Coverity gives you the speed, ease of use, accuracy, industry standards compliance, and scalability that you need to develop high-quality, secure applications. Coverity identifies critical software quality defects and security vulnerabilities in code as it’s written, early in the development process, when it’s least costly and easiest to fix. With the Code Sight integrated development environment (IDE) plugin, developers get accurate analysis in seconds in their IDE as they code. Precise actionable remediation advice and context-specific eLearning help your developers understand how to fix their prioritized issues quickly, without having to become security experts.
Get the Coverity Buyer's Guide and find out what your peers are saying about Coverity, SonarQube, Veracode and more!
Coverity is the #4 ranked solution in AST tools. PeerSpot users give Coverity an average rating of 7.8 out of 10. Coverity is most commonly compared to SonarQube:
Coverity vs SonarQube. Coverity is popular among the large enterprise segment,
accounting for 76% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a
manufacturing company, accounting for 27% of all views.
The scan of the repository has been most effective in identifying critical vulnerabilities. The product provided visibility over security-related issues like hard coding and values getting exposed in a log. It helped us resolve difficult issues. With CI/CD integration, we could scan the incremental commits done by different developers. We were able to report them, and the developers were able to fix them. The product identifies the issues and has an informative dashboard that gives us strains of incremental issues and resolutions. It also keeps track of whether the reported issues were fixed and what the resolution was. Sometimes, we find duplicate issues. Those were very well managed from the dashboard. Our primary requirement was for compliance, and it was good. The reports were significant and looked very professional.
We use the product only as a solution for defect code, to find more build liabilities in the code
The product allows us to find vulnerabilities while testing our apps.
The app analysis is the most valuable feature as I know other solutions don't have that. It's a good tool. The interface,…
We use Coverity to help with code security and code vulnerability
The most valuable feature of Coverity is that it shows examples of what is actually wrong with the code.
We use GitHub and Gitflow, and Coverity does not fit with Gitflow. I have to create a screen for our branches, and it's a…
Coverity seamlessly integrates automated security testing into your CI/CD pipelines and supports your existing development tools and workflows. Choose where and how to do your development: on-premises or in the cloud with the Polaris Software Integrity Platform (SaaS), a highly scalable, cloud-based application security platform. Coverity supports 22 languages and over 70 frameworks and templates.
Coverity was previously known as Synopsys Static Analysis.