SonarQube: Coverity vs SonarQube. Coverity is popular among the large enterprise segment, accounting for 77% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a manufacturing company, accounting for 31% of all views.

Helped 793,295 peers since 2012

Featured reviews

Md. Shahriar Hussain

Cyber Security Chartered Engineer at Banglalink

The solution can be easily setup but requires heavy integration due to the multiple types of port and programming languages involved. Comparing the resource requirements of the solution I would say it can be installed effortlessly. I would rate the initial setup an eight out of ten. A professional needs some pre-acquired knowledge to manage Coverity's deployment process, but the local solution partners provide support well enough for trouble-free deployment. The overall deployment process of Coverity took around two and a half hours in our organization. The deployment duration depends upon the operating system and resources including high-end RAM and CPU processors.

Read full review

Arun Dahiphale

Technical Architect at Elastic Care Inc

The scan of the repository has been most effective in identifying critical vulnerabilities. The product provided visibility over security-related issues like hard coding and values getting exposed in a log. It helped us resolve difficult issues. With CI/CD integration, we could scan the incremental commits done by different developers. We were able to report them, and the developers were able to fix them. The product identifies the issues and has an informative dashboard that gives us strains of incremental issues and resolutions. It also keeps track of whether the reported issues were fixed and what the resolution was. Sometimes, we find duplicate issues. Those were very well managed from the dashboard. Our primary requirement was for compliance, and it was good. The reports were significant and looked very professional.

Read full review

Estefania Ramirez

Application Security Auditor at Softtek

We use the product only as a solution for defect code, to find more build liabilities in the code The product allows us to find vulnerabilities while testing our apps. The app analysis is the most valuable feature as I know other solutions don't have that. It's a good tool. The interface,…

Read full review

Coverity mindshare

As of July 2024, the mindshare of Coverity in the Static Application Security Testing (SAST) category stands at 8.2%, up from 6.5% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Static Application Security Testing (SAST)

Key learnings from peers

Last updated Jul 15, 2024

Valuable Features

"In my opinion, the most effective Coverity feature for identifying critical vulnerabilities is the extra checks, which offers deep analysis."
"The tool as it is can be used for code quality improvement."
"The reporting feature is up to the mark."

Room for Improvement

"We're currently facing a primary challenge with automation using Coverity. Each developer has a license and can perform manual checks, and we also have a nightly build that analyzes the entire software. The main issue is that the tool can't look behind submodules in our code base, so it doesn't see changes stored there."
"I had tried integrating the tool with Azure DevOps, but the report I got stated that my team faced many challenges."
"The reporting tool integration process is sometimes slow."

Pricing

"I would rate Coverity's pricing as a nine out of ten. It's already very expensive, and it's a problem for us to get more licenses due to the price. The pricing model has some good aspects - for example, a personal license gives access to all languages without code limitations, which is better than some competitors. However, it's still a lot of money for us to spend."
"Offers varying prices for different companies"
"The tool was fairly priced."

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Coverity Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Manufacturing Company

31%

Computer Software Company

16%

Financial Services Firm

Government

Healthcare Company

Energy/Utilities Company

University

Retailer

Educational Organization

Wholesaler/Distributor

Aerospace/Defense Firm

Transportation Company

Construction Company

Media Company

Insurance Company

Comms Service Provider

Engineering Company

Non Profit

Real Estate/Law Firm

Outsourcing Company

Legal Firm

Hospitality Company

Recreational Facilities/Services Company

Pharma/Biotech Company

Logistics Company

Performing Arts

Compare Coverity with alternative products

Learn more about Coverity

Coverity seamlessly integrates automated security testing into your CI/CD pipelines and supports your existing development tools and workflows. Choose where and how to do your development: on-premises or in the cloud with the Polaris Software Integrity Platform (SaaS), a highly scalable, cloud-based application security platform. Coverity supports more than 20 languages and 200 frameworks and templates.

Coverity was previously known as Synopsys Static Analysis.